Re: fyi: Storm Worm botnet numbers, via Microsoft

2007-10-18 Thread ' =JeffH '
to believe that there's folks working hard on this given the down-the-road risks, and are just keeping the info close to their collective chest. =JeffH [0] http://blogs.technet.com/antimalware/archive/2007/09/20/storm-drain.aspx [1] http://www.secureworks.com/media/press_releases/20070802-botstorm

Re: fyi: Storm Worm botnet numbers, via Microsoft

2007-10-23 Thread ' =JeffH '
. To the best of my knowledge, it will be the first publicly released estimates of the size of the network with actual supporting data and evidence. are your slides now available? =JeffH - The Cryptography Mailing List

fyi: Report on Workshop on Next Steps for XML Signature and XML Encryption

2007-10-25 Thread ' =JeffH '
/~pgut001/pubs/xmlsec.txt. As the report described below indicates, there's an effort emerging to charter a W3C working group to rev the xmldsig spec, which might be of interest to various folk. =JeffH Original Message Subject: Report on Workshop on Next Steps for XML Signature

fyi: Colossus in action

2007-11-15 Thread ' =JeffH '
BP being Bletchley Park of course. http://www.bletchleypark.org.uk/ =JeffH From: David Hansen [EMAIL PROTECTED] Subject: Colossus in action To: [EMAIL PROTECTED] Organization: Spidacom Limited Just in case anyone is as ill informed as me, I was delighted to read at http://news.bbc.co.uk/1/hi

Ross Anderson: Searching For Evil

2007-11-21 Thread ' =JeffH '
Of possible interest... =JeffH Ross Anderson: Searching For Evil http://youtube.com/watch?v=7WlHhZUayUw Google Tech Talks August 23, 2007 ABSTRACT Computer security has recently imported a lot of ideas from economics, psychology and sociology, leading to fresh insights and new tools. I

2008: The year of hack the vote?

2007-12-24 Thread ' =JeffH '
2008: The year of hack the vote? http://blogs.zdnet.com/security/?p=753 December 17th, 2007 Posted by Larry Dignan @ 2:12 am The state of Ohio has released a comprehensive study of voting machine security and the report will have you longing for paper. A 334-page PDF report

Storm, Nugache lead dangerous new botnet barrage

2007-12-29 Thread ' =JeffH '
Storm, Nugache lead dangerous new botnet barrage By Dennis Fisher, Executive Editor 19 Dec 2007 | SearchSecurity.com http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1286808 ,00.html?track=NL-358ad=614777asrc=EM_NLN_2785475uid=1408222 In early 2006, Dave Dittrich, a senior

Re: Foibles of user security questions

2008-01-14 Thread ' =JeffH '
of possible relevance... Mike Just. Designing and Evaluating Challenge-Question Systems. IEEE SECURITY PRIVACY, 1540-7993/04, SEPTEMBER/OCTOBER 2004. =JeffH - The Cryptography Mailing List Unsubscribe by sending

fyi: independent contactless card e-money scheme called sQuid (UK)

2008-01-28 Thread ' =JeffH '
independent contactless card e-money scheme called sQuid (UK) squidcard.com From:Peter Tomlinson [EMAIL PROTECTED] Subject: Re: Fwd: ID Stronghold To: [EMAIL PROTECTED] Date:Mon, 28 Jan 2008 16:02:51 + Roland Perry wrote: In article [EMAIL PROTECTED], Peter Tomlinson [EMAIL

questions on RFC2631 and DH key agreement

2008-02-01 Thread ' =JeffH '
} (group parameter validation), is there any reason to send q ? thanks, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: questions on RFC2631 and DH key agreement

2008-02-02 Thread ' =JeffH '
Oh, yeah, sorry, your diagram (or whoever drew it) does in fact answer my second question wrt what one needs to send over the wire wrt a simplistic DH profile. Just g, p, and a public key (y). thanks again, =JeffH

Re: questions on RFC2631 and DH key agreement

2008-02-03 Thread ' =JeffH '
again, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: questions on RFC2631 and DH key agreement

2008-02-06 Thread ' =JeffH '
Ok thanks, I'm going to risk pedanticism in order to nail things down a bit more rigorously.. ' =JeffH ' [EMAIL PROTECTED] writes: [EMAIL PROTECTED] said: http://www.xml-dev.com/blog/index.php?action=viewtopicid=196 thanks, but that doesn't actually answer my first question. It only documents

Re: questions on RFC2631 and DH key agreement

2008-02-06 Thread ' =JeffH '
said private key from time to time? thanks again, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: questions on RFC2631 and DH key agreement

2008-02-06 Thread ' =JeffH '
not change, then there is no additional leakage of the private key beyond what Eve can compute anyway. ok, gotcha. thanks again, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: questions on RFC2631 and DH key agreement

2008-02-06 Thread ' =JeffH '
4B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F0 5BDFF16F2FB22C583AB =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: questions on RFC2631 and DH key agreement

2008-02-09 Thread ' =JeffH '
again, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: questions on RFC2631 and DH key agreement

2008-02-09 Thread ' =JeffH '
compliance-wise, but that's a different issue] thanks, =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

fyi: Encrypted laptop poses legal dilemma

2008-02-09 Thread ' =JeffH '
From:[EMAIL PROTECTED] (Dewayne Hendricks) Subject: [Dewayne-Net] Encrypted laptop poses legal dilemma To: Dewayne-Net Technology List [EMAIL PROTECTED] Date:Thu, 07 Feb 2008 15:38:22 -0800 [Note: This item comes from reader Randall. DLH] From: Randall [EMAIL PROTECTED] Date:

Re: questions on RFC2631 and DH key agreement

2008-02-09 Thread ' =JeffH '
are looking at. agreed, thanks again. =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

wrt Cold Boot Attacks on Disk Encryption

2008-02-21 Thread ' =JeffH '
From:David Farber [EMAIL PROTECTED] Subject: [IP] Cold Boot Attacks on Disk Encryption -- report on To: ip [EMAIL PROTECTED] Date:Thu, 21 Feb 2008 16:25:43 -0500 Begin forwarded message: From: Declan McCullagh [EMAIL PROTECTED] Date: February 21, 2008 3:57:43 PM EST To: [EMAIL

fyi: Traitor Tracing for Anonymous Attack in AACS Content Protection

2008-06-03 Thread ' =JeffH '
From:Adam Barth [EMAIL PROTECTED] Subject: TOMORROW 3 Jun - Hongxia Jin - Traitor Tracing for Anonymous Attack in AACS Content Protection To: [EMAIL PROTECTED] Date:Mon, 02 Jun 2008 18:48:48 -0700 Title: Traitor Tracing for Anonymous Attack in AACS Content Protection

fyi: Researchers Hack Biometric Faces

2009-02-20 Thread ' =JeffH '
apropos to the biometrics essay in the Jan 2009 crypto-gram: Researchers Hack Biometric Faces slashdot.org/palm/18/09/02/17/216216_1.shtml from the face-off dept. posted by kdawson on 2009-02-18 01:35:00 yahoi sends in news from a week or so back: Vietnamese researchers have cracked the

fyi: Accelerating computation with FPGAs

2009-05-07 Thread =JeffH
of possible (topical) interest... Stanford EE Computer Systems Colloquium 4:15PM, Wednesday, May 13, 2009 HP Auditorium, Gates Computer Science Building B01 http://ee380.stanford.edu[1] Topic:Accelerating computation with FPGAs

TLS/SSL Survey (Ristic/Qualsys) (was: Re: A mighty fortress is our PKI)

2010-08-04 Thread =JeffH
Internet SSL Survey 2010 is here! (blog post) http://blog.ivanristic.com/2010/07/internet-ssl-survey-2010-is-here.html Actual report: Qualys Internet SSL Survey 2010 v1.6 (PDF, 3.2 MB) http://blog.ivanristic.com/Qualys_SSL_Labs-State_of_SSL_2010-v1.6.pdf =JeffH

Re: towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)

2010-08-25 Thread =JeffH
-tls-snapstart Note that the motivation for draft-agl-tls-nextprotoneg is so-called websockets, which are being worked on in the IETF HYBI (hypertext bidirectional) WG http://datatracker.ietf.org/wg/hybi/ =JeffH

Overclocking TLS/SSL (was: towards https everywhere and strict transport security)

2010-08-26 Thread =JeffH
appear to have (yet) the experimental results you're curious about. =JeffH - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com

Wrong Direction on Privacy - using NSLs to obtain communication transactional information

2010-09-30 Thread =JeffH
another facet of The Administration's We Hear You efforts.. Wrong Direction on Privacy Susan Landau 2-Aug-2010 http://www.huffingtonpost.com/susan-landau/wrong-direction-on-privac_b_666915.html The White House wants to make it easier for the FBI to get at your email and web browsing records;