On Thu, 2005-10-27 at 23:28 -0400, R.A. Hettinga wrote:
RAH
Who thinks anything Microsoft makes these days is, by definition, a
security risk.
Indeed, the amount of trust I'm willing to place in a piece of software
is quite related to how much of its source code is available for review.
At 8:18 PM -0700 10/27/05, cyphrpunk wrote:
Keep the focus on anonymity. That's what the cypherpunks list is
about.
Please.
The cypherpunks list is about anything we want it to be. At this stage in
the lifecycle (post-nuclear-armageddon-weeds-in-the-rubble), it's more
about the crazy bastards
From: Kerry Bonin [EMAIL PROTECTED]
Date: Thu, 27 Oct 2005 06:52:57 -0700
To: [EMAIL PROTECTED], Peer-to-peer development. [EMAIL PROTECTED]
Subject: Re: [p2p-hackers] P2P Authentication
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
Reply-To: Peer-to-peer development. [EMAIL
http://www.bluegemsecurity.com/ claims that they can encrypt data from the
keyboard to the web browser, bypassing trojans and sniffers, however the web
pages are completely lacking in any detail on what they're actually doing.
From reports published by West Coast Labs, it's a purely software-only
Here's a very interesting case where (c)holders are trying
to ban fair use (educational) of (c) material. I agree with
their motivations ---Kansan theo-edu-crats need killing for their
continuing child abuse-- but I don't see how they can get around the
fair use provisions.
(Bypassing whether
[Using the *financial* angle, having to show state-photo-ID is
overturned to vote
is overturned. Interesting if this could be used for other cases where
the
state wants ID.]
Today: October 27, 2005 at 12:33:27 PDT
Court Blocks Ga. Photo ID Requirement
ASSOCIATED PRESS
ATLANTA (AP) - A
At 12:23 PM -0700 10/27/05, Major Variola (ret) wrote:
Why don't you send her comma-delimited text, Excel can import it?
But, but...
You can't put Visual *BASIC* in comma delimited text...
;-)
Cheers,
RAH
Yet another virus vector. Bah! :-)
--
-
R. A. Hettinga mailto: [EMAIL
The cypherpunks list is about anything we want it to be. At this stage in
the lifecycle (post-nuclear-armageddon-weeds-in-the-rubble), it's more
about the crazy bastards who are still here than it is about just about
anything else.
Fine, I want it to be about crypto and anonymity. You can
From: Eugen Leitl [EMAIL PROTECTED]
Sent: Oct 27, 2005 3:22 AM
To: Shawn K. Quinn [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [PracticalSecurity] Anonymity - great technology but hardly used
..
It's never about merit, and not even money, but about predeployed
base and interoperability. In
At 8:41 PM -0700 10/27/05, cyphrpunk wrote:
Where else are you going to talk about
this shit?
Talk about it here, of course.
Just don't expect anyone to listen to you when you play list-mommie.
Cheers,
RAH
--
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer
On 10/25/05, Travis H. [EMAIL PROTECTED] wrote:
More on topic, I recently heard about a scam involving differential
reversibility between two remote payment systems. The fraudster sends
you an email asking you to make a Western Union payment to a third
party, and deposits the requested amount
Wasn't there a rumor last year that Skype didn't do any encryption
padding, it just did a straight exponentiation of the plaintext?
Would that be safe, if as the report suggests, the data being
encrypted is 128 random bits (and assuming the encryption exponent is
considerably bigger than 3)?
On 10/26/05, James A. Donald [EMAIL PROTECTED] wrote:
How does one inflate a key?
Just make it bigger by adding redundancy and padding, before you
encrypt it and store it on your disk. That way the attacker who wants
to steal your keyring sees a 4 GB encrypted file which actually holds
about a
On Thu, 2005-10-27 at 20:18 -0700, cyphrpunk wrote:
This is off-topic. Let's not degenerate into random Microsoft bashing.
Keep the focus on anonymity. That's what the cypherpunks list is
about.
Sorry, but I have to disagree. I highly doubt that Microsoft is
interested in helping users of
--
From: Eugen Leitl [EMAIL PROTECTED]
While I don't exactly know why the list died, I
suspect it was the fact that most list nodes offered a
feed full of spam, dropped dead quite frequently, and
also overusing that needs killing thing (okay, it
was funny for a
--
R.A. Hettinga [EMAIL PROTECTED]
Intel doing their current crypto/DRM stuff, [...] You
know they're going to do evil, but at least the
*other* malware goes away.
I am a reluctant convert to DRM. At least with DRM, we
face a smaller number of threats.
--digsig
James A.
Title: Yahoo! Email Verification
Help
Do not reply to this message. If this account doesn't belong to you, please follow the instructions at the end of this email.
Hello cypherpunks@minder.net,
We have received your request to join the hersey-serbest
group hosted by Yahoo! Groups, a free, easy-to-use community service.
This request will expire in 7 days.
TO BECOME A MEMBER OF THE GROUP:
1) Go to the Yahoo! Groups site by clicking on this link:
On Wed, Oct 26, 2005 at 08:41:48PM -0500, Shawn K. Quinn wrote:
1) You have told your HR person what a bad idea it is to introduce a
dependency on a proprietary file format, right?
Telling is useless. Are you in a sufficient position of power to make
them stop using it? I doubt it, because
- Forwarded message from Roger Dingledine [EMAIL PROTECTED] -
From: Roger Dingledine [EMAIL PROTECTED]
Date: Wed, 26 Oct 2005 16:55:36 -0400
To: [EMAIL PROTECTED]
Subject: EFF is looking for Tor DMCA test case volunteers
User-Agent: Mutt/1.5.9i
Reply-To: [EMAIL PROTECTED]
Fred asked me
- Forwarded message from Kerry Bonin [EMAIL PROTECTED] -
From: Kerry Bonin [EMAIL PROTECTED]
Date: Thu, 27 Oct 2005 06:52:57 -0700
To: [EMAIL PROTECTED], Peer-to-peer development. [EMAIL PROTECTED]
Subject: Re: [p2p-hackers] P2P Authentication
User-Agent: Mozilla Thunderbird 1.0.6
- Forwarded message from David Farber [EMAIL PROTECTED] -
From: David Farber [EMAIL PROTECTED]
Date: Wed, 26 Oct 2005 19:28:46 -0400
To: Ip Ip ip@v2.listbox.com
Subject: [IP] EFF: Court Issues Surveillance Smack-Down to Justice Department
X-Mailer: Apple Mail (2.734)
Reply-To: [EMAIL
Thanks for notifying us with your weight problem concerns.
Our 2 Nutritionists are online 24 hours a day to answer your questions or
concerns.
Virginia Carter and Robert Rogers have been nutritionists for the past
10 years and are recommending that you try a 2-3 month supply of hoodia.
At 08:41 PM 10/26/05 -0500, Shawn K. Quinn wrote:
On Tue, 2005-10-25 at 23:40 -0500, Travis H. wrote:
Many of the anonymity protocols require multiple participants, and
thus are subject to what economists call network externalities.
The
best example I can think of is Microsoft Office file
[Using the *financial* angle, having to show state-photo-ID is
overturned to vote
is overturned. Interesting if this could be used for other cases where
the
state wants ID.]
Today: October 27, 2005 at 12:33:27 PDT
Court Blocks Ga. Photo ID Requirement
ASSOCIATED PRESS
ATLANTA (AP) - A
Here's a very interesting case where (c)holders are trying
to ban fair use (educational) of (c) material. I agree with
their motivations ---Kansan theo-edu-crats need killing for their
continuing child abuse-- but I don't see how they can get around the
fair use provisions.
(Bypassing whether
Thanks for notifying us with your weight problem concerns.
Our 2 Nutritionists are online 24 hours a day to answer your questions or
concerns.
Patricia Jones and Charles Roberts have been nutritionists for the past
10 years and are recommending that you try a 2-3 month supply of hoodia.
At 12:23 PM -0700 10/27/05, Major Variola (ret) wrote:
Why don't you send her comma-delimited text, Excel can import it?
But, but...
You can't put Visual *BASIC* in comma delimited text...
;-)
Cheers,
RAH
Yet another virus vector. Bah! :-)
--
-
R. A. Hettinga mailto: [EMAIL
On 10/26/05, Shawn K. Quinn [EMAIL PROTECTED] wrote:
On Tue, 2005-10-25 at 23:40 -0500, Travis H. wrote:
Many of the anonymity protocols require multiple participants, and
thus are subject to what economists call network externalities. The
best example I can think of is Microsoft Office
At 8:18 PM -0700 10/27/05, cyphrpunk wrote:
Keep the focus on anonymity. That's what the cypherpunks list is
about.
Please.
The cypherpunks list is about anything we want it to be. At this stage in
the lifecycle (post-nuclear-armageddon-weeds-in-the-rubble), it's more
about the crazy bastards
The cypherpunks list is about anything we want it to be. At this stage in
the lifecycle (post-nuclear-armageddon-weeds-in-the-rubble), it's more
about the crazy bastards who are still here than it is about just about
anything else.
Fine, I want it to be about crypto and anonymity. You can
On Thu, 2005-10-27 at 20:18 -0700, cyphrpunk wrote:
This is off-topic. Let's not degenerate into random Microsoft bashing.
Keep the focus on anonymity. That's what the cypherpunks list is
about.
Sorry, but I have to disagree. I highly doubt that Microsoft is
interested in helping users of
On 10/25/05, Travis H. [EMAIL PROTECTED] wrote:
More on topic, I recently heard about a scam involving differential
reversibility between two remote payment systems. The fraudster sends
you an email asking you to make a Western Union payment to a third
party, and deposits the requested amount
On Thu, 2005-10-27 at 23:28 -0400, R.A. Hettinga wrote:
RAH
Who thinks anything Microsoft makes these days is, by definition, a
security risk.
Indeed, the amount of trust I'm willing to place in a piece of software
is quite related to how much of its source code is available for review.
Wasn't there a rumor last year that Skype didn't do any encryption
padding, it just did a straight exponentiation of the plaintext?
Would that be safe, if as the report suggests, the data being
encrypted is 128 random bits (and assuming the encryption exponent is
considerably bigger than 3)?
On 10/26/05, James A. Donald [EMAIL PROTECTED] wrote:
How does one inflate a key?
Just make it bigger by adding redundancy and padding, before you
encrypt it and store it on your disk. That way the attacker who wants
to steal your keyring sees a 4 GB encrypted file which actually holds
about a
From: Kerry Bonin [EMAIL PROTECTED]
Date: Thu, 27 Oct 2005 06:52:57 -0700
To: [EMAIL PROTECTED], Peer-to-peer development. [EMAIL PROTECTED]
Subject: Re: [p2p-hackers] P2P Authentication
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
Reply-To: Peer-to-peer development. [EMAIL
Travis H. wrote:
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets. I
considered doing this with SLIP back before broadband (back when my
friend
On Tue, 2005-10-25 at 23:40 -0500, Travis H. wrote:
Many of the anonymity protocols require multiple participants, and
thus are subject to what economists call network externalities. The
best example I can think of is Microsoft Office file formats. I don't
buy MS Office because it's the best
On Wed, Oct 26, 2005 at 08:41:48PM -0500, Shawn K. Quinn wrote:
1) You have told your HR person what a bad idea it is to introduce a
dependency on a proprietary file format, right?
Telling is useless. Are you in a sufficient position of power to make
them stop using it? I doubt it, because
At 08:41 PM 10/26/05 -0500, Shawn K. Quinn wrote:
On Tue, 2005-10-25 at 23:40 -0500, Travis H. wrote:
Many of the anonymity protocols require multiple participants, and
thus are subject to what economists call network externalities.
The
best example I can think of is Microsoft Office file
cyphrpunk wrote:
The main threat to
this illegal but widely practiced activity is legal action by
copyright holders against individual traders. The only effective
protection against these threats is the barrier that could be provided
by anonymity. An effective, anonymous file sharing network
From: R.A. Hettinga [EMAIL PROTECTED]
Sent: Oct 25, 2005 8:34 AM
To: cryptography@metzdowd.com, [EMAIL PROTECTED]
Subject: On the orthogonality of anonymity to current market demand
...
That is to say, your analysis conflicts with the whole trend towards
T-0 trading, execution, clearing and
Title: THE NATIONALIST ALLIANCE WEEK
THE NATIONALIST
ALLIANCE WEEK
Speak The Truth And Fear
No-one
www.allnationalist.com email: [EMAIL PROTECTED]
in a week where we see rioting
in Birmingham over sexual attacks commited by asian men and the mass media
coverage
we see that a program in
Is it possible that Skype doesn't use RSA encryption? Or if they do, do
they do it without using any padding, and is that safe?
No ,Skype use RSA encryption:
Each party contributes 128 random bits toward the 256-bit session key.
The contributions are exchanged as RSA cryptograms. The two
Link: http://slashdot.org/article.pl?sid=05/10/26/0424211
Posted by: ScuttleMonkey, on 2005-10-26 10:26:00
denis-The-menace writes According to an article from newscientist,
scientists have devised a system to [1]use microwave energy for
surveillance. If people are speaking inside the
Yo Variola! Did you notice the date stamp on that post?
Did you do a stint on Survivor or something?
Or as I said to the short-lived Tom Veil, What, no Starbucks near your
Unabomber shack?
-TD
From: Major Variola (ret) [EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Subject:
--- Travis H. [EMAIL PROTECTED] wrote:
[snip]
Another issue involves the ease of use when switching between a
[slower] anonymous service and a fast non-anonymous service. I have
a
tool called metaprox on my website (see URL in sig) that allows you
to
choose what proxies you use on a
On Mon, 24 Oct 2005, cyphrpunk wrote:
Is it possible that Skype doesn't use RSA encryption? Or if they do,
do they do it without using any padding, and is that safe?
You may want to read the report itself:
http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
and
Dear user cypherpunks,
You have successfully updated the password of your Minder account.
If you did not authorize this change or if you need assistance with your account, please contact Minder customer service at: [EMAIL PROTECTED]
Thank you for using Minder!
The Minder Support Team
I'm one of those that believes that agrees with Louis Brandice's dissenting
opinion about the constitutionality of wiretaps. That they violate the
privacy of those parties who call or are called by the party being wiretapped.
I have written on this in 2002/2003. There seem to be at least two
Date sent: Tue, 25 Oct 2005 00:38:36 +0200
To: cyphrpunk [EMAIL PROTECTED]
Copies to: John Kelsey [EMAIL PROTECTED], Ian G [EMAIL
PROTECTED],
[EMAIL PROTECTED], cryptography@metzdowd.com, [EMAIL PROTECTED]
From: [EMAIL
--
Steve Schear [EMAIL PROTECTED]
Yes, but unfortunately it is not clear at all that
courts would find the opposite, either. If a lawsuit
names the currency issuer as a defendant, which it
almost certainly would, a judge might order the
issuer's finances frozen or impose other measures
John Kelsey wrote:
From: cyphrpunk [EMAIL PROTECTED]
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have this problem with online banking and
similar financial services. Couldn't a virus today steal people's
passwords and command their banks to
--
John Kelsey
What's with the heat-death nonsense? Physical bearer
instruments imply stout locks and vaults and alarm
systems and armed guards and all the rest, all the way
down to infrastructure like police forces and armies
(private or public) to avoid having the biggest gang
end up
On Wed, 26 Oct 2005, JЖrn Schmidt wrote:
--- Travis H. [EMAIL PROTECTED] wrote:
[snip]
Another issue involves the ease of use when switching between a
[slower] anonymous service and a fast non-anonymous service. I
have a tool called metaprox on my website (see URL in sig) that
allows
On 2005-10-26T08:21:08+0200, Stephan Neuhaus wrote:
cyphrpunk wrote:
The main threat to
this illegal but widely practiced activity is legal action by
copyright holders against individual traders. The only effective
protection against these threats is the barrier that could be provided
Travis H. wrote:
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets.
OK so far ...
There are two problems with this; one, getting
enough
Hello,
At 25/10/05 07:18, cyphrpunk wrote:
http://www.hbarel.com/Blog/entry0006.html
I believe that for anonymity and pseudonymity technologies to survive
they have to be applied to applications that require them by design,
rather than to mass-market applications that can also do
Travis H. wrote:
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets. I
considered doing this with SLIP back before broadband (back when my
friend
On Tue, 2005-10-25 at 23:40 -0500, Travis H. wrote:
Many of the anonymity protocols require multiple participants, and
thus are subject to what economists call network externalities. The
best example I can think of is Microsoft Office file formats. I don't
buy MS Office because it's the best
Thanks for notifying us with your weight problem concerns.
Our 2 Nutritionists are online 24 hours a day to answer your questions or
concerns.
Charles Hernandez and Pamela King have been nutritionists for the past
10 years and are recommending that you try a 2-3 month supply of hoodia.
At 03:15 PM 6/8/04 -0400, Tyler Durden wrote:
Well, it's interesting to consider how/if that might be possible. SONET
scrambles the payload prior to transmission..adding an additional
crypto
layer prior to transmission would mean changing the line rate, so
probably a
no-no.
Tyler, one can
Yo Variola! Did you notice the date stamp on that post?
Did you do a stint on Survivor or something?
Or as I said to the short-lived Tom Veil, What, no Starbucks near your
Unabomber shack?
-TD
From: Major Variola (ret) [EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Subject:
cyphrpunk wrote:
The main threat to
this illegal but widely practiced activity is legal action by
copyright holders against individual traders. The only effective
protection against these threats is the barrier that could be provided
by anonymity. An effective, anonymous file sharing network
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets. I
considered doing this with SLIP back before broadband (back when my
friend was my ISP). There are
From: R.A. Hettinga [EMAIL PROTECTED]
Sent: Oct 25, 2005 8:34 AM
To: cryptography@metzdowd.com, [EMAIL PROTECTED]
Subject: On the orthogonality of anonymity to current market demand
..
That is to say, your analysis conflicts with the whole trend towards
T-0 trading, execution, clearing and
On Mon, 24 Oct 2005, cyphrpunk wrote:
Is it possible that Skype doesn't use RSA encryption? Or if they do,
do they do it without using any padding, and is that safe?
You may want to read the report itself:
http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
and
--- Travis H. [EMAIL PROTECTED] wrote:
[snip]
Another issue involves the ease of use when switching between a
[slower] anonymous service and a fast non-anonymous service. I have
a
tool called metaprox on my website (see URL in sig) that allows you
to
choose what proxies you use on a
If you have
to be that confident in your computer security to use the payment
system, it's not going to have many clients.
Maybe the trusted computing platform (palladium) may have something to
offer after all, namely enabling naive users to use services that
require confidence in their own
Is it possible that Skype doesn't use RSA encryption? Or if they do, do
they do it without using any padding, and is that safe?
No ,Skype use RSA encryption:
Each party contributes 128 random bits toward the 256-bit session key.
The contributions are exchanged as RSA cryptograms. The two
John Kelsey wrote:
From: cyphrpunk [EMAIL PROTECTED]
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have this problem with online banking and
similar financial services. Couldn't a virus today steal people's
passwords and command their banks to
I'm one of those that believes that agrees with Louis Brandice's dissenting
opinion about the constitutionality of wiretaps. That they violate the
privacy of those parties who call or are called by the party being wiretapped.
I have written on this in 2002/2003. There seem to be at least two
On 2005-10-26T08:21:08+0200, Stephan Neuhaus wrote:
cyphrpunk wrote:
The main threat to
this illegal but widely practiced activity is legal action by
copyright holders against individual traders. The only effective
protection against these threats is the barrier that could be provided
On Wed, 26 Oct 2005, JЖrn Schmidt wrote:
--- Travis H. [EMAIL PROTECTED] wrote:
[snip]
Another issue involves the ease of use when switching between a
[slower] anonymous service and a fast non-anonymous service. I
have a tool called metaprox on my website (see URL in sig) that
allows
--
Steve Schear [EMAIL PROTECTED]
Yes, but unfortunately it is not clear at all that
courts would find the opposite, either. If a lawsuit
names the currency issuer as a defendant, which it
almost certainly would, a judge might order the
issuer's finances frozen or impose other measures
--
John Kelsey
What's with the heat-death nonsense? Physical bearer
instruments imply stout locks and vaults and alarm
systems and armed guards and all the rest, all the way
down to infrastructure like police forces and armies
(private or public) to avoid having the biggest gang
end up
Travis H. wrote:
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets.
OK so far ...
There are two problems with this; one, getting
enough
Hello,
At 25/10/05 07:18, cyphrpunk wrote:
http://www.hbarel.com/Blog/entry0006.html
I believe that for anonymity and pseudonymity technologies to survive
they have to be applied to applications that require them by design,
rather than to mass-market applications that can also do
Title: postcards.org
You have just received a virtual
postcard from a family member!
.
You can pick up your postcard at
the following web address:
.
http://www2.postcards.org/?d21-sea-sunset
.
If you can't click on the web address
above, you can also
visit
From: cyphrpunk [EMAIL PROTECTED]
Sent: Oct 24, 2005 5:58 PM
To: John Kelsey [EMAIL PROTECTED]
Subject: Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like
Payment Systems
...
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have
-BEGIN PGP SIGNED MESSAGE-
At 3:57 PM -0400 10/24/05, John Kelsey wrote:
More to the point, an irreversible payment system raises big practical
problems in a world full of very hard-to-secure PCs running the
relevant software. One exploitable software bug, properly used, can
steal an
Its unfortunate that some posters had to be reminded that anyone
calling for government-licensed reporters (and religions, as one
author included) deserves to have their carbon recycled, because
of the treason to the BoR. Tim May used to call government licensed
citizens special objects. Search
We encourage the publication of the (paper) school records which the FLA
hurricane reportedly distributed to locals, as part of an effort to show
the sheeple
how *well* the state guards their secrets. Particularly interested in
offspring
of state officials, not that their kids are likely go to
Nuclear Detection: Fixed detectors, portals, and NEST
teams wont work for shielded HEU on a national scale;
a distributed network of in-vehicle detectors is also
necessary to deter nuclear terrorism
http://iis-db.stanford.edu/evnts/4249/disarm.pdf
Maybe the FCC will require rad detectors in
| U.S. law generally requires that stolen goods be returned to the
| original owner without compensation to the current holder, even if
| they had been purchased legitimately (from the thief or his agent) by
| an innocent third party.
This is incorrect. The law draws a distinction between
- Forwarded message from David Farber [EMAIL PROTECTED] -
From: David Farber [EMAIL PROTECTED]
Date: Tue, 25 Oct 2005 14:08:43 -0400
To: Ip Ip ip@v2.listbox.com
Subject: [IP] Wiretapping innocent people on the Internet
X-Mailer: Apple Mail (2.734)
Reply-To: [EMAIL PROTECTED]
To: Declan
Its unfortunate that some posters had to be reminded that anyone
calling for government-licensed reporters (and religions, as one
author included) deserves to have their carbon recycled, because
of the treason to the BoR. Tim May used to call government licensed
citizens special objects. Search
- Forwarded message from Declan McCullagh declan@well.com -
From: Declan McCullagh declan@well.com
Date: Tue, 25 Oct 2005 13:23:23 -0700
To: politech@politechbot.com
Subject: [Politech] U.S. passports to receive RFID implants starting in
October 2006 [priv]
User-Agent: Mozilla
At 03:15 PM 6/8/04 -0400, Tyler Durden wrote:
Well, it's interesting to consider how/if that might be possible. SONET
scrambles the payload prior to transmission..adding an additional
crypto
layer prior to transmission would mean changing the line rate, so
probably a
no-no.
Tyler, one can
Hi,
I sent you an email last week and need to confirm everything now.
Please read the info below and let me know if you have any questions.
We are accepting your mortgage refinance application. If you have poor credit,
it is ok. You can get a refinance loan for a rock-bottom payment.
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets. I
considered doing this with SLIP back before broadband (back when my
friend was my ISP). There are
If you have
to be that confident in your computer security to use the payment
system, it's not going to have many clients.
Maybe the trusted computing platform (palladium) may have something to
offer after all, namely enabling naive users to use services that
require confidence in their own
One intresting security measure protecting valuable digital assets (WM
protects private keys this way) is inflating them before encryption.
While it does not protect agains trojan applications, it does a surprisingly
good job at reducing attacks following the key logging + file theft pattern.
On 10/24/05, Steve Schear [EMAIL PROTECTED] wrote:
I don't think E-gold ever held out its system as non-reversible with proper
court order. All reverses I am aware happened either due to some technical
problem with their system or an order from a court of competence in the
matter at hand.
http://www.hbarel.com/Blog/entry0006.html
I believe that for anonymity and pseudonymity technologies to survive
they have to be applied to applications that require them by design,
rather than to mass-market applications that can also do (cheaper)
without. If anonymity mechanisms are
From: cyphrpunk [EMAIL PROTECTED]
Sent: Oct 24, 2005 5:58 PM
To: John Kelsey [EMAIL PROTECTED]
Subject: Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like
Payment Systems
..
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have this
On Mon, Oct 24, 2005 at 02:58:32PM -0700, cyphrpunk wrote:
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have this problem with online banking and
similar financial services. Couldn't a virus today steal people's
passwords and command their
-BEGIN PGP SIGNED MESSAGE-
At 3:57 PM -0400 10/24/05, John Kelsey wrote:
More to the point, an irreversible payment system raises big practical
problems in a world full of very hard-to-secure PCs running the
relevant software. One exploitable software bug, properly used, can
steal an
101 - 200 of 76638 matches
Mail list logo
