- Original Message -
From: [EMAIL PROTECTED]
To: Tim May [EMAIL PROTECTED]; Eugen Leitl [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Sunday, April 21, 2002 1:33 PM
Subject: CDR: Re: Two ideas for random number generation
Why would one want to implement a PRNG in silicon, when one can
- Original Message -
From: Eugen Leitl [EMAIL PROTECTED]
On Mon, 22 Apr 2002, Tim May wrote:
What real-life examples can you name where Gbit rates of random digits
are actually needed?
Multimedia streams, routers. If I want to secure a near-future 10 GBit
Ethernet stream with a
- Original Message -
From: gfgs pedo [EMAIL PROTECTED]
Oh surely you can do better than that - making it
hard to guess the seed
is also clearly a desirable property (and one that
the square root rng
does not have).
U can choose any arbitrary seed(greater than 100 bits
as
Everything I'm about to say should be taken purely as an analytical
discussion of possible solutions in light of the possibilities for the
future. For various reasons I discourage performing the analyzed alterations
to any electronic device, it will damage certain parts of the functionality
of
- Original Message -
From: Neil Johnson [EMAIL PROTECTED]
To: Joseph Ashwood [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Friday, May 31, 2002 6:59 PM
Subject: Re: FC: Hollywood wants to plug analog hole, regulate A-D
On Sunday 02 June 2002 08:24 pm, Joseph Ashwood wrote:
The MPAA
- Original Message -
From: [EMAIL PROTECTED]
Subject: Re: CDR: RE: Degrees of Freedom vs. Hollywood Control Freaks
Ok, somebody correct me if I'm wrong here, but didn't they officially
cease
production of vinyl pressings several years ago? As in *all* vinyl
pressings???
They
- Original Message -
From: Lucky Green [EMAIL PROTECTED]
Joseph Ashwood wrote:
This looks like just a
pilot program. Watch the normal piracy channels though, if
Harry Potter shows up stronger than other releases
Macrovision will be around a while. But if Harry Potter isn't
Subject: CDR: Piracy is wrong
This shouldn't have to be said, but apparently it is necessary.
Which is a correct statement, but an incorrect line of thinking. Piracy is
an illegitimate use of a designed in hole in the security, the ability to
copy. This right to copy for personal use is well
- Original Message -
From: Ryan Lackey [EMAIL PROTECTED]
I consider DRM systems (even the not-secure, not-mandated versions)
evil due to the high likelyhood they will be used as technical
building blocks upon which to deploy mandated, draconian DRM systems.
The same argument can be
- Original Message -
From: Anonymous [EMAIL PROTECTED]
Ross Anderson's paper at
http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf
has been mostly discussed for what it says about the TCPA. But the
first part of the paper is equally interesting.
Ross Andseron's approximate
- Original Message -
From: AARG! Anonymous [EMAIL PROTECTED]
[brief description of Document Revocation List]
Seth's scheme doesn't rely on TCPA/Palladium.
Actually it does, in order to make it valuable. Without a hardware assist,
the attack works like this:
Hack your software (which is
- Original Message -
From: Eugen Leitl [EMAIL PROTECTED]
Can anyone shed some light on this?
Because of the sophistication of modern processors there are too many
variables too be optimized easily, and doing so can be extremely costly.
Because of this diversity, many compilers use
I need to correct myself.
- Original Message -
From: Joseph Ashwood [EMAIL PROTECTED]
Suspiciously absent though is the requirement for symmetric encryption
(page
4 is easiest to see this). This presents a potential security issue, and
certainly a barrier to its use for non
- Original Message -
From: Mike Rosing [EMAIL PROTECTED]
Are you now admitting TCPA is broken?
I freely admit that I haven't made it completely through the TCPA
specification. However it seems to be, at least in effect although not
exactly, a motherboard bound smartcard.
Because it is
Lately on both of these lists there has been quite some discussion about
TCPA and Palladium, the good, the bad, the ugly, and the anonymous. :)
However there is something that is very much worth noting, at least about
TCPA.
There is nothing stopping a virtualized version being created.
There is
- Original Message -
From: Ben Laurie [EMAIL PROTECTED]
The important part for this, is that TCPA has no key until it has an
owner,
and the owner can wipe the TCPA at any time. From what I can tell this
was
designed for resale of components, but is perfectly suitable as a point
of
- Original Message -
From: Ben Laurie [EMAIL PROTECTED]
Joseph Ashwood wrote:
There is nothing stopping a virtualized version being created.
What prevents this from being useful is the lack of an appropriate
certificate for the private key in the TPM.
Actually that does nothing
- Original Message -
From: Eric Cordian [EMAIL PROTECTED]
Although I appear to have been the final catalyst for the discussion of
unemployment. I agree with pretty much everything Eric Cordian said. In fact
my current state of lack of work, has little to do with lack of employment,
I am
- Original Message -
From: James A. Donald [EMAIL PROTECTED]
What email encryption is actually in use?
In my experience PGP is the most used.
When I get a PGP encrypted message, I usually cannot read it --
it is sent to my dud key or something somehow goes wrong.
Then you are
to the
security of anyone/group that makes use of it.
- Original Message -
From: James A. Donald [EMAIL PROTECTED]
Subject: Clarification of challenge to Joseph Ashwood:
Joseph Ashwood:
So it's going to be broken by design. These are critical
errors that will eliminate any semblance
- Original Message -
From: Thomas Shaddack [EMAIL PROTECTED]
To: Harmon Seaver [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, February 01, 2003 4:42 PM
Subject: CDR: Re: Shuttle Diplomacy
[snip conspiracy theory]
Especially in this case, I'd bet my shoes on Murphy; Columbia was
I was just wondering if anyone has a digital certificate issuing system I
could get a few certificates issued from. Trust is not an issue since these
are development-only certs, and won't be used for anything except testing
purposes.
The development is for an open source PKCS #11 test suite.
- Original Message -
From: Eric Murray [EMAIL PROTECTED]
Subject: CDR: Re: Digital Certificates
On Tue, Feb 18, 2003 at 01:22:21PM -0800, Joseph Ashwood wrote:
I was just wondering if anyone has a digital certificate issuing system
I
could get a few certificates issued from. Trust
First let me say that I am anti-war. Maybe it is just because I've changed
from being purely a tech player to now owning Trust Laboratories, and so
primarily being a businessman, but I see things slightly differently from
the WSJ.
- Original Message -
From: Tim May [EMAIL PROTECTED]
Subject: [cdr] Re: Digital cash and campaign finance reform
There are too many loopholes to close.
I think that's the smartest thing any one of us has said on this topic.
Joe
- Original Message -
From: John Gilmore [EMAIL PROTECTED]
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, June 17, 2004 10:31 AM
Subject: Re: A National ID: AAMVA's Unique ID
The solution then is obvious, don't have a big central database. Instead
use
a distributed database.
- Original Message -
From: Major Variola (ret) [EMAIL PROTECTED]
Subject: Mixmaster is dead, long live wardriving
At 07:47 PM 12/9/04 -0800, Joseph Ashwood wrote:
If the Klan doesn't have
a right to wear pillowcases what makes you think mixmaster will
survive?
Well besides
- Original Message -
From: Major Variola (ret) [EMAIL PROTECTED]
Subject: punkly current events
If the Klan doesn't have
a right to wear pillowcases what makes you think mixmaster will
survive?
Well besides the misinterprettaion of the ruling, which I will ignore, what
makes you think
- Original Message -
From: Shawn K. Quinn [EMAIL PROTECTED]
Subject: Re: Dell to Add Security Chip to PCs
Isn't it possible to emulate the TCPA chip in software, using one's own
RSA key, and thus signing whatever you damn well please with it instead
of whatever the chip wants to sign?
- Original Message -
From: James A. Donald [EMAIL PROTECTED]
Subject: Re: SHA1 broken?
2^69 is damn near unbreakable.
I believe you are incorrect in this statement. It is a matter of public
record that RSA Security's DES Challenge II was broken in 72 hours by
$250,000 worth of
- Original Message -
From: Dave Howe [EMAIL PROTECTED]
Sent: Thursday, February 17, 2005 2:49 AM
Subject: Re: SHA1 broken?
Joseph Ashwood wrote:
I believe you are incorrect in this statement. It is a matter of public
record that RSA Security's DES Challenge II was broken in 72 hours
- Original Message -
From: Dave Howe [EMAIL PROTECTED]
Subject: Re: SHA1 broken?
Indeed so. however, the argument in 1998, a FPGA machine broke a DES
key in 72 hours, therefore TODAY... assumes that (a) the problems are
comparable, and (b) that moores law has been applied to FPGAs
- Original Message -
Subject: [Tom Berson Skype Security Evaluation]
Tom Berson's conclusion is incorrect. One needs only to take a look at the
publicly available information. I couldn't find an immediate reference
directly from the Skype website, but it uses 1024-bit RSA keys, the
33 matches
Mail list logo