On Wed, 06 Nov 2013 08:50:06 +0900, Masataka Ohta said:
valdis.kletni...@vt.edu wrote:
How do you intend to *find* the agents
who were hired at a government agency's under-the-table request that
never had a written record that the company had access to?
By memories of those who are at
valdis.kletni...@vt.edu wrote:
You still haven't explained how the memories of those who are at the table
help, when the NSA plant has very good reasons to say they're not an NSA
plant, and you haven't explained how you can show they *are* a plant.
That is a problem between NSA, which
valdis.kletni...@vt.edu wrote:
How do you intend to *find* the agents
who were hired at a government agency's under-the-table request that
never had a written record that the company had access to?
By memories of those who are at the table.
So one of the two people at the table you don't
Judging from this NSA ad, keep an eye out minority disabled females..
[image: Inline image 1]
On Sun, Nov 3, 2013 at 8:04 PM, valdis.kletni...@vt.edu wrote:
On Mon, 04 Nov 2013 09:14:40 +0900, Masataka Ohta said:
valdis.kletni...@vt.edu wrote:
How do you intend to *find* the agents
On Sat, 02 Nov 2013 11:30:57 +0900, Masataka Ohta said:
George Herbert wrote:
Anyone familiar with secure organizations will realize this as the
internal witch hunt problem.
No hunting necessary to fire those agents who are hired at the
request of NSA/CIA.
Do you *really* think that HR
valdis.kletni...@vt.edu wrote:
How do you intend to *find* the agents
who were hired at a government agency's under-the-table request that
never had a written record that the company had access to?
By memories of those who are at the table.
On Mon, 04 Nov 2013 09:14:40 +0900, Masataka Ohta said:
valdis.kletni...@vt.edu wrote:
How do you intend to *find* the agents
who were hired at a government agency's under-the-table request that
never had a written record that the company had access to?
By memories of those who are at
On Fri, Nov 1, 2013 at 7:18 PM, Mike Lyon mike.l...@gmail.com wrote:
So even if Goog or Yahoo encrypt their data between DCs, what stops
the NSA from decrypting that data? Or would it be done simply to make
their lives a bit more of a PiTA to get the data they want?
-Mike
I'm just gonna
On 11/01/2013 07:18 PM, Mike Lyon wrote:
So even if Goog or Yahoo encrypt their data between DCs, what stops
the NSA from decrypting that data? Or would it be done simply to make
their lives a bit more of a PiTA to get the data they want?
My bet is that when the said the were partially
On Fri, Nov 1, 2013 at 10:40 PM, joel jaeggli joe...@bogus.com wrote:
On Nov 1, 2013, at 7:06 PM, Harry Hoffman hhoff...@ip-solutions.net
wrote:
That's with a recommendation of using RC4.
it’s also with 1024 bit keys in the key exchange.
Better leverage quantum encryption tech to exchange
On Thu, Oct 31, 2013 at 11:26 PM, Michael Still mi...@stillhq.com wrote:
[snip]
Its about the CPU cost of the crypto. I was once told the number of
CPUs required to do SSL on web search (which I have now forgotten) and
it was a bigger number than you'd expect -- certainly hundreds.
So,
8:27 PM
To: Jimmy Hess
Cc: NANOG
Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo
DC-to-DC traffic
On Thu, Oct 31, 2013 at 5:53 PM, Jimmy Hess mysi...@gmail.com wrote:
On Thu, Oct 31, 2013 at 7:24 PM, Matthew Petach
mpet...@netflight.comwrote:
On Thu, Oct 31, 2013 at 7
Hey expanoit,
There was a small part that jumped out at me when I read the article
earlier:
In recent years, both of them are said to have bought
or leased thousands of miles of fiber-optic cables for their own exclusive
use. They had reason to think, insiders said, that their private, internal
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=truearnumber=1494884
They must be hiding their content, for fear that flaws be pointed
out.
it's the ieee. what they're hiding is a last century business model.
randy
For encryption of traffic between datacenters;There should be very
little session setup and teardown (very few public key operations);
almost all the crypto load would be symmetric cryptography.
trivial at 9600 baud between google datacenters
On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk anthonyrj...@gmail.com wrote:
...
It seems as if both Yahoo and Google assumed that since they were private
circuits that they didn't have to encrypt.
I actually cannot see them assuming that. Google
and Yahoo engineers are smart, and taping fibres
On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk anthonyrj...@gmail.com wrote:
...
It seems as if both Yahoo and Google assumed that since they were private
circuits that they didn't have to encrypt.
I actually cannot see them assuming that.
I still have some one time pads if you are good writing fast ...
-J
On Fri, Nov 1, 2013 at 11:26 AM, Randy Bush ra...@psg.com wrote:
For encryption of traffic between datacenters;There should be very
little session setup and teardown (very few public key operations);
almost all the
On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
[...]
Given what we now know about the breadth of the NSA operations, and the
likelihood that this is still only the tip of the iceberg - would anyone
still point to NSA guidance on avoiding monitoring with any sort of
confidence?
There has
On Sat, November 2, 2013 6:44 am, David Miller wrote:
On 11/01/2013 01:08 PM, Gary Buhrmaster wrote:
On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk anthonyrj...@gmail.com
wrote:
...
It seems as if both Yahoo and Google assumed that since they were
private
circuits that they didn't have to
On 11/1/13, 1:08 PM, Gary Buhrmaster gary.buhrmas...@gmail.com wrote:
On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk anthonyrj...@gmail.com
wrote:
...
It seems as if both Yahoo and Google assumed that since they were
private
circuits that they didn't have to encrypt.
I actually cannot see them
* mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]:
Its about the CPU cost of the crypto. I was once told the number of
CPUs required to do SSL on web search (which I have now forgotten)
and it was a bigger number than you'd expect -- certainly hundreds.
False:
On Fri, Nov 1, 2013 at 3:26 PM, Niels Bakker niels=na...@bakker.net wrote:
* mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]:
Its about the CPU cost of the crypto. I was once told the number of CPUs
required to do SSL on web search (which I have now forgotten) and it was a
Anthony Junk wrote:
It seems as if both Yahoo and Google assumed that since they were
private circuits that they didn't have to encrypt.
According to Snowden, there are government agents at key
positions for managing security.
When they declare the private circuits are secure, no one
else in
On Fri, Nov 1, 2013 at 4:01 PM, Masataka Ohta
mo...@necom830.hpcl.titech.ac.jp wrote:
Anthony Junk wrote:
It seems as if both Yahoo and Google assumed that since they were
private circuits that they didn't have to encrypt.
According to Snowden, there are government agents at key
Anyone familiar with secure organizations
there are such things?
we should be more cautious with absolutes, usually :)
On Fri, Nov 1, 2013 at 4:37 PM, Randy Bush ra...@psg.com wrote:
Anyone familiar with secure organizations
there are such things?
we should be more cautious with absolutes, usually :)
Nothing is absolute, but there are certainly white organizations which
have no attempt to be secure, and
--
According to Snowden, there are government agents at key
positions for managing security.
-
And zero documented proof. I'll just go ahead and put my tinfoil hat on
for the remainder of this thread.
On Fri, Nov 1, 2013 at 6:37 PM, Randy Bush
And zero documented proof. I'll just go ahead and put my tinfoil hat on
for the remainder of this thread.
http://www.antipope.org/charlie/blog-static/2013/10/spook-century.html
That's with a recommendation of using RC4.
Head on over to the Wikipedia page for SSL/TLS and then decide if you want rc4
to be your preference when trying to defend against a adversary with the
resources of a nation-state.
Cheers,
Harry
Niels Bakker niels=na...@bakker.net wrote:
*
So even if Goog or Yahoo encrypt their data between DCs, what stops
the NSA from decrypting that data? Or would it be done simply to make
their lives a bit more of a PiTA to get the data they want?
-Mike
On Nov 1, 2013, at 19:08, Harry Hoffman hhoff...@ip-solutions.net wrote:
That's with a
George Herbert wrote:
Anyone familiar with secure organizations will realize this as the
internal witch hunt problem.
No hunting necessary to fire those agents who are hired at the
request of NSA/CIA.
It is also reasonable to fire those who are hired by the agents,
recursively.
So, I'm not sure if I'm being too simple-minded in my response. Please let me
know if I am.
The purpose of encrypting data is so others can't read your secrets.
If you use a simple substitution cipher it's pretty easy to derive the set of
substitution rules used.
Stronger encryption algorithms
So the latter, PITA, reason then...
-Mike
On Nov 1, 2013, at 19:32, Harry Hoffman hhoff...@ip-solutions.net wrote:
So, I'm not sure if I'm being too simple-minded in my response. Please let me
know if I am.
The purpose of encrypting data is so others can't read your secrets.
If you use
On Nov 1, 2013, at 7:18 PM, Mike Lyon mike.l...@gmail.com wrote:
So even if Goog or Yahoo encrypt their data between DCs, what stops
the NSA from decrypting that data? Or would it be done simply to make
their lives a bit more of a PiTA to get the data they want?
Markhov chain text generators
Bakker niels=na...@bakker.net; nanog@nanog.org
Sent: Friday, November 1, 2013 7:32 PM
Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo
DC-to-DC traffic
So, I'm not sure if I'm being too simple-minded in my response. Please
let me know if I am.
The purpose of encrypting
On Nov 1, 2013, at 7:06 PM, Harry Hoffman hhoff...@ip-solutions.net wrote:
That's with a recommendation of using RC4.
it’s also with 1024 bit keys in the key exchange.
Head on over to the Wikipedia page for SSL/TLS and then decide if you want
rc4 to be your preference when trying to defend
-Original Message-
From: Mike Lyon [mailto:mike.l...@gmail.com]
Sent: Fri, November 01, 2013 9:19 pm
To: Harry Hoffman
Cc: Niels Bakker; nanog@nanog.org
Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo
DC-to-DC traffic
So even if Goog or Yahoo encrypt their data between
Head on over to the Wikipedia page for SSL/TLS and then decide if you
want rc4 to be your preference when trying to defend against a
adversary with the resources of a nation-state.
i got hit with the clue bat on this one.
we have kinda settled on allowing rc4 for smtp as the least preferred.
Was the unplanned L3 DF maintenance that took place on Tuesday a frantic
removal of taps? :-)
On Wed, Oct 30, 2013 at 3:30 PM, Scott Weeks sur...@mauigateway.com wrote:
On Wed, Oct 30, 2013 at 1:46 PM, Jacque O'Lantern
jacque.olant...@yandex.com wrote:
On Thu, Oct 31, 2013 at 7:02 AM, Ray Soucy r...@maine.edu wrote:
Was the unplanned L3 DF maintenance that took place on Tuesday a frantic
removal of taps? :-)
No need for intrusive techniques such as direct taps:
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=truearnumber=1494884
On Thu, Oct 31, 2013 at 7:24 PM, Matthew Petach mpet...@netflight.comwrote:
On Thu, Oct 31, 2013 at 7:02 AM, Ray Soucy r...@maine.edu wrote:
Was the unplanned L3 DF maintenance that took place on Tuesday a frantic
removal of taps? :-)
No need for intrusive techniques such as direct taps:
On Thu, Oct 31, 2013 at 5:53 PM, Jimmy Hess mysi...@gmail.com wrote:
On Thu, Oct 31, 2013 at 7:24 PM, Matthew Petach mpet...@netflight.comwrote:
On Thu, Oct 31, 2013 at 7:02 AM, Ray Soucy r...@maine.edu wrote:
Was the unplanned L3 DF maintenance that took place on Tuesday a frantic
removal
As a top-posting IT generalist pleb, can someone explain why
Google/Yahoo did not already encrypt their data between DCs?
Why is my data encrypted over the internet from my computer to theirs,
but they don't encrypt the data when it goes outside their building and
all the fancy access controls
On Fri, Nov 1, 2013 at 1:48 PM, explanoit explanoit.na...@explanoit.com wrote:
As a top-posting IT generalist pleb, can someone explain why Google/Yahoo
did not already encrypt their data between DCs?
Why is my data encrypted over the internet from my computer to theirs, but
they don't encrypt
http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html
Google is speeding up its initiative to encrypt all DC to DC traffic, as
this was suspected a short time ago.
http://www.informationweek.com/security/government/nsa-fallout-google-speeds-data-encryptio/240161070
On Wed, Oct 30, 2013 at 1:46 PM, Jacque O'Lantern
jacque.olant...@yandex.com
On Wed, Oct 30, 2013 at 1:46 PM, Jacque O'Lantern
jacque.olant...@yandex.com wrote:
http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html
---
48 matches
Mail list logo
