>Brian Steele [SPICEISLE] wrote:
>>
>> [copied from a reply made to another member off-list]
>>
>> >Then you are mistaken. Security through obscurity has long been
>> >repudiated by knowledgeable security folks, dating from collquia of
>> >locksmiths and the debates about whether weaknesses in locks should
>> >be kept secret or shared among members of the trade.
>>
>> My challenge is to define "members of the trade" here. We're not
>> talking about locks, but software, which by its very nature is easily
>> transportable and reconfigurable - and quite easy to duplicate by
>> anyone who has access to a computer and a floppy disk (or CD-RW drive
>> :-)). Also, if a hacker, by perusing the "open" architecture for a
>> security product, chances upon a flaw, then can we rely on him to
>> report the flaw to the producer, or more likely use it for his own
>> profit?
>
>The "trade" here refers to cryptography as far as I'm concerned,
>and it is irrelevant if it is implemented in HW, SW or something
>else. And an open architecture hopefully gets peer-reviewed, so
>mistakes may actually be found rather than hushed up.
>
>Try reading something on the history of cryptography. Such as
>why attempts to make public-key systems based on knapsacks
>are vulnerable (a theoretic result), and not implemented in
>practice.
>
>-paul
>-
A little 'history' on cryptography.
Havent looked at it much myself, just thought id bring it to your
attention, Paul.
http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
- neotek
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
