-Original Message-
From: IBM Mainframe Discussion List On Behalf Of DASDBILL2
Of course they didn't use the Heartbleed bug for at least the last two years.
How do I know? Because
the NSA said they weren't even aware of it, so how could they possibly have
used it?
“NSA was
The NSA employs able people entirely capable of discovering the
recently identified vulnerability in OpenSSL, the so-called Heartbleed
vulnerability.
It says, however, that it was not aware of this particular
vulnerability; and I believe it.
There is 1) no need to impute omniscience to the NSA;
NSA used the Heartbeat bug for at least the last two years.
http://www.motherjones.com/politics/2014/04/heartbleed-bug-internet-security-ssl
On Thu, Dec 5, 2013 at 5:41 PM, Paul Gilmartin paulgboul...@aim.com wrote:
On Thu, 5 Dec 2013 15:19:55 -0600, Mike Schwab mike.a.sch...@gmail.com
wrote:
I was watching the screen roll by on Bloomberg and it said CISCO, Juniper
and Android were affected.
2/3 of Internet was quoted.
In a message dated 4/11/2014 3:33:36 P.M. Central Daylight Time,
mike.a.sch...@gmail.com writes:
NSA used the Heartbeat bug for at least the last two years.
the following words and/or
phrases: NSA, aware, recently, so-called, public, report, otherwise, wrong.
Bill Fairchild
- Original Message -
From: Mike Schwab mike.a.sch...@gmail.com
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Friday, April 11, 2014 3:33:26 PM
Subject: Re: NSA foils much internet
would expect to challenge such an order if served on me.
- Original Message -
From: Paul Gilmartin paulgboul...@aim.com
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Thursday, December 5, 2013 5:41:59 PM
Subject: Re: NSA foils much internet encryption
On Thu, 5 Dec 2013 15:19:55 -0600, Mike
On Fri, 6 Dec 2013 14:58:36 +, DASDBILL2 wrote:
Apple's lawyers are very clever. As lawyers all know, show them a law (e.g.,
Section 215 of the USA Patriot Act) and they will show you a loophole (e.g.,
warrant canary).
Perhaps the DoHS lawyers are also clever. I wonder whether they'd
There is a large legal literature of omisses, instances of omissis.
The upshot is that failing to do something that is positively required
is actionable but that negative omissis, failing to renew a guarantee,
offer a refund, make paint in the color burnt umber, etc.,etc., is
not.
John Gilmore,
Why did the NSA even bother to get a internet tap, when they could
have just re-routed packets through their servers?
(Maybe the extra delay is causing our messages to be re-sent creating
duplicate messages?)
http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/
Earlier this
Microsoft finally woke up.
http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/05/microsoft-u-s-government-is-a-potential-security-threat/
Microsoft is trying to change the terms of the NSA debate — literally.
The company is labeling any government effort to spy on its online
On Thu, 5 Dec 2013 15:19:55 -0600, Mike Schwab mike.a.sch...@gmail.com wrote:
Microsoft finally woke up.
http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/05/microsoft-u-s-government-is-a-potential-security-threat/
Microsoft is trying to change the terms of the NSA debate � literally.
http://www.bbc.co.uk/news/technology-24429332
NSA using old versions of Firefox to infect PCs in order to identify TOR users.
NSA unable to break TOR itself.
GO TOR developer U.S. Navy (who needed a secure way to share messages
with submarines).
On Wed, Sep 25, 2013 at 8:23 AM, John Gilmore
TOR is in fact quite a good one, but it is only incidentally an
encryption scheme.
It is a superb mechanism for preserving the anonymity of the origin of
an internet communication and/or, at the expense of a little
complication, obscuring its actual [intermediate] destination as
opposed to its
The WIRED piece Mike Schwab provided a link to recounts things that
are commonplaces within the crypto community; but it is a useful brief
conspectus for others.
Worth remembering is that these situations are always layered.
Duiring the Korean War it was usual for the Chinese to plant two or
more
The the implications of the post by J.P. are entirely correct; but the
post itself is---I don't mean this pejoratively---a little naif.
Naivety is intended to caricature the point :)
The NSA cannot be expected to advocate the use of an encryption scheme
that it has not already broken, and
ip4w...@gmail.com (J.P.) writes:
Would just like to add what I've heared from several sources:
Crypto is mostly solid, but implementations are weak.
re:
http://www.garlic.com/~lynn/2013l.html#55 NSA foils much internet encryption
http://www.garlic.com/~lynn/2013l.html#56 NSA foils much internet
l...@garlic.com (Anne Lynn Wheeler) writes:
locations around the globe. As a result, I've periodically commented
that even if the globe was buried under miles of information hiding
encryption, that it would stop information leakage.
re:
http://www.garlic.com/~lynn/2013m.html#10
oops, finger
http://www.wired.com/threatlevel/2013/09/nsa-backdoor/all/
On Mon, Sep 16, 2013 at 3:37 PM, John Gilmore jwgli...@gmail.com wrote:
The the implications of the post by J.P. are entirely correct; but the
post itself is---I don't mean this pejoratively---a little naif.
The NSA cannot be expected
“NIST would not deliberately weaken a cryptographic standard.”
(But the NSA wouldn't let a cryptographic standard out the door unless they
could decode it. - Mike Schwab).
http://www.scientificamerican.com/article.cfm?id=nsa-nist-encryption-scandal
Computer scientists for years suspected that
In 8913686268300756.wa.ip4workgmail@listserv.ua.edu, on
09/16/2013
at 10:56 AM, J.P. ip4w...@gmail.com said:
NSA is pushing ecliptic curves
NSA is into astronomy?
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
Atid/2http://patriot.net/~shmuel
We don't care. We don't
:)
Maybe this gets their attention back? (hopefully few of the list usual readers
also:)
Been reading a bit on the subject, and one detail caught my eye...
... NSA is pushing ecliptic curves since 2009 as the next best thing (guess
why;)
ip4w...@gmail.com (J.P.) writes:
Maybe this gets their attention back? (hopefully few of the list usual
readers also:)
Been reading a bit on the subject, and one detail caught my eye...
... NSA is pushing ecliptic curves since 2009 as the next best thing (guess
why;)
re:
http://www.garlic.com/~lynn/2013l.html#55 NSA foils much internet encryption
other trivia ... ECC original invented Miller at IBM Yorktown
http://en.wikipedia.org/wiki/Victor_S._Miller
followed by Koblitz at UofW
http://en.wikipedia.org/wiki/Neal_Koblitz
Miller had been in the Yorktown 801
The the implications of the post by J.P. are entirely correct; but the
post itself is---I don't mean this pejoratively---a little naif.
The NSA cannot be expected to advocate the use of an encryption scheme
that it has not already broken, and this behavior does not seem to me
to be villainous.
On 16 September 2013 16:04, Anne Lynn Wheeler l...@garlic.com wrote:
re:
http://www.garlic.com/~lynn/2013l.html#55 NSA foils much internet encryption
other trivia ... ECC original invented Miller at IBM Yorktown
http://en.wikipedia.org/wiki/Victor_S._Miller
followed by Koblitz at UofW
http
More Snowden documents have been reviewed by the New York Times, which
this afternoon concluded that
begin extract
The agency has circumvented or cracked much of the encryption, or
digital scrambling, that guards global commerce and banking systems,
protects sensitive data like trade secrets and
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
Behalf Of John Gilmore
Sent: Thursday, September 05, 2013 2:43 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: NSA foils much internet encryption
More Snowden documents have been reviewed by the New York
But I have heard that they quit monitoring IBM-MAIN, RACF-L,
ASSEMBLER-L, et al. Too much stress.
On 9/5/2013 2:42 PM, John Gilmore wrote:
More Snowden documents have been reviewed by the New York Times, which
this afternoon concluded that
begin extract
The agency has circumvented
28 matches
Mail list logo