On Oct 19, 2005, at 10:29 AM, Perry E. Metzger wrote:
The Cisco VPN Client uses weak encryption to store user and group
passwords in your local profile file. I coded a little tool to
reveal the saved passwords from a given
...okay, not so much surprise.
Scientists said Diebold appeared to have opened the hole by making
easy as possible to upgrade the software inside its machines. The
said Iowa's Jones, is a violation of federal voting system rules.
All of us who have heard the
On Apr 29, 2007, at 11:47 AM, Perry E. Metzger wrote:
Slightly off topic, but not deeply. Many of you are familiar with
John Young's Cryptome web site. Apparently NTT/Verio has suddenly
(after many years) decided that Cryptome violates the ISP's AUP,
though they haven't made it particularly
On Feb 11, 2008, at 8:28 AM, Philipp Gühring wrote:
I had the feeling that Microsoft wants to abandon the usage of client
certificates completely, and move the people to CardSpace instead.
But how do you sign your emails with CardSpace? CardSpace only does
realtime authentication part of
On Mar 17, 2008, at 10:06 AM, Leichter, Jerry wrote:
| So at the company I work for, most of the internal systems have
| expired SSL certs, or self-signed certs. Obviously this is bad.
| You only think this is bad because you believe CAs add some value.
| Presumably the value they add
On Jul 7, 2008, at 10:54 AM, Ali, Saqib wrote:
Quoting the Foxbusiness article:
PermanentPrivacy announces the world's first practical data
encryption system that is absolutely unbreakable. And is offering a
$1,000,000 challenge to anyone who can crack it.
Permanent Privacy (patent pending)
This is getting a bit far afield from cryptography, but proper threat
analysis is still relevant.
On May 27, 2009, at 4:07 AM, Ray Dillinger wrote:
On Tue, 2009-05-26 at 18:49 -0700, John Gilmore wrote:
It's a little hard to help without knowing more about the situation.
I.e. is this a
On Nov 9, 2009, at 9:25 AM, mhey...@gmail.com mhey...@gmail.com
Unlock your door with a secret knock.
Prior to watching the video I said to myself, Great, now I can break
into most of the homes on my block with 'Shave and a
On Jul 22, 2010, at 8:59 PM, John Gilmore wrote:
It's pretty outrageous that anyone would try to patent rolling barcoded
dice to generate random numbers.
I've been generating random strings from dice for years. I find that
gamers' 20-sided dice are great; each roll gives you a hex digit,
...In his presentation at the Black Hat Conference, German GSM expert Karsten
Nohl presented a tool he calls Kraken, which he claims can crack the A5/1
encryption used for cell phone calls within seconds.
On Sep 6, 2013, at 10:03 AM, Perry E. Metzger pe...@piermont.com wrote:
Naively, one could take a picture of the dice and OCR it. However,
one doesn't actually need to OCR the dice -- simply hashing the
pixels from the image will have at least as much entropy if the
position of the dice is
Mail list logo