on it in an OCR font or something else that
is easily readable by both people and machines, and you can either
release the ballot into the box if it's right, or put it into a
discard pile and try again. Then the machine forgets everything, and
they count the paper ballots to see who won.
--
l
sorts of schemes to corrupt an election. The punch card ballot
happens to be a uniquely bad technology for reasons we all know, but
most of the surrounding infrastructure is old and kludgy but not
broken. We need to keep this in mind when designing something new and
zoomy that's suppos
rogram is available at
> http://www.peacefire.org/bypass/
Someone who looked at this program reports that it just runs the
uninstall programs for whichever of those applications it finds
installed. Whoopee.
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTEC
[ I was at the beach, catching up now ]
> > It is a test of will and power. Kaplan took offense at the widespread
> > attitude that such an act was beyond the power of a judge, that judges not
> > only should not censor thei internet, but that they *could* not censor the
> > internet, tha
> In case you haven't figured it out, yes, I am seriously contemplating
> writing such a book. Please keep the good ideas coming.
Oh, good.
All of the discussion of algorithms is fine, but it seems to me that the most
important topic in such a book is how to avoid building yet another crypto
sy
RSA Data Security does have some registered trademarks for encryption
software. In principle, they're not enforcable against an algorithm as
opposed to an implementation thereof, but considering how unpleasant RSA
the company has been in the past, I don't see any point in picking a
fight with
> I think this is secure:
>
>- pre-distribute a public key (cert, whatever) that you trust
>- install decryption/sig checking software on the target machines
> (I think this is necessary)
>- when the blob is transmitted, send a signature (detached) and the
> executable self-
> Am I the only person left on earth who finds "self-extracting" bundles
> to be a menace to security? --Perry]
No. On the other hand, considering that your typical Windows user will push
a button marked "Push this button now to erase all the files on your disk",
it's a relatively small part of
> I'm not sure I care for the elitist tone in Dan's posting either, but
> he raises some points that deserve serious consideration. Sure we
> have mail-in absentee ballots now, but the number of people who
> choose to vote that way is small and an absentee ballot split that
> varied markedly f
> This is e911 service.
> Much as I dislike government intrusion, I sure would like to have a
> device with a button that says "call help and *tell them where I am*"
Me too. The problem seems to be that the "call help" and "tell them where I
am" functions aren't as closely coupled as we'd like.
> What use is the watermark anyway? It is only applicable to files
> generated for a specific, legally identifiable customer. Therefore it
> does not apply to pre-pressed CD/DVD etc. discs or to broadcasts via
> the Net, TV, radio etc.
Well, serial numbers are somewhat useful in tracking pirate
> Whether or not the hijacker can succeed in tricking a CA into issuing a
> cert wrongfully is a complicated question - it's probably (hopefully?) hard
> to reach that goal if the domain name requested is a well-known one.
It'd be pretty hard. When I got a certficate from Thawte for a domain o
> It seems clear that the system is primarily oriented towards preventing
> fraud by election officials and those involved in setting up the
> electronic voting. Historically, this is the greater danger in
> election fraud. Stuffing the ballot box is much easier if you are
> the one in charge of
> >Did any of you see this
> >http://www.votehere.net/content/Products.asp#InternetVotingSystems
> >
> >that proposes to authenticate the voter by asking for his/her/its SSN#?
>
> It looked like the idea for this part was to prevent double voting,
> plus make sure that only authorized people cou
> For the past two days jya.com has been under attack
> by the Korea Information Security Agency
>
> http://www.kisa.or.kr
>
> which has set up (or allowed) a couple of robots to issue a
> sustained flood of requests for the same three files, one per
> second, which has nearly stopped acces
> The Cato Institute released a new Cato Briefing Paper, "Strong
> Cryptography: The Global Tide of Change," as the Clinton
> administration was announcing a relaxation in controls on the export
> of encryption technology. In the paper, Arnold G. Reinhold writes ...
Arnold's a regular on this lis
Visit http://www.1on1mail.com/
It has a downloadable Windows client that I haven't tried yet, and a lot
of blather about how secure 2048 bit RSA keys are. It's free, supported
by ads. I wonder if it puts them in the encrypted messages.
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetr
C|net reports that the House Appropriations Committee approved a budget for
the justice department today that specifically forbids the FBI to spend any
money on FIDNET.
http://www.news.com/News/Item/0,4,39978,00.html?st.ne.fd.mdh.ni
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator o
> Alfred Beutelspacher: Kryptologie.
> Vieweg, 1996, ISBN 3-528-48990-1, 34.00 DEM, 179 p.
>
> I don't know unfortunately, whether someone has translated it already
> into English.
I see a 1994 translation, which I presume is of an earlier edition:
Cryptology, Paperback, 176 Pages, Mathemat
> Weiner said he was particularly troubled by reports that investigators
> tracked the Melissa suspect with help from both America Online and a unique
> identifying number attached to Microsoft software.
My understanding is that they found the guy by going to Dejanews, finding the
earliest copy o
> > There's bomb-proof security, and there's "security" that itself is a time
> > bomb. I fear that self-extracting decryptors are much closer to
> > the latter than to the former -- very much closer.
At this stage, it's hard to see much justification for self-extracting crypto
any more. There
> Suppose someone discovers a way to solve NP-complete problems with a
> quantum computer; should he publish?
I certainly would. I wouldn't want to be the only one in possession of a
secret that the black helicopter crowd would certainly kill to keep secure.
Regards,
John Levine, [EMAIL PROT
> The ones that are in the 2020 foresight group,
> VeriSign, Microsoft, TC TrustCenter, and Thawte
> really ought to have their heads examined or I'm
> too dense to get the joke.
I suspect that the message here is that they're more worried about user
browers popping up "this certificate has expir
> I f I recall correctly, the US Patent and Trademark Office has said that it
> would not consider information placed on the Internet to be published for
> patent purposes. Preparoing papers for journals or conferences is a pain,
> takes months to be published and runs the risk of rejection.
How
The problem is that we're trying to combine the answers to two rather
separate questions.
> Here is the question: Is this as good as thin air?
With suitable precautions as discussed already, most likely yes.
> Can you see any way a hacker could use such a connection to penetrate
> the bank's
25 matches
Mail list logo