John Gilmore writes:
And, besides identifying what cities they're doing this in, we should
also start examining a collection of these boarding passes, looking
for the encrypted let me through without searching me information.
Or the Don't let me fly information. Then we can evaluate how
John Ioannidis writes:
(they [TSA] still picked up random people without the search
string on their boarding passess).
HHH! If this list was to have a subtitle it would be
Practical uses of randomness. Surely they're rolling dice, or
cutting a well-shuffled deck, or
[ quoted from the qmail mailing list. -russ ]
For those of you wondering when qmail is going to start protecting mail
messages against eavesdropping and forgery: I'll be in San Francisco
Friday morning in front of Judge Patel arguing that the remaining crypto
regulations are unconstitutional.
Adam Back writes:
So there are practical limits stemming from realities to do with code
complexity being inversely proportional to auditability and security,
but the extra ring -1, remote attestation, sealing and integrity
metrics really do offer some security advantages over the current
Jim Choate writes:
On Mon, 5 Aug 2002, Russell Nelson wrote:
AARG!Anonymous writes:
So don't read too much into the fact that a bunch of anonymous postings
have suddenly started appearing from one particular remailer. For your
information, I have sent over 400 anonymous
AARG!Anonymous writes:
I'd like the Palladium/TCPA critics to offer an alternative proposal
for achieving the following technical goal:
Allow computers separated on the internet to cooperate and share data
and computations such that no one can get access to the data outside
the
Dan Bernstein has a response to the June 2002
Lenstra-Shamir-Tomlinson-Tromer paper (and similarly, Bruce Schneier's
comments) about his research into the cost of circuits for integer
factorization.
http://cr.yp.to/nfscircuit.html
--
-russ nelson http://russnelson.com | New
Derek Atkins writes:
Russell Nelson [EMAIL PROTECTED] writes:
The union of the two sets of cryptography users and paranoid
people is necessarily non-empty. Who would bother to use
cryptography sans a threat model? And if you've got a non-empty
threat model, then by definition
Dan Geer writes:
The union of the two sets of cryptography users and paranoid
people is necessarily non-empty. Who would bother to use
cryptography sans a threat model? And if you've got a non-empty
threat model, then by definition you're paranoid.
Uh, I don't have
Lucky Green writes:
On Sat, 9 Feb 2002, Russell Nelson wrote:
I think the only worthwhile way forward is to create a
cryptographic email standard de novo, which is free of export,
trademark, and patent problems.
I believe such a standard already exists. It is called S/MIME. Best
Werner Koch writes:
Things would get much better if a PGP 2 version with support for CAST5
would get more into use. [ etc. ]
I know that you're working hard, Werner, but I believe that the recent
few years have destroyed the PGP brandname. I think the only
worthwhile way forward is to
Andrew Odlyzko writes:
1. Cryptography does not fit human life styles easily.
2. Novel technologies take a long time to diffuse through society.
to which I would add:
3. Cryptography, and therefore PKI, is meaningless unless you first
define a threat model. In all the messages with this
This is the goofiest spam I've ever gotten. How many bits are
contained in the message below the % signs? Could be quite a few,
depending on your dictionary of nouns, verb, adjectives, and adverbs.
Sure looks like a message to me. As far as I know, I'm not expecting
any steganographic messages
13 matches
Mail list logo