I wonder if the DMCA (why do those initials bring to mind a song by
The Village People?) isn't invoking Gresham's Law? Gresham's Law says
bad money drives out good, but it only applies when there is a legal
tender law. Such a law requires that all money be treated equally --
as legal tender for
I listened to yet another talk on computer security, which
incorporated security. It got me to thinking two things:
o Pseudo-random implies pseudo security.
If you're re-keying by running the old key through a pseudo-random
function without adding any new entropy, then you're not re-keying at
(everybody is on the mailing list; why all the CC's?)
Adam Back writes:
Will it be enough -- we don't know yet, but if widely deployed it
would make spammers adapt. We just don't yet know how they will
adapt.
Cryptography is not about math; it's not about secrets; it's not about
security.
Steven M. Bellovin writes:
That's not new, either. I believe it was Tony Hoare who likened this
to sailors doing shore drills with life preservers, but leaving them
home when they went to sea. I think he said that in the 1970s; he said
this in his Turing Award lecture:
The
Perry E. Metzger writes:
Anyone have a good phrase in mind that has the right sort of flavor
for describing this sort of thing?
Well, I've always said that crypto without a threat model is like
cookies without the milk.
--
--My blog is at blog.russnelson.com | In a democracy the
Salz, Rich writes:
I would say this puts you in the sub 1% of the populace. Most
people want to do things online because it is much easier and gets
rid of paper. Those are the systems we need to secure. Perhaps
another way to look at it: how can we make out-of-band verification
