On Friday, February 19, 2016 at 12:39:52 PM UTC-6, Ashley Pinner wrote: > > Yes, the response is indeed "I don't care." > > > > If you do not care enough to secure your crypto against multiple vectors of > attack, then you have no business implementing crypto in the first place and > should remove it. > >
Um...nobody said "we don't care to secure...against multiple vectors of attack". We're disputing whether there are any vectors of attack this would protect against in the specific scenarios where Vim's crypto might be used. I'm sure if there were attack vectors against the data you'd get more agreement. Aaron's example of possibly being able to attack the system *through* Vim is a good argument, acutally. I think protecting against that is worthwhile. I think that argument sways me to support adding a MAC. But, it doesn't directly compromise the encrypted data, so I still wouldn't call Vim's crypto "broken" or suggest removing it entirely based on that attack vector. I don't know how susceptible blowfish is to allowing an attacker to manipulate the output of decryption in *predictable* fashion to allow this type of attack to succeed. If it's actually fairly easy then a fix becomes higher priority. -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
