Will A. Rodger [EMAIL PROTECTED] writes:
That would be a wise move. That would continue for about three weeks, and
then we'd see a bill out of Congress demanding that ISPs retain identity
for, oh, maybe seven years?
The population can be rather easily bought to do this, coercion
won't
On Sat, 25 Jan 2003, Sampo Syreeni wrote:
Sure. But trying those combinations out can be automated -- I don't think
the kind of automatic lock pickers one sees in current action movies are
*entirely* fictional.
There are several types of devices that can convince a keylock
to open. One of
At 09:54 PM 1/25/2003 +1300, Peter Gutmann wrote:
William Allen Simpson [EMAIL PROTECTED] writes:
But there is a strong economic rationale. We save untold operational
expense, support costs, and legal fees. (The legal cost of complying with
that single interstate subpoena cost us an entire
I find it odd that there has been so little comment on TWIRL. One
would think that the crushing of 512 bit RSA keys and a strong
demonstration of the weakness of 1024 bit RSA keys would have provoked
some comment on the list.
Any comments on why no one commented?
--
Perry E. Metzger
Matt Blaze wrote:
Once I understood the basics, I quickly discovered, or more accurately
re-discovered, a simple and practical rights amplification (or
privilege escalation) attack to which most master-keyed locks are
vulnerable.
http://www.crypto.com/masterkey.html
Matt, is
Matt Blaze wrote:
Once I understood the basics, I quickly discovered, or more accurately
re-discovered, a simple and practical rights amplification (or
privilege escalation) attack to which most master-keyed locks are
vulnerable.
http://www.crypto.com/masterkey.html
Matt, is there some
On Sun, Jan 26, 2003 at 07:29:08PM -0500, Perry E. Metzger wrote:
I find it odd that there has been so little comment on TWIRL. One
would think that the crushing of 512 bit RSA keys and a strong
demonstration of the weakness of 1024 bit RSA keys would have provoked
some comment on the list.
On Sat, 25 Jan 2003, Pete Chown wrote:
Date: Sat, 25 Jan 2003 11:53:23 +
From: Pete Chown [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)
Len Sassaman wrote:
Most of the time, the lock is not the weakest point of
With all due respect to the commentator and the tremendous amount that
he has contributed to the community, I had to go eat a pint of ice cream
and cool down, I was so incensed after reading his comments. Here's my
attempt at a rational reply:
John Young wrote:
It will be more expensive to
On Sun, 26 Jan 2003, Matt Blaze wrote:
The tragic part is that there are alternatives. There are several
lock designs that turn out to resist this threat, including master
rings and bicentric locks. While these designs aren't perfect, they
I think it is worth pointing out that, while master
You are coming at this from a software/computer mindset that just isn't
applicable to this sort of physical world security.
Matt's paper was about _locks_.
In case you have forgotten, the title was Cryptology and Physical Security:
Rights Amplification in Master-Keyed Mechanical Locks.
To
Here's a little story: this week I learned that one of our valuable
security doctoral candidates doesn't vote, and doesn't want to learn
about or discuss politics and the political implications of what she does.
Sounds very sensible to me.
Leave the voting to those who care.
One of my
12 matches
Mail list logo
