On Wed, Jun 25, 2003 at 12:02:39PM +0100, Pete Chown wrote:
> On the other hand, once a back door is installed in binary-only
> software, it is much less likely to be found. The Interbase back door
> was only found when the source was opened.
I doubt the truth of this statement. Certainly, the
On Mon, Apr 12, 2004 at 06:00:26PM -0700, Joseph Ashwood wrote:
> > From: Nicko van Someren <[EMAIL PROTECTED]>
> >
> > It's not clear to me that you need all this complexity. All you need
> > if to arrange that the attacker does not know exactly what will be
> > signed until it has been signed.
On Wed, Dec 22, 2004 at 07:43:13PM +0100, Florian Weimer wrote:
> * Victor Duchovni:
> >> The Debian folks have recently stumbled upon a problem in this area:
> >> Generating the ephemeral DH parameters is expensive, in terms of CPU
> >> cycles, but especailly in PRNG entropy. The PRNG part means
>From Bruce Schneier's weblog:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
# SHA-1 has been broken. Not a reduced-round version. Not a simplified
# version. The real thing.
#
# The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly
# from Shandong University i
