Re: [303] If you're sick of crypto talk don't read this (fwd)
What is peculiar about the rejoinders to Lucky's sensible proposal is the dismissal of it with elaborate affirmations of mathematical surety, as if there has not been voluminous warnings to never rely on mathematical surety when weaknesses are far more likely to be found in the faulty implementation of cryptosystems. It's as if comfort is to be found in a return to early faith in chanting unbreakable crypto mathematics to avoid the truth that math at any strength is not the solution to comsec, rather it is what you promote (and blow sunshine) when you don't have a solution to implementation weaknesses except to advance the virtues sophisticated security monitoring systems. This waving the flag of mathematical security, coupled with the need for long-term security monitoring, sure smells like national security religion, and lucrative it is so long as nobody can prove its shinola. Strong crypto systems of super-duper key length are likely crumbling regularly behind this scrim of mathematical pin-headedness.
in club we trust (fwd)
[SSZ: This is funny...don't have a clue where the quote came from.] Subject: in club we trust If the IRS cuts down on its audits and enforcement, more people are going to say, 'The IRS isn't out there with a club, so we can do anything we want,' warns Congressman Amo Houghton (R-New York), and that will erode the whole concept of our tax system, which is based on trust. -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - Wildlife [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
Schneier on Bernstein factoring machine (fwd)
-- Forwarded message -- Date: Tue, 16 Apr 2002 20:44:06 +0200 (CEST) From: Anonymous [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Schneier on Bernstein factoring machine Bruce Schneier writes in the April 15, 2002, CRYPTO-GRAM, http://www.counterpane.com/crypto-gram-0204.html: But there's no reason to panic, or to dump existing systems. I don't think Bernstein's announcement has changed anything. Businesses today could reasonably be content with their 1024-bit keys, and military institutions and those paranoid enough to fear from them should have upgraded years ago. To me, the big news in Lucky Green's announcement is not that he believes that Bernstein's research is sufficiently worrisome as to warrant revoking his 1024-bit keys; it's that, in 2002, he still has 1024-bit keys to revoke. Does anyone else notice the contradiction in these two paragraphs? First Bruce says that businesses can reasonably be content with 1024 bit keys, then he appears shocked that Lucky Green still has a 1024 bit key? Why is it so awful for Lucky to still have a key of this size, if 1024 bit keys are good enough to be reasonably content about? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Supremes Legalize Virtual Kiddieporn
[Considering what a hot button this topic has become its a bit surprising that the robbed ones kept this aspect of the 1st intact. It should be interesting to if Congress can craft a new reg which can pass muster. Meanwhile, look for pedo computer games to appear.] April 16, 2002 Supreme Court Strikes Down Ban on Virtual Child Pornography By DAVID STOUT WASHINGTON, April 16 In a case that addresses some of the most fundamental issues of technology and morality, the United States Supreme Court ruled today that Congress went too far in 1996, when it passed a law that treats virtual or computer-generated child pornography as the real thing. The court held, 6 to 3, that the Child Pornography Prevention Act is overly broad and unconstitutional, despite its supporters' arguments that computer-generated smut depicting children could stimulate pedophiles to molest youngsters. The sexual abuse of a child is a most serious crime and an act repugnant to the moral instincts of a decent people, Justice Anthony M. Kennedy wrote in the majority decision. Nevertheless, he said, if the 1996 law were allowed to stand, the Constitution's First Amendment right to free speech would be turned upside down. Congress may pass valid laws to protect children from abuse, and it has, Justice Kennedy wrote. The prospect of crime, however, by itself does not justify laws suppressing protected speech. http://www.nytimes.com/2002/04/16/national/16CND-PORN.html Hush provide the worlds most secure, easy to use online applications - which solution is right for you? HushMail Secure Email http://www.hushmail.com/ HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ Hush Business - security for your Business http://www.hush.com/ Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/ Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
Re: [303] If you're sick of crypto talk don't read this (fwd)
What is peculiar about the rejoinders to Lucky's sensible proposal is the dismissal of it with elaborate affirmations of mathematical surety, as if there has not been voluminous warnings to never rely on mathematical surety when weaknesses are far more likely to be found in the faulty implementation of cryptosystems. Still, insistance on the *current public knowledge* about algo security as a proof for anything is silly. I do not have a rational explanation for this. Crypto history demonstrates consistent short-sightedness of public and not so public experts. Granted, within the contemporary knowledge realm they were right. But when unpredictable advances predictably continue to happen, even the more dim ones should realise that the current knowledge is not a good metric; it's like trying to predict a book from an unborn writer. It took Germans 20 years to find out that allies were decrypting Enigma traffic. Why would anyone think that the gap between public and private crypto expertise is anything less today is beyond me. So do not easily dismiss possibility that someone may not care about implementation vulnerabilities at all, as long as cyphertext is available. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/