Hello Tom Plunket,
On Sun, 28 May 2000 00:33:44 -0700 GMT your local time,
which was Sunday, May 28, 2000, 2:33:44 PM (GMT+0700) my local time,
Tom Plunket wrote:
NA>> Personally, I believe Open Source Software has the "potential" to be more
NA>> secure, but there is also value in security through obscurity. :o)
> Although there may be corporate value in obscurity, I have a hard time
> accepting that at a personal level. Sure, nobody is supposed to know
> what the whitehouse.gov and fbi.gov servers are running so that
> nobody will know easy attacks against them. However, at the same
> time, if *I* am unable to examine an implementation of a cryptography
> routine (or anything, for that matter), I may well be suffering from
> corporate key-farming (from the previously mentioned link, just a
> direct line to what I'm talking about):
> http://www.scramdisk.clara.net/pgpfaq.html#SubDSSSubliminal
> Anyone remember the big brouhaha when it was discovered that Microsoft
> was collecting computer information during the famous "Windows Update"
> feature? While I won't say that such a thing would never happen in
> OSS, it's unlikely to be a "surprise" when someone sees that it's
> happening.
What about that backdoor one of the USA politicians recent blabbed
about, and the NSA spare key...
I wouldnt trust any encrypto from MS or similar USA companies unless
the source was available to look at..
After the turnaround the USA government did on excrypting they HAVE to
be able to decode it.
If any version of Linux becomes settled in enough to be THE one to
use, you can be sure there will be attempts to sneak similar code in.
May already be it in the kernel...
You have NO idea what data they nick at various times, can even be
your pgp keys as its dead easy to see if someone has pgp and where the
keys are. Who tells you your secret key hasnt been nicked?
Take pgp on its own, code should be code, not starting with some silly
banner telling the whole world what it is and also as a side effect
showing when a decode was succesful.
You want to multiple loop pgp, and you can, that banner tells exactly
when a loop was succesful...
And why should headoffice CIA and AOL be so nice and close together
that I would want to bet there is a big fibreoptic cable between the
2.... Or that likely all mail and chat via AOL, ICQ, Hotmail and a
few others gets scanned for certain keywords / users..
> -tom!
Best regards,
tracer
--
Using theBAT 1.44 with Windows 98
mail to : [EMAIL PROTECTED]
I am using FireTalk: 321338
ICQ: on request
Website: www.phuketcomputers.com
Our special website hosting/mailservers are now operational
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : [email protected]
