On Fri, Jul 08, 2005 at 01:32:34PM -0400, Tyler Durden wrote:
That is interesting. One wonders if in certain circles of Russia people are
much more careful with their data and encrypting it. Who knows? A country
like that might evolve some fairly rigorous privacy procedures. Here in the
US
On Fri, Jul 08, 2005 at 01:32:34PM -0400, Tyler Durden wrote:
That is interesting. One wonders if in certain circles of Russia people are
much more careful with their data and encrypting it. Who knows? A country
like that might evolve some fairly rigorous privacy procedures. Here in the
US
On Mon, Mar 21, 2005 at 06:34:07PM -0800, Major Variola (ret) wrote:
Tangentially, I should note that there are modes of encryption which can be
scaled infinitely with parallel hardware; they use interleaved blocks so each
chip sees every Nth block of the real stream. So high clock rates are
http://theory.csail.mit.edu/~yiqun/shanote.pdf
No real details, just collisions for 80 round SHA-0 (which I just confirmed)
and 58 round SHA-1 (which I haven't bothered with), plus the now famous work
factor estimate of 2^69 for full SHA-1.
As usual, Technical details will be provided in a
http://theory.csail.mit.edu/~yiqun/shanote.pdf
No real details, just collisions for 80 round SHA-0 (which I just confirmed)
and 58 round SHA-1 (which I haven't bothered with), plus the now famous work
factor estimate of 2^69 for full SHA-1.
As usual, Technical details will be provided in a
On Tue, Oct 12, 2004 at 10:09:26AM -0500, Riad S. Wahby wrote:
Dave Howe [EMAIL PROTECTED] wrote:
And how many americans have a passport,and carry one for identification
purposes?
Probably not all that many.
Tangentially, I was once told that, at least in Massachusetts liquor
stores,
On Thu, Oct 07, 2004 at 06:19:43AM -0400, Sunder wrote:
SNIP
To prevent abuses of the system, the Markle task force recommended
anonymized technology, graduated levels of permission-based access and
automated auditing software constantly hunting for abuses.
{Huh? How would anonimized
On Thu, Oct 07, 2004 at 06:19:43AM -0400, Sunder wrote:
SNIP
To prevent abuses of the system, the Markle task force recommended
anonymized technology, graduated levels of permission-based access and
automated auditing software constantly hunting for abuses.
{Huh? How would anonimized
On Wed, Sep 08, 2004 at 12:44:39PM -0700, Major Variola (ret) wrote:
[...]
In an RSA cryptosystem the public exponent is typically low, often
3 or 65537 (for efficiency reasons only a few bits are set; the other
constraint is that your message, raised to that power, wraps in your
modulus,
On Wed, Sep 08, 2004 at 12:44:39PM -0700, Major Variola (ret) wrote:
[...]
In an RSA cryptosystem the public exponent is typically low, often
3 or 65537 (for efficiency reasons only a few bits are set; the other
constraint is that your message, raised to that power, wraps in your
modulus,
On Sat, Sep 04, 2004 at 09:50:14PM +0200, Nomen Nescio wrote:
Let's take our shining example of truth and freedom, the whistle-blower.
When they send out mail to the media or whomever, one of two things happens:
they see the story published or they don't. If not, there's no idea why: was
it
On Sat, Sep 04, 2004 at 09:50:14PM +0200, Nomen Nescio wrote:
Let's take our shining example of truth and freedom, the whistle-blower.
When they send out mail to the media or whomever, one of two things happens:
they see the story published or they don't. If not, there's no idea why: was
it
On Wed, Aug 04, 2004 at 11:04:15AM -0700, Hal Finney wrote:
[...]
The system will consume 10^25 * 60 nanowatts or about 6 * 10^17 watts.
Now, that's a lot. It's four times what the earth receives from the sun.
So we have to build a disk four times the area (not volume) of the earth,
collect
On Wed, Aug 04, 2004 at 11:04:15AM -0700, Hal Finney wrote:
[...]
The system will consume 10^25 * 60 nanowatts or about 6 * 10^17 watts.
Now, that's a lot. It's four times what the earth receives from the sun.
So we have to build a disk four times the area (not volume) of the earth,
collect
http://www.nytimes.com/2004/07/26/business/26verizon.html
Nextel, the official mobile provider to both conventions, is deploying its iDEN
network with encryption codes used by the National Security Agency to make sure
no one eavesdrops on all the deal making.
Anyone know what's up with this? I'm
http://www.nytimes.com/2004/07/26/business/26verizon.html
Nextel, the official mobile provider to both conventions, is deploying its iDEN
network with encryption codes used by the National Security Agency to make sure
no one eavesdrops on all the deal making.
Anyone know what's up with this? I'm
On Sun, Jul 18, 2004 at 07:31:59PM +0100, Dave Howe wrote:
OpenVPN is of course built on SSL, and can use either X509 certificates
or a preshared key for authentication. Sadly, there is no convenient way
to use DNS-SEC key records for OpenVPN.
How well is VoIP going to work over SSL/TLS
On Sun, Jul 18, 2004 at 08:53:35PM +0100, Dave Howe wrote:
That may have just been an artifact of a bad implementation, though. DTLS
might be a better pick for securing VoIP. There's also SRTP.
The strength of a pure VPN solution is that you aren't limited to *just*
VoIP - you can transfer
On Sun, Jul 18, 2004 at 08:53:35PM +0100, Dave Howe wrote:
That may have just been an artifact of a bad implementation, though. DTLS
might be a better pick for securing VoIP. There's also SRTP.
The strength of a pure VPN solution is that you aren't limited to *just*
VoIP - you can transfer
On Sun, Jul 18, 2004 at 07:31:59PM +0100, Dave Howe wrote:
OpenVPN is of course built on SSL, and can use either X509 certificates
or a preshared key for authentication. Sadly, there is no convenient way
to use DNS-SEC key records for OpenVPN.
How well is VoIP going to work over SSL/TLS
More recent phones from Sprint must support real GPS, since Qualcomm
offers chipsets with GPS support, which they wouldn't do unless their
only customers (Sprint phone manufacturers) wanted it.
I was looking at getting a Sprint phone last week - every model I looked at had
a GPS chip.
-J
The WRT54G clones are largely useful as very cheap Linux boxes with radio,
for individual homes and small scall meshes. They should be able to support a
few VPNs over typical ADSL/cable modem link bitrate, but for more serious
work I'd go with VIA's C5 family (1 GHz fanless, and hardware
The WRT54G clones are largely useful as very cheap Linux boxes with radio,
for individual homes and small scall meshes. They should be able to support a
few VPNs over typical ADSL/cable modem link bitrate, but for more serious
work I'd go with VIA's C5 family (1 GHz fanless, and hardware
On Wed, Jun 16, 2004 at 03:37:54AM +1200, Peter Gutmann wrote:
R. A. Hettinga [EMAIL PROTECTED] forwarded:
So now the NSA's secret is out. The Iranians have undoubtedly changed
their encryption machines, and the NSA has lost its source of Iranian
secrets. But little else is known. Who
So... don't give your account info to organized crime, and don't use Outlook,
and your risk is reduced by, what, 90%? And doing online banking from a Net
cafe... I mean really.
At least some of these numbers seem wrong. If nearly 2 million people got
ripped off last year, and at least 1.8 million
On Wed, Jun 16, 2004 at 03:37:54AM +1200, Peter Gutmann wrote:
R. A. Hettinga [EMAIL PROTECTED] forwarded:
So now the NSA's secret is out. The Iranians have undoubtedly changed
their encryption machines, and the NSA has lost its source of Iranian
secrets. But little else is known. Who
So... don't give your account info to organized crime, and don't use Outlook,
and your risk is reduced by, what, 90%? And doing online banking from a Net
cafe... I mean really.
At least some of these numbers seem wrong. If nearly 2 million people got
ripped off last year, and at least 1.8 million
On Tue, Jun 15, 2004 at 01:25:13PM -0700, John Young wrote:
[...]
Now, how about that story of Phil Zimmermann getting out
of prosecution by agreeing to a backdoor in PGP after 2.0?
A man swears Phil told him that face-to-face, man says
he disassembled the source code to see the damning
a) Why do I have the feeling that there is no way to tell which password a
piece of software is asking for when you thumb it. Does the host machine get
all of them and figure out which one it wants to use?
b) How hard is it to bypass the check and simply pull the complete set of
passwords out of
a) Why do I have the feeling that there is no way to tell which password a
piece of software is asking for when you thumb it. Does the host machine get
all of them and figure out which one it wants to use?
b) How hard is it to bypass the check and simply pull the complete set of
passwords out of
On Thu, May 13, 2004 at 09:32:40AM -0400, Sunder wrote:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci963348,00.html
'Whispering keyboards' could be next attack trend
By Niall McKay, Contributing Writer
11 May 2004 | SearchSecurity.com
OAKLAND -- Listen
On Thu, May 13, 2004 at 09:32:40AM -0400, Sunder wrote:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci963348,00.html
'Whispering keyboards' could be next attack trend
By Niall McKay, Contributing Writer
11 May 2004 | SearchSecurity.com
OAKLAND -- Listen
Like it matters. Do you really think that the government would really allow
Intel and AMD to sell CPUs that didn't have tiny transmitters in them? Your CPU
is actually transmitting every instruction it executes to the satellites.
On Mon, May 10, 2004 at 11:14:49AM -0700, Hasan Diwan wrote:
Like it matters. Do you really think that the government would really allow
Intel and AMD to sell CPUs that didn't have tiny transmitters in them? Your CPU
is actually transmitting every instruction it executes to the satellites.
On Mon, May 10, 2004 at 11:14:49AM -0700, Hasan Diwan wrote:
On Mon, Apr 26, 2004 at 11:18:52AM -0400, sunder wrote:
Jack Lloyd wrote:
Still, I liked this quote: 'I came to vote because wasting one's ballot
in a
democracy is a sin, he told the BBC.' Not too common a view in the US
these
days, it seems like.
What do you expect when the previous
On Tue, Apr 20, 2004 at 04:28:07PM +0100, Graham Lally wrote:
Current report:
http://news.bbc.co.uk/1/hi/world/south_asia/3641419.stm
The tech:
http://news.bbc.co.uk/1/hi/world/south_asia/3493474.stm
Bit scant on details.. anyone know anything more about how the machine
(/system) is
On Tue, Apr 20, 2004 at 04:28:07PM +0100, Graham Lally wrote:
Current report:
http://news.bbc.co.uk/1/hi/world/south_asia/3641419.stm
The tech:
http://news.bbc.co.uk/1/hi/world/south_asia/3493474.stm
Bit scant on details.. anyone know anything more about how the machine
(/system) is
I was curious about that. I notice now that Amtrak requires ID as well:
http://www.amtrak.com/idrequire.html
Does anyone know when this happened, or have experiences with having to
show ID on Amtrak?
Sometime before early January this year, at least (probably significantly
before).
I was curious about that. I notice now that Amtrak requires ID as well:
http://www.amtrak.com/idrequire.html
Does anyone know when this happened, or have experiences with having to
show ID on Amtrak?
Sometime before early January this year, at least (probably significantly
before).
On Thu, Mar 18, 2004 at 10:37:25AM -0800, Major Variola (ret.) wrote:
http://news.scotsman.com/scitech.cfm?id=312492004
If a nanniebot detects signs of paedophile activity, such as an adult posing
as a child, it sends out an alert.
I can't wait for two of them to meet and each decide the other
On Thu, Mar 18, 2004 at 10:37:25AM -0800, Major Variola (ret.) wrote:
http://news.scotsman.com/scitech.cfm?id=312492004
If a nanniebot detects signs of paedophile activity, such as an adult posing
as a child, it sends out an alert.
I can't wait for two of them to meet and each decide the other
We allow everyone to check the security for themselves, because
we're the only ones who publish the source code, said Rop Gonggrijp
We are currently performing a internal round of reviews with a expert
group of security researchers and cryptographers. Depending on the results
of this review
We allow everyone to check the security for themselves, because
we're the only ones who publish the source code, said Rop Gonggrijp
We are currently performing a internal round of reviews with a expert
group of security researchers and cryptographers. Depending on the results
of this review
I got one of these in early January, but I don't use e-gold. Probably they
hit everyone they can find an address for on the assumption that some of
them use e-gold. Even a small number of accounts could be quite profitable
for them. (Perhaps they are more selective, mailing people who post on
I got one of these in early January, but I don't use e-gold. Probably they
hit everyone they can find an address for on the assumption that some of
them use e-gold. Even a small number of accounts could be quite profitable
for them. (Perhaps they are more selective, mailing people who post on
On Tue, 21 Jan 2003, Trei, Peter wrote:
The song is sung by Jimmy Stewart, on camera, so a new soundtrack
would be tough.
Given that they can make dead actors dance in commercials, I can't imagine
it would be terribly difficult to do it. Though I know next to nothing
about video editing in
On Tue, 21 Jan 2003, Trei, Peter wrote:
However, in 1993, Republic Pictures started to assert control on
the basis that the song Buffalo Girls (which occurs many times
throughout the film) was still in copyright.
So, the film has effectively been removed from PD, after being in PD
for
On Tue, 21 Jan 2003, Trei, Peter wrote:
The song is sung by Jimmy Stewart, on camera, so a new soundtrack
would be tough.
Given that they can make dead actors dance in commercials, I can't imagine
it would be terribly difficult to do it. Though I know next to nothing
about video editing in
On Wed, 31 Jul 2002, A.Melon wrote:
and on the left hand side of the page it says:
At the moment, we do not support non-Javascript browsers.
If they are concerned about security, Shouldn't they be avoiding
javascript?
Shapiro has a strange love for Javascript. I don't know what that
On Wed, 31 Jul 2002, A.Melon wrote:
and on the left hand side of the page it says:
At the moment, we do not support non-Javascript browsers.
If they are concerned about security, Shouldn't they be avoiding
javascript?
Shapiro has a strange love for Javascript. I don't know what that
On Wed, 31 Jul 2002, Steve Schear wrote:
Looks amazingly familiar. Could it be, could be, could it be Mojo
Nation (now MNet http://mnet.sourceforge.net )?
Or OpenCM (http://www.opencm.org)
-Jack
On Wed, 31 Jul 2002, Steve Schear wrote:
Looks amazingly familiar. Could it be, could be, could it be Mojo
Nation (now MNet http://mnet.sourceforge.net )?
Or OpenCM (http://www.opencm.org)
-Jack
On Tue, 2 Jul 2002, Eric Cordian wrote:
[...]
I agree that making them mandatory requirements for new machines will do
more than enough, without having to bother to make old machines illegal.
Not even counting your computers, and my computers, and 500 million
computers already out in the
On Fri, 24 May 2002, Eric Murray wrote:
3. Is a relavent developer reference is available for X.509?
X.509 is an ITU/T standard, which means, among other things, that
they charge money for copies. You can find copies on the net though.
Depending on how good your local library is, they
On Fri, 24 May 2002, Eric Murray wrote:
3. Is a relavent developer reference is available for X.509?
X.509 is an ITU/T standard, which means, among other things, that
they charge money for copies. You can find copies on the net though.
Depending on how good your local library is, they
On Mon, 22 Apr 2002, Trei, Peter wrote:
So my suggestion is that while hardware accelaration of PRNGs may have
some usefulness, true RNGs need not have the same performance. I'd
rather see people work on making the true RNGs *trustworthy*, which is
a much more difficult problem.
Out of
56 matches
Mail list logo
