Am Donnerstag 29 Juli 2010, 21:47:01 schrieb Richard Salz:
> At shutdown, a process copies /dev/random to /var/random-seed which is
> used on reboots.
> Is this a good, bad, or "shrug, whatever" idea?
> I suppose the idea is that "all startup procs look the same" ?
Indeed. The boot process of a ma
On Jul 29, 2010, at 22:23, Anne & Lynn Wheeler wrote:
> On 07/28/2010 10:34 PM, d...@geer.org wrote:
>> The design goal for any security system is that the number of
>> failures is small but non-zero, i.e., N>0. If the number of
>> failures is zero, there is no way to disambiguate good luck
>> f
Paul Tiemann writes:
>What if... Firefox (or other) could introduce a big new feature (safety
>controls) and ask you up front: "Do you want to be safer on the internet?"
The problem is that neither the browser vendor nor the users will see it like
this. For the user its:
"Do you want to have
Perry,
The administration wants to add just four words -- "electronic
communication transactional records" -- to a list of items that the
law says the FBI may demand without a judge's approval. Government
Would that really make that much of a difference? In Germany,
at least, the so-call
Bill Stewart wrote:
Sent: Thursday, October 30, 2008 7:30 AM
To: Cryptography List
Subject: Re: the skein hash function
> So if Skein becomes popular, ASIC accelerator hardware
> may be practical for higher-speed applications.
I see another strong point for Skein:
Deterministically generated a
Steven Bellovin writes:
>When I look at this, though, little of the problem is inherent to PKI.
>Rather, there are faulty communications paths.
"Oh no my Lord, I assure you that parts of it are excellent!" :-).
>[...] how should the CA or Realtek know about the problem? [...]
That was the whol
On Fri, 30 Jul 2010 09:38:44 +0200 Stefan Kelm wrote:
> Perry,
>
> > The administration wants to add just four words -- "electronic
> > communication transactional records" -- to a list of items that
> > the law says the FBI may demand without a judge's approval.
> > Government
>
> Would tha
On 07/28/2010 11:52 PM, Pat Farrell wrote:
A lot of the smart card development in the mid-90s and beyond was based
on the idea that the smart card, in itself, was the sole authorization
token/algorithm/implementation.
some ssl, payment, smartcard trivia ...
those smartcards were used for the o
On Jul 30, 2010, at 3:58 08PM, Perry E. Metzger wrote:
> On Fri, 30 Jul 2010 09:38:44 +0200 Stefan Kelm wrote:
>> Perry,
>>
>>> The administration wants to add just four words -- "electronic
>>> communication transactional records" -- to a list of items that
>>> the law says the FBI may deman