Peter Trei wrote:
Encrypted files on a portable device that you keep with you would
seem to be the best of all worlds.
any of the usb mini drives can manage that - just set them to autorun
Scramdisk Traveller and mount a SD volume from the device. just don't forget
to dismount it before you
Jim Choate [EMAIL PROTECTED] wrote:
But that changes the game in the middle of play, the sequence of digits
in pi is fixed, not random. You can't get a random number from a constant.
Otherwise it wouldn't be a constant.
PRNG output is fixed/repeatable too - that is a properly you *want* from a
On Sunday, April 28, 2002, at 07:32 AM, Jan Dobrucki wrote:
Greetings,
I've been reading the list for a while now, and what I find annoying
is that there are mostly American news and little about what's
happening in Europe. As little as I respect America, America is not
all of the world.
I don't think you get freelance IRA guys. Not with both
kneecaps, anyway.
might be surprised - donations from the states have apparently tailled off
(having been the subject of a terrorist attack themselves they seem less
willing to fund them) and they could do with the revenue - but you are
Jim Choate [EMAIL PROTECTED] gave us the benefit of the following
opinion:
It makes no sense to talk about 'cheapness of payment' from the
recipients
view. It costs them nothing to get paid (outside of whatever service
or
labor was involved in the exchange). You have your cognates reversed
Nope, Usually credit card transactions are free for the payer
Bullshit, they charge interest on the loans and such. You should
read your credit card bills closer.
Not sure if the rules are different over there then - after all, you add
on extra charges to the ticket price when you reach the
Microsoft also said open-source software is inherently less secure
because the code is available for the world to examine for flaws,
making it possible for hackers or criminals to exploit
them. Proprietary software, the company argued, is more secure because
of its closed nature.
Presumably the
Mike Rosing [EMAIL PROTECTED] wrote:
Having it be transparent where the user doesn't need to know
anything about how it works does not have to destroy the
effectiveness of digital signatures or crypto. When people sign a
document they don't know all the ramifications because few bother to
Mike Rosing [EMAIL PROTECTED] wrote:
Having it be transparent where the user doesn't need to know
anything about how it works does not have to destroy the
effectiveness of digital signatures or crypto. When people sign a
document they don't know all the ramifications because few bother to
Ben Laurie [EMAIL PROTECTED] was seen to declaim:
Albion Zeglin wrote:
Similar to DeCSS, only one Palladium chip needs to be reverse
engineered and it's key(s) broken to virtualize the machine.
If you break one machine's key:
a) You won't need to virtualise it
b) It won't be getting any new
at Monday, September 23, 2002 10:35 PM, Curt Smith
[EMAIL PROTECTED] was seen to say:
http://www.drivecrypt.com/dcplus.html
DriveCrypt Plus does everything you want. I believe it may
have descended from ScramDisk (Dave Barton's disk encryption
program).
As an aside - Dave Barton? Shaun
at Monday, September 30, 2002 7:52 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Is it practical for a particular group, for
example a corporation or a conspiracy, to whip up its own
damned root certificate, without buggering around with
verisign? (Of course fixing Microsoft's
at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
For encryption, STARTTLS, which protects more mail than all other
email encryption technology combined. See
http://www.cs.auckland.ac.nz/~pgut001/pubs/usenix02_slides.pdf
(towards the back).
I would
at Tuesday, October 01, 2002 6:10 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Not so. It turns out the command line is now different in PGP
6.5.8. It is now pgp -sta to clearsign, instead of pgp -sa.
(Needless to say the t option does not appear in pgp -h
*nods*
its in the 6.5
-BEGIN PGP SIGNED MESSAGE-
at Tuesday, October 01, 2002 9:04 PM, Petro [EMAIL PROTECTED] was seen
to say:
Well, it's a start. Every mail server (except mx1 and
mx2.prserv.net) should use TLS.
Its nice in theory, but in practice look how long it takes the bulk of
the
internet to
-BEGIN PGP SIGNED MESSAGE-
at Tuesday, October 01, 2002 9:04 PM, Petro [EMAIL PROTECTED] was
seen
to say:
Well, it's a start. Every mail server (except mx1 and
mx2.prserv.net) should use TLS.
Its nice in theory, but in practice look how long it takes the bulk
of the internet to
at Wednesday, October 02, 2002 3:13 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
As opposed to more conventional encryption, where you're protecting
nothing at any point along the chain, because 99.99% of the user base
can't/won't use it.
That is a different problem. if you assume that
I assume everyone knows the little arrangement that lotus
reached with the NSA over its encrypted secure email?
I'm new here, so do tell if I am wrong. Are you referring to the two
levels
of Encryption available in Bogus Notes?
More or less, yes. Lotus knew nobody would buy a 40 bit version
On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote:
The basic argument is that, if good encryption is available overseas
or easily downloadable, it doesn't make sense to make export of it
illegal.
Nope. The biggest name in software right now is Microsoft, who wasn't
willing to
Trei, Peter [EMAIL PROTECTED] wrote:
It was Sweden. They didn't really have an excuse - over a year
earlier,
Lotus announced their International version with details of the
Work
Factor Reduction Field at the RSA Conference. I immediately invented
the term 'espionage enabled' to describe this
at Saturday, October 12, 2002 2:01 AM, Steve Furlong
[EMAIL PROTECTED] was seen to say:
On Thursday 10 October 2002 13:13, Tim May wrote:
There are two advantages of web-based discussion fora over usenet:
propagation time and firewalls.
Not sure about that - propagation time is a issue of
at Wednesday, October 16, 2002 2:01 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
Though it has a large key length greater than or equal
to the plain text,why would it be insecure if we can
use a good pseudo random number generators,store the
bits produced on a taper proof medium.
because
at Monday, October 21, 2002 3:14 PM, Trei, Peter
[EMAIL PROTECTED] was seen to say:
I'd be nervous about a availability with centralized servers,
even if they are triple redundant with two sites. DDOS
attacks, infrastructure (backhoe) attacks, etc, could all
wreck havoc.
Indeed so, yes.
I
at Monday, October 21, 2002 4:20 PM, Eric Murray [EMAIL PROTECTED] was
seen to say:
Looking at their web site, they seem pretty generic about
what it's for, but I did not see any mention of using it for payments.
So I assume it's for logins.
well, I was working from:
The Quizid registry
The
at Thursday, October 17, 2002 4:54 AM, Morlock Elloi
Also, if regular cheapo PC sounboards can digitize 30 MHz (and
Nyquist says this requires 60 MHz sampling rate) then some product
managers need ... flogging.
If I am reading this correctly, they don't need to - a fixed-frequency
first mixer
at Wednesday, October 16, 2002 6:13 PM, Bill Frantz
[EMAIL PROTECTED] was seen to say:
OTP is also good when:
(1) You can solve the key distribution problem.
Its certainly usable provided key distribution isn't an issue - if it is
also worth the trouble and expense is another matter.
(2) You
at Thursday, October 17, 2002 4:38 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
He wanted to know how I was able to do XOR on P(0) and
P(1) when xor is defined only on binary digits.
you don't.
P(x) is a probability of digit x in the output. ideally, P(0)=P(1)=0.5
(obviously in binary, only
at Wednesday, October 16, 2002 7:17 PM, David E. Weekly
[EMAIL PROTECTED] was seen to say:
As for PKI being secure for 20,000 years, it sure as hell won't be if
those million-qubit prototypes turn out to be worth their salt.
I wasn't aware they even had a dozen-qbit prototypes functional yet -
at Saturday, October 26, 2002 1:18 AM, Tim May [EMAIL PROTECTED] was seen
to say:
Yes, but check very carefully whether one is in violation of the
anti-hacking laws (viz. DMCA). By some readings of the laws, merely
trying to break a cipher is ipso fact a violation.
IIRC, you can't be arrested
at Monday, November 04, 2002 2:28 AM, Tim May [EMAIL PROTECTED] was seen
to say:
Those who need to know, know.
Which of course is a viable model, provided you are only using your key
for private email to those who need to know
if you are using it for signatures posted to a mailing list though, it
at Monday, November 04, 2002 3:13 PM, Tyler Durden
This is an interesting issue...how much information can be gleaned
from encrypted payloads?
Usually, the VPN is an encrypted tunnel from a specified IP (individual
pc or lan) to another specified IP (the outer marker of the lan, usually
the
at Thursday, November 21, 2002 2:26 PM, Sarad AV
[EMAIL PROTECTED] was seen to say:
'A' uses a very strong crytographic algorithm which
would be forced out by rubber horse cryptanalysis
Now if Aice could give another key k` such that the
cipher text (c) decrypts to another dummy plain
at Monday, December 02, 2002 8:42 AM, Eugen Leitl [EMAIL PROTECTED] was
seen to say:
No, an orthogonal identifier is sufficient. In fact, DNS loc would be
a good start.
I think what I am trying to say is - given a normal internet user
using IPv4 software that wants to connect to someone in the
at Tuesday, December 17, 2002 5:33 AM, the following Choatisms were
heard:
Nobody (but perhaps you by inference) is claiming it is identical,
however, it -is- a broadcast (just consider how a packet gets routed,
consider the TTL for example or how a ping works).
ping packets aren't routed any
at Tuesday, January 07, 2003 1:14 AM, Michael Motyka [EMAIL PROTECTED]
was seen to say:
financial resources,
other than those that pass through verified identity
gatekeepers;
That's an odd way to spell Campaign Fund Contributing Corporations
at Friday, January 24, 2003 4:53 PM, Mike Rosing [EMAIL PROTECTED]
was seen to say:
Thanks Eugen, It looks like the IBM TPM chip is only a key
store read/write device. It has no code space for the kind of
security discussed in the TCPA. The user still controls the machine
and can still
at Wednesday, January 29, 2003 11:18 PM, Bill Frantz
[EMAIL PROTECTED] was seen to say:
Back a few years ago, probably back during the great gas crisis (i.e.
OPEC) years, there were a lot of small companies working on solar
power. As far as I know, they were all bought up by oil companies.
Of
at Friday, January 31, 2003 2:18 AM, Peter Gutmann
[EMAIL PROTECTED] was seen to say:
schnipp
More particularly, governments are likely to want to explore the
issues related to potential foreign control/influence over domestic
governmental use/access to domestic government held data.
In
No, the various provisions of the Constitution, flawed though it is,
make it clear that there is no prove that you are not guilty
provision (unless you're a Jap, or the government wants your land, or
someone says that you are disrespectful of colored people).
Unfortuately, this is not true in
at Thursday, February 06, 2003 11:21 AM, Pete Capelli
Then which one of these groups does the federal government fall
under, when they use crypto? In the feds opinion, of course. Or do
they believe that their use of crypto is the only wholesome one?
Terrorism of course, using their own
at Thursday, February 06, 2003 2:34 PM, Tyler Durden
[EMAIL PROTECTED] was seen to say:
I've got a question...
If you actually care about the NSA or KGB doing a low-level
magnetic scan to recover data from your disk drives,
you need to be using an encrypted file system, period, no questions.
at Thursday, February 06, 2003 3:44 PM, Peter Fairbrother
[EMAIL PROTECTED] was seen to say:
David Howe wrote:
a) it's not law yet, and may never become law. It's an Act of
Parliament, but it's two-and-a-bit years old and still isn't in
force. No signs of that happening either, except a few
at Thursday, February 06, 2003 4:48 PM, Chris Ball
[EMAIL PROTECTED] was seen to say:
Another point is that ``normal'' constables aren't able to action the
request; they have to be approved by the Chief Constable of a police
force, or the head of a relevant Government department. The full text
at Monday, February 10, 2003 3:09 AM, Jim Choate
[EMAIL PROTECTED] was seen to say:
On Mon, 10 Feb 2003, Dave Howe wrote:
no, lilo is. if you you can mount a pgpdisk (say) without software,
then you are obviously much more talented than I am :)
Bullshit. lilo isn't doing -anything- at that
at Monday, February 10, 2003 3:20 AM, Jim Choate
[EMAIL PROTECTED] was seen to say:
On Sun, 9 Feb 2003, Sunder wrote:
The OS doesn't boot until you type in your passphrase, plug in your
USB fob, etc. and allow it to read the key. Like, Duh! You know,
you really ought to stop smoking crack.
at Thursday, February 20, 2003 2:04 AM, Harmon Seaver
[EMAIL PROTECTED] was seen to say:
The real school of the future won't have classrooms at all, and no
teachers as we now know them. Instead there will be workstations
with VR helmets and a number of software gurus in the machine
at Thursday, February 20, 2003 1:28 AM, Harmon Seaver
[EMAIL PROTECTED] was seen to say:
No oil but lots of dope, especially lots of high grade opium and
the CIA and the US scum military has been just desperate to get
control of the world heroin trade again like they did in Vietnam days.
at Friday, February 21, 2003 4:44 PM, James A. Donald
[EMAIL PROTECTED] was seen to say:
Highly capitalist nations do not murder millions.
but their highly capitalist companies sometimes do. is this a meaningful
distinction?
at Thursday, March 06, 2003 5:02 PM, Ed Gerck [EMAIL PROTECTED] was
seen
to say:
On the other hand, photographing a paper receipt behind a glass,
which
receipt is printed after your vote choices are final, is not
readily
deniable because that receipt is printed only after you confirm
at Wednesday, March 19, 2003 3:39 AM, Keith Ray [EMAIL PROTECTED] was
seen to say:
Which resolution took away any Member State's authority to all
necessary means to uphold resolution 690?
I think the problem here is who gets to define what is necessary - the
UN Security council thinks it is
at Thursday, March 27, 2003 6:36 AM, Sarad AV [EMAIL PROTECTED]
was seen to say:
there is a lot of self imposed sensor ship in US on
the war.The Us pows's shown on al-jazeera were not
broadcasted over Us and those sites which had pictures
of POW's were removed as unethical graphics on web
at Tuesday, April 01, 2003 11:53 PM, Kevin S. Van Horn
[EMAIL PROTECTED] was seen to say:
What's a legitimate government? One with enough firepower to make its
rule stick?
One with real (not imagined) WMD to frighten off american presidents. NK
being a good example...
52 matches
Mail list logo
