food for consideration. yes, #s are from MSFT as he notes, but are the only
ones we have presently wrt actual Storm extent, yes? If not, pls post
pointers...
=JeffH
--
Storm Worm botnet numbers, via Microsoft
http://blogs.zdnet.com/security/?p=533
Posted by Ryan Naraine @ 7:40 am
Source:
http://www.washingtonpost.com/wp-dyn/content/article/2007/10/01/AR2007100100511.html
British law enforcement gained new powers on Monday to compel individuals and
businesses to decrypt data wanted by authorities for investigations.
..
Failure to comply could mean a prison sentence
For people who don't read LKML (or get interesting bits forwarded to them),
there's a wonderful quote by Linus Torvalds about the difference between OS
scheduler design and security design:
Schedulers can be objectively tested. There's this thing called
'performance', that can generally be
Following up on an old thread with some new information:
Hitachi's white paper is available from:
http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
...
The interesting part is the final sentence of the white paper:
Peter Gutmann wrote:
For people who don't read LKML (or get interesting bits forwarded to them),
there's a wonderful quote by Linus Torvalds about the difference between OS
scheduler design and security design:
Schedulers can be objectively tested. There's this thing called
On Tue, 02 Oct 2007 15:50:27 +0200
Simon Josefsson [EMAIL PROTECTED] wrote:
It sounds to me as if they are storing the AES key used for bulk
encryption somewhere on the disk, and that it can be unlocked via the
password.
I'd say decrypted by the password, rather than unlocked, but that's
I often say, Rub a pair of cryptographers together, and you'll
get three opinions. Ask three, you'll get six opinions. :-)
However, he's talking about security, which often isn't quantifiable!
And don't get me ranting about provable security Had a small
disagreement with somebody at