at Monday, September 23, 2002 10:35 PM, Curt Smith
[EMAIL PROTECTED] was seen to say:
http://www.drivecrypt.com/dcplus.html
DriveCrypt Plus does everything you want. I believe it may
have descended from ScramDisk (Dave Barton's disk encryption
program).
As an aside - Dave Barton? Shaun
at Monday, September 30, 2002 7:52 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Is it practical for a particular group, for
example a corporation or a conspiracy, to whip up its own
damned root certificate, without buggering around with
verisign? (Of course fixing Microsoft's
at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
For encryption, STARTTLS, which protects more mail than all other
email encryption technology combined. See
http://www.cs.auckland.ac.nz/~pgut001/pubs/usenix02_slides.pdf
(towards the back).
I would
at Tuesday, October 01, 2002 6:10 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Not so. It turns out the command line is now different in PGP
6.5.8. It is now pgp -sta to clearsign, instead of pgp -sa.
(Needless to say the t option does not appear in pgp -h
*nods*
its in the 6.5
-BEGIN PGP SIGNED MESSAGE-
at Tuesday, October 01, 2002 9:04 PM, Petro [EMAIL PROTECTED] was seen
to say:
Well, it's a start. Every mail server (except mx1 and
mx2.prserv.net) should use TLS.
Its nice in theory, but in practice look how long it takes the bulk of
the
internet to
-BEGIN PGP SIGNED MESSAGE-
at Tuesday, October 01, 2002 9:04 PM, Petro [EMAIL PROTECTED] was
seen
to say:
Well, it's a start. Every mail server (except mx1 and
mx2.prserv.net) should use TLS.
Its nice in theory, but in practice look how long it takes the bulk
of the internet to
at Wednesday, October 02, 2002 3:13 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
As opposed to more conventional encryption, where you're protecting
nothing at any point along the chain, because 99.99% of the user base
can't/won't use it.
That is a different problem. if you assume that
I assume everyone knows the little arrangement that lotus
reached with the NSA over its encrypted secure email?
I'm new here, so do tell if I am wrong. Are you referring to the two
levels
of Encryption available in Bogus Notes?
More or less, yes. Lotus knew nobody would buy a 40 bit version
On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote:
The basic argument is that, if good encryption is available overseas
or easily downloadable, it doesn't make sense to make export of it
illegal.
Nope. The biggest name in software right now is Microsoft, who wasn't
willing to
Trei, Peter [EMAIL PROTECTED] wrote:
It was Sweden. They didn't really have an excuse - over a year
earlier,
Lotus announced their International version with details of the
Work
Factor Reduction Field at the RSA Conference. I immediately invented
the term 'espionage enabled' to describe this
at Saturday, October 12, 2002 2:01 AM, Steve Furlong
[EMAIL PROTECTED] was seen to say:
On Thursday 10 October 2002 13:13, Tim May wrote:
There are two advantages of web-based discussion fora over usenet:
propagation time and firewalls.
Not sure about that - propagation time is a issue of
at Wednesday, October 16, 2002 2:01 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
Though it has a large key length greater than or equal
to the plain text,why would it be insecure if we can
use a good pseudo random number generators,store the
bits produced on a taper proof medium.
because
at Monday, October 21, 2002 3:14 PM, Trei, Peter
[EMAIL PROTECTED] was seen to say:
I'd be nervous about a availability with centralized servers,
even if they are triple redundant with two sites. DDOS
attacks, infrastructure (backhoe) attacks, etc, could all
wreck havoc.
Indeed so, yes.
I
at Monday, October 21, 2002 4:20 PM, Eric Murray [EMAIL PROTECTED] was
seen to say:
Looking at their web site, they seem pretty generic about
what it's for, but I did not see any mention of using it for payments.
So I assume it's for logins.
well, I was working from:
The Quizid registry
The
at Thursday, October 17, 2002 4:54 AM, Morlock Elloi
Also, if regular cheapo PC sounboards can digitize 30 MHz (and
Nyquist says this requires 60 MHz sampling rate) then some product
managers need ... flogging.
If I am reading this correctly, they don't need to - a fixed-frequency
first mixer
at Wednesday, October 16, 2002 6:13 PM, Bill Frantz
[EMAIL PROTECTED] was seen to say:
OTP is also good when:
(1) You can solve the key distribution problem.
Its certainly usable provided key distribution isn't an issue - if it is
also worth the trouble and expense is another matter.
(2) You
at Thursday, October 17, 2002 4:38 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
He wanted to know how I was able to do XOR on P(0) and
P(1) when xor is defined only on binary digits.
you don't.
P(x) is a probability of digit x in the output. ideally, P(0)=P(1)=0.5
(obviously in binary, only
at Wednesday, October 16, 2002 7:17 PM, David E. Weekly
[EMAIL PROTECTED] was seen to say:
As for PKI being secure for 20,000 years, it sure as hell won't be if
those million-qubit prototypes turn out to be worth their salt.
I wasn't aware they even had a dozen-qbit prototypes functional yet
at Saturday, October 26, 2002 1:18 AM, Tim May [EMAIL PROTECTED] was seen
to say:
Yes, but check very carefully whether one is in violation of the
anti-hacking laws (viz. DMCA). By some readings of the laws, merely
trying to break a cipher is ipso fact a violation.
IIRC, you can't be arrested
at Monday, November 04, 2002 2:28 AM, Tim May [EMAIL PROTECTED] was seen
to say:
Those who need to know, know.
Which of course is a viable model, provided you are only using your key
for private email to those who need to know
if you are using it for signatures posted to a mailing list though, it
at Monday, November 04, 2002 3:13 PM, Tyler Durden
This is an interesting issue...how much information can be gleaned
from encrypted payloads?
Usually, the VPN is an encrypted tunnel from a specified IP (individual
pc or lan) to another specified IP (the outer marker of the lan, usually
the
At 03:55 PM 11/7/02 +0100, Steven M. Bellovin wrote:
Regardless of whether one uses volatile or a pragma, the basic point
remains: cryptographic application writers have to be aware of what a
clever compiler can do, so that they know to take countermeasures.
Wouldn't a crypto coder be using
Tyler Durden wrote:
Sorry, I'm new, but does this refer to the notion of splitting up a document
holographically, and placing the various pieces of numerous servers
throughout the 'Net?
No. It is referring to conventional encryption of your local hard disk.
at Thursday, November 21, 2002 2:26 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
'A' uses a very strong crytographic algorithm which
would be forced out by rubber horse cryptanalysis
Now if Aice could give another key k` such that the
cipher text (c) decrypts to another dummy plain
at Monday, December 02, 2002 8:42 AM, Eugen Leitl [EMAIL PROTECTED] was
seen to say:
No, an orthogonal identifier is sufficient. In fact, DNS loc would be
a good start.
I think what I am trying to say is - given a normal internet user
using IPv4 software that wants to connect to someone in the
Declan McCullagh wrote:
Also epic.org (not a cypherpunk-friendly organization,
but it does try to limit law enforcement surveillance) [...]
Is the cypherpunks movement truly so radicalized that it is
not willing to count even EPIC among its friends?
at Tuesday, December 17, 2002 5:33 AM, the following Choatisms were
heard:
Nobody (but perhaps you by inference) is claiming it is identical,
however, it -is- a broadcast (just consider how a packet gets routed,
consider the TTL for example or how a ping works).
ping packets aren't routed any
at Tuesday, January 07, 2003 1:14 AM, Michael Motyka [EMAIL PROTECTED]
was seen to say:
financial resources,
other than those that pass through verified identity
gatekeepers;
That's an odd way to spell Campaign Fund Contributing Corporations
at Friday, January 24, 2003 4:53 PM, Mike Rosing [EMAIL PROTECTED]
was seen to say:
Thanks Eugen, It looks like the IBM TPM chip is only a key
store read/write device. It has no code space for the kind of
security discussed in the TCPA. The user still controls the machine
and can still
at Wednesday, January 29, 2003 11:18 PM, Bill Frantz
[EMAIL PROTECTED] was seen to say:
Back a few years ago, probably back during the great gas crisis (i.e.
OPEC) years, there were a lot of small companies working on solar
power. As far as I know, they were all bought up by oil companies.
Of
at Friday, January 31, 2003 2:18 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
schnipp
More particularly, governments are likely to want to explore the
issues related to potential foreign control/influence over domestic
governmental use/access to domestic government held data.
In
No, the various provisions of the Constitution, flawed though it is,
make it clear that there is no prove that you are not guilty
provision (unless you're a Jap, or the government wants your land, or
someone says that you are disrespectful of colored people).
Unfortuately, this is not true in
at Thursday, February 06, 2003 11:21 AM, Pete Capelli
Then which one of these groups does the federal government fall
under, when they use crypto? In the feds opinion, of course. Or do
they believe that their use of crypto is the only wholesome one?
Terrorism of course, using their own
at Thursday, February 06, 2003 2:34 PM, Tyler Durden
[EMAIL PROTECTED] was seen to say:
I've got a question...
If you actually care about the NSA or KGB doing a low-level
magnetic scan to recover data from your disk drives,
you need to be using an encrypted file system, period, no questions.
at Thursday, February 06, 2003 3:44 PM, Peter Fairbrother
[EMAIL PROTECTED] was seen to say:
David Howe wrote:
a) it's not law yet, and may never become law. It's an Act of
Parliament, but it's two-and-a-bit years old and still isn't in
force. No signs of that happening either, except a few
at Thursday, February 06, 2003 4:48 PM, Chris Ball
[EMAIL PROTECTED] was seen to say:
Another point is that ``normal'' constables aren't able to action the
request; they have to be approved by the Chief Constable of a police
force, or the head of a relevant Government department. The full text
at Monday, February 10, 2003 3:09 AM, Jim Choate
[EMAIL PROTECTED] was seen to say:
On Mon, 10 Feb 2003, Dave Howe wrote:
no, lilo is. if you you can mount a pgpdisk (say) without software,
then you are obviously much more talented than I am :)
Bullshit. lilo isn't doing -anything- at that
at Monday, February 10, 2003 3:20 AM, Jim Choate
[EMAIL PROTECTED] was seen to say:
On Sun, 9 Feb 2003, Sunder wrote:
The OS doesn't boot until you type in your passphrase, plug in your
USB fob, etc. and allow it to read the key. Like, Duh! You know,
you really ought to stop smoking crack.
at Thursday, February 20, 2003 2:04 AM, Harmon Seaver
[EMAIL PROTECTED] was seen to say:
The real school of the future won't have classrooms at all, and no
teachers as we now know them. Instead there will be workstations
with VR helmets and a number of software gurus in the machine
at Thursday, February 20, 2003 1:28 AM, Harmon Seaver
[EMAIL PROTECTED] was seen to say:
No oil but lots of dope, especially lots of high grade opium and
the CIA and the US scum military has been just desperate to get
control of the world heroin trade again like they did in Vietnam days.
at Friday, February 21, 2003 4:44 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Highly capitalist nations do not murder millions.
but their highly capitalist companies sometimes do. is this a meaningful
distinction?
at Thursday, March 06, 2003 5:02 PM, Ed Gerck [EMAIL PROTECTED] was
seen
to say:
On the other hand, photographing a paper receipt behind a glass,
which
receipt is printed after your vote choices are final, is not
readily
deniable because that receipt is printed only after you confirm
at Wednesday, March 19, 2003 3:39 AM, Keith Ray [EMAIL PROTECTED] was
seen to say:
Which resolution took away any Member State's authority to all
necessary means to uphold resolution 690?
I think the problem here is who gets to define what is necessary - the
UN Security council thinks it is
at Thursday, March 27, 2003 6:36 AM, Sarad AV [EMAIL PROTECTED]
was seen to say:
there is a lot of self imposed sensor ship in US on
the war.The Us pows's shown on al-jazeera were not
broadcasted over Us and those sites which had pictures
of POW's were removed as unethical graphics on web
at Tuesday, April 01, 2003 11:53 PM, Kevin S. Van Horn
[EMAIL PROTECTED] was seen to say:
What's a legitimate government? One with enough firepower to make its
rule stick?
One with real (not imagined) WMD to frighten off american presidents. NK
being a good example...
On Monday 22 September 2003 12:37 pm, Sarad AV wrote:
Vote for some one who promises freedom,democracy
These two don't co-exist too well if you're idle.
On Friday 19 December 2003 20:35, James A. Donald wrote:
In fact Glaspie told Saddam that if he invaded Kuwait, the shit
would hit the fan.
(That was not her words. Her words were subject of concern,
Cite? The google groups article you linked to has two links to possible
transcripts.
On Monday 22 December 2003 13:49, Michael Kalus wrote:
Well, in america instead of being the slave to the man (just yet)
you're the slave to your credit card bills
By choice.
your employers
By choice, through a range that is barely enough to eat and drink to
unimaginable heights in
, rather than have the system automatically choose for me.
-- David
At 11:05 AM 4/9/04 -0400, Trei, Peter wrote:
1. The use of receipts which a voter takes from the voting place to 'verify'
that their vote was correctly included in the total opens the way for voter
coercion.
John Kelsey
David Jablon wrote:
[...] Where is the privacy problem with
Chaum receipts when Ed and others still have the freedom to refuse
theirs or throw them away?
At 11:43 AM 4/16/04 -0700, Ed Gerck wrote:
The privacy, coercion, intimidation, vote selling and election integrity
problems begin
An Metet wrote:
What technologies currently exist for receiving a/psuedononymous message?
With Mixmaster, sending mail, posting news, and even blog posting are
possible, However, receiving replies securely or, better, holding a private
conversation is difficult or impossible. Best bet seems is to
Steve Furlong wrote:
Does anyone know of a reference implementation for Stefan Brands's
digital certificate scheme? Alternatively, does anyone have an email
address for Brands so I can ask him myself? (I haven't gotten anything
back from ZKS's contact us address. But I don't know if Brands is
At 09:04 PM 8/17/04 -0400, R. A. Hettinga wrote:
At 7:33 PM -0500 8/17/04, Declan McCullagh wrote:
One is enough. Less is more. Let's eliminate redundancy, thus eliminating
redundancy.
LMAO RAH :-)
=
36 Laurelwood Dr
Irvine CA 92620-1299
VOX:
R. A. Hettinga e-said:
Compared, again, to, regulated,
monitored, bank-to-bank foreign exchange of several *trillion*
dollars a *day*, it's chicken feed.
On Bob's list, yesterday:
About $1.2
trillion in currencies is traded daily, according to the Bank for
International Settlements.
Trei, Peter wrote:
- start quote -
Cyber Security Plan Contemplates U.S. Data Retention Law
http://online.securityfocus.com/news/486
Internet service providers may be forced into wholesale spying
on their customers as part of the White House's strategy for
securing cyberspace.
By
Hadmut Danisch writes:
You won't be able to enter a simple shell script through the
keyboard. If so, you could simple print protected files as
a hexdump or use the screen (or maybe the sound device or any
LED) as a serial interface.
Since you could use the keyboard to enter a
Jon Callas wrote:
On 8/1/02 1:14 PM, Trei, Peter [EMAIL PROTECTED] wrote:
So my question is: What is your reason for shielding your identity?
You do so at the cost of people assuming the worst about your
motives.
Is this a tacit way to suggest that the only people who need anonymity or
; picking out which portions of the sequence to use end up becoming
your secret and your sequence is truly only as unpredictable as this secret.
In another sense, the sequence you're using is only as strong as its inputs.
Just my $0.02; please bitchslap me if I got this wrong.
David E. Weekly
Founder
thinking about
using OTP *now* if you have secrets you'd like to keep past when an
adversary of yours might have access to a quantum computer. I'd put 50 years
as an upper bound on that, 5 years as a lower.
-d
- Original Message -
From: David Howe [EMAIL PROTECTED]
To: Email List
David E. Weekly[SMTP:[EMAIL PROTECTED]]
Which means that you should start thinking about
using OTP *now* if you have secrets you'd like to keep past when an
adversary of yours might have access to a quantum computer. ...
OTPs won't help a bit for that problem.
They're fine
a server that's got a fixed IP,
is up all the time, and has very low latency to most of the Net.
How can we help?
David E. Weekly
Founder Director
California Community Colocation Project
http://CommunityColo.net/
PS: We are entirely volunteer-based. Nobody gets paid.
:
On Sunday, November 3, 2002, at 06:14 PM, David W. Hodgins wrote:
-BEGIN PGP SIGNED MESSAGE-
The advantages really disappear, when the key used to sign the
message
isn't sent to the key servers {:.
Those who need to know, know.
You, I've never seen before. Even if you found
On Sat, 1 Mar 2003 16:14:58 -0600, Shawn K. Quinn [EMAIL PROTECTED] wrote:
At least two of my prior e-mail addresses made never ever spam these addresses lists (unlike remove lists, these are actually heeded by a lot of spamming vermin), so I know that this can work.
Where can one sign up to these
For those on this list from the Boston area there is a public
hearing on the Mass version of the Super-DMCA bill on Wed April 2nd
at 10 AM in Room 222 of the Mass State house in downtown Boston.
This might be a chance to find out who is sponsoring this
legislation and raise some
will depend on what server operators are trying to
accomplish. Some people just want to try to count unique visitors;
strangely enough, they might get more privacy-protective (and comparably
precise) results by issuing short-lived cookies.
--
Seth David Schoen [EMAIL PROTECTED] | Very frankly, I am
cost.
Or does hashcash only help moderated mailing lists (where it pays
the moderator for her time)? My current impression is that it will
benefit individual e-mail recipients but not help subscribers to large
unmoderated mailing lists.
--
Seth David Schoen [EMAIL PROTECTED] | Very frankly, I am
hosted on an IBM 4758.
-David Molnar
601 - 667 of 667 matches
Mail list logo
