Re: A History of U.S. Communications Security

2009-01-02 Thread Marcus Brinkmann
Pehr Söderman wrote: Freshly declassified and a rather interesting read: A History of U.S. Communications Security (Volumes I and II, 1973) David G. Boak Lectures, National Security Agency (NSA) http://www.governmentattic.org/2docs/Hist_US_COMSEC_Boak_NSA_1973.pdf (From Bruce

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

2009-01-17 Thread Marcus Brinkmann
Weger, B.M.M. de wrote: In my view, the main lesson that the information security community, and in particular its intersection with the application building community, has to learn from the recent MD5 and SHA-1 history, is that strategies for dealing with broken crypto need rethinking. On

Re: X.509 certificate overview + status

2009-03-02 Thread Marcus Brinkmann
Travis wrote: Recently I set up certificates for my server's SSL, SMTP, IMAP, XMPP, and OpenVPN services. Actually, I created my own CA for some of the certificates, and in other cases I used self-signed. It took me substantially more time than I had anticipated, and I'm left with feelings

Re: Judge orders defendant to decrypt PGP-protected laptop

2009-03-04 Thread Marcus Brinkmann
Adam Fields wrote: On Tue, Mar 03, 2009 at 12:26:32PM -0500, Perry E. Metzger wrote: Quoting: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious

Re: Unexpected side-effects

2009-09-30 Thread Marcus Brinkmann
Jerry Leichter wrote: Well, here I'll expect one. :-) Not a new idea, although I don't know where I heard it the first time. As there is increasing pressure to keep records of Internet use, there will be a counter-move to use VPN's which promise to keep no records. Which will lead to legal

Re: Security of Mac Keychain, File Vault

2009-10-26 Thread Marcus Brinkmann
Jerry Leichter wrote: The article at http://www.net-security.org/article.php?id=1322 claims that both are easily broken. I haven't been able to find any public analyses of Keychain, even though the software is open-source so it's relatively easy to check. I ran across an analysis of File