>>>>> "Loren" == Loren M Lang <[email protected]> writes:
Russell> Maybe the talk should be renamed "virtually-private networks" Russell> or maybe "not-so-private virtual networks" ;-) Russell> I would not be trusting any binary-blob vendor to be keeping Russell> my bits private at this point. Loren> While I don't doubt that the NSA has a large budget and a Loren> supercomputer farm to match, I still think that Loren> properly-implemented, peer-reviewed, open-source and strong Loren> cryptography algorithms are still out of their reach. The Loren> problem, as I've read about before is a large amount of open Loren> source software that blindly applies AES without a good Loren> understanding of cryptography creating weak solutions like Loren> cryptoloop and tinc. Properly implemented solutions like Loren> dm-crypt and OpenVPN may also use AES, but are implemented Loren> properly and should keep away the prying eyes of the government Loren> for another few years. Maybe what we need is a place to find Loren> detailed information of the quality of various open source Loren> solutions as reviewed by well-known cryptographers. Schneier has seen the Snowden material, and this is his advice: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance -- Russell Senior, President [email protected] _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
