aphers, and outside consultants.
It looks like there is at least one interesting sociological attack on it.
Cheers - Bill
-
Bill Frantz | Microsoft Outlook, the | Periwinkle -- Consulting
(408)356-8506
it difficult to recognize that the
attack is taking place.
Cheers - Bill
-----
Bill Frantz | The principle effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL
opment group must
immediately take steps to establish the reputation of a new key. There
might be an interesting scramble between the development group, and other
group(s) wishing to obtain the reputation of the development group.
Cheers - Bill
------
The .sig says it all.
-
Bill Frantz | The principle effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair use. | Los Gatos
-
So the honorable gentlemen are proposing unilateral crypto disarmament? Or
perhaps a world where many governments can read the business plans and
strategies of US companies? Or perhaps a world where the terrorists
themselves can read the travel plans of
combining
algorithms.)
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, USA
tate by exhaustive search. (I would say 80+
bits would be enough.)
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood A
:
http://world.std.com/~cme/draft-paajarvi-xml-spki-cert-00.txt
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAI
viruses from
>entering a firm. --Perry]
Or in other words, the first requirement for perimeter security is a perimeter.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506
At 3:31 PM -0700 9/24/01, Steven M. Bellovin wrote:
>In message <v03110706b7d555f61a45@[165.247.220.34]>, Bill Frantz writes:
>>At 10:11 AM -0700 9/24/01, [EMAIL PROTECTED] wrote:
>>>as mentioned in the various previous references ... what is at risk ...
>>&g
ecurity by contract with the merchant.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair us
of them is that a virus can spread like wildfire in
a monoculture. Diversity is good for both kinds of systems.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506
media. It is too easy to
collect several copies and find the watermark with a diff operation.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to pr
d this technique to remain "on the air" in the
midst of a DOS attack.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345
emanding the authentication.
I must admit that I worry about the ATMs in places like bars. These
machines do not seem to have a lot of physical protection.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -
least privilege, which is the best
path to limit the effect of bugs.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood
imited. One way to limit authority in
current systems is to use an operating system that provides a measure of
real security between users, and then have an account which is only used
for email, web surfing etc.
Cheers - Bill
------
pt secret from the verifier (including
possibly untrusted hardware/software used to enter it.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to preven
At 5:13 AM -0800 1/30/02, <[EMAIL PROTECTED]> wrote:
>Bill Frantz writes:
> >
> > What would be really nice is to be able to have the same PIN/password for
> > everything.
>
>Do you really mean that? Sure, if I only have to remember one thing
>it is e
eration is a lot faster.
Cheers - Bill
---------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair use.
numbers into the card
doesn't strike me as being that difficult. (Although running a FIPS-140
test every time a signature is generated (card is powered up), might be a
performance problem.)
It is probably worth examining the protocols for bad random number attacks
on the nonces.
Cheers - Bill
e the keys as it needs to store a random seed.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTE
raffic becomes readable rather than
>just one message.
IMHO, interactive protocols (e.g. certain modes of SSL/TLS) which are
subject to this attack should be retired. Non-interactive protocols (e.g.
PGP email), are much more difficult to fix.
Cheers - Bill
---
high order bits. Something like would be
relatively easy to remember, and would help mitigate signed vs. unsigned
number problems on 32 bit machines.
Cheers - Bill
---------
Bill Frantz | The principal effect
This might result in a
better balance between the resources needed by the attacker and those
needed by the server.
Cheers - Bill
-
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356
t of the system is the 1024 bit Diffie-Hellman key
agreement, the use of SHA1, and the use of DSA-1024. We should consider
that users of E with long-term data confidentality requirements will need
bigger keys.
Cheers - Bill
------
proach, but wanted to add to it a CPU limit
on the client end. Hash cash with a server provided problem seems a good
approach there.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Con
t to support viruses.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, USA
-
At 9:00 PM -0700 8/30/02, Nomen Nescio wrote:
>Bill Frantz writes, regarding the possibility that the Palladium
>architecture could be designed to resist the use of encrypted
>code:
>
>> All general purpose computers require a way to move data space to code
>> spac
atform: Exploiting Virus-Ridden Software"
<http://conferences.oreillynet.com/cs/et2002/view/e_sess/2223>.
Cheers - Bil
-
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-
all number of stored challenge-response
pairs.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL P
e
ID, them my face ... It seemed to work quite well.
Cheers - Bill
-----
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[
eakers who
sympathized with the Axis.
A quick glance at Kahn didn't turn up an information on these code talkers.
Has anyone else heard anything about it?
Cheers - Bill
---------
Bill Frantz | The principal effect of| Periwinkl
ports?
(I'd like to test my firewall.)
Cheers - Bill
[Moderator's note: I'm not aware of one -- it would doubtless be
abused -- but just running nmap against the machine should work
fine. That's what I do. --Perry]
----
ur C. Clarke's invention of the communication
satellite, published in Wireless World in 1945. Never mind that the
rockets to launch such satellites were not available until the 1960s.
Cheers - Bill
---------
Bill Frantz | T
fferent results,
I don't feel we are any closer to safe, portable code.
Cheers - Bill
-
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
[EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, US
G on OS X. She has integrated with Mail in GUI mode
using a package called PGPMail. She says, "It seems to be working OK." (I
remember spending some time helping her get it up. Knowledge of Unix shell
helps.)
Cheers - Bill
----
when you don't seek public review.
Cheers - Bill
-----
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the Ameican | 16345 Englewood Ave.
[EMAIL PROTECTED] | way. | Los Gatos, CA 95032, USA
---
At 4:29 PM -0800 2/10/03, Steven M. Bellovin wrote:
>In message <v03110705ba6dec92ddb0@[192.168.1.5]>, Bill Frantz writes:
>
>> * Fast key setup (Forget tossing the 256 bytes of key stream.
>>The designers weren't crypto engineers. Personally, I'd toss the
t effective attack is exhaustive search
through the 40 bit key space. (IIRC, basically what the device did was
reveal 16 bits of a DES key.)
Cheers - Bill
-----
Bill Frantz | Due process for all| Periwi
-bool.html&r=47&f=G&l=50&co1=AND&d=ptxt&s1=Matyas.INZZ.&OS=IN/Matyas&RS=IN/Matyas
Cheers - Bill
---------
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506
an
attacker or just through failure of the TCP checksum).
Cheers - Bill
-----
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
[EMA
luding
>myself) have personally verified.
IIRC, 243.0 is the military flight emergency frequency. (Corresponding to
121.5 for civilian use). I would expect the shuttle to have that frequency
available.
Cheers - Bill
------
o are the real votes, or fake ones.
The easiest way to implement is to let people photograph the paper on the
sample/practice -- not for real voting -- machine that poll workers use to
teach voters how to use the real machines.
Cheers - Bill
-----
ot;29782321539388697349613396698017627677439533107752"
+ "978203");
Cheers - Bill
-
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506
but lost interest after shuffling through a few of
their web pages.)
Cheers - Bill
-
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
[EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA
--
At 9:21 PM -0800 3/6/03, Ben Laurie wrote:
>Bill Frantz wrote:
>> At 3:47 AM -0800 3/6/03, Ben Laurie wrote:
>>
>>>I'm looking for a list or lists of sensibly sized proven primes - all
>>>the lists I can find are more interested in records, which are _way_
smaller of the two
related primes.
Cheers - Bill
---------
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
[EMAIL PROTECTED] | American
rules?
Cheers - Bill
-
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
[EMAIL PROTECTED] | American way. | Los Gatos
OTOH, the sections dealing with "theft of service" may apply. Moral is to
get your service from a provider that allows NAT.
Cheers - Bill
-
Bill Frantz | Due process for all| Periwinkle -- Con
much more privacy friendly approach.
This problem would be less acute with IPv6 addresses.
Cheers - Bill
---------
Bill Frantz | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the
At 6:16 PM -0800 4/2/03, Seth David Schoen wrote:
>Bill Frantz writes:
>
>> The http://cryptome.org/usage-logs.htm URL says:
>>
>> >Low resolution data in most cases is intended to be sufficient for
>> >marketing analyses. It may take the form of IP addresses t
52 matches
Mail list logo
