At 08:52 PM 10/16/2001 -0400, Steven M. Bellovin wrote: >In message <[EMAIL PROTECTED]>, Ben Laurie writes: >>"Trei, Peter" wrote: >>> Windows XP at least checks for drivers not signed by MS, but >>> whose security this promotes is an open question. >> >>Errr ... surely this promotes MS's bottom line and no-one's >>security? It is also a major pain if you happen to want to write a >>device driver, of course. >> > >Microsoft? See their view of how to deal with security at >http://www.newsbytes.com/news/01/171173.html -- I wonder if they >think it should apply to crypto research, too?
>From that link: "It's high time the security community stopped providing blueprints for building these weapons," he said. === Remember after the OK City bombing, there were calls to remove instructions on bomb making from the Internet? That failed when people pointed out the USDA and public library sources, although some went on to claim they should be removed from there, too. Free speech, anyone? With bug reports, there are none coming from USDA or to be found in public libraries, so it looks like we're a lot more vulnerable. When will the Internet be so ingrained in American life that it's no longer vulnerable like this? +------------------------------------------------------------------+ |Carl M. Ellison [EMAIL PROTECTED] http://world.std.com/~cme | | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | +--Officer, officer, arrest that man. He's whistling a dirty song.-+ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]