The article at http://www.net-security.org/article.php?id=1322 claims
that both are easily broken. I haven't been able to find any public
analyses of Keychain, even though the software is open-source so it's
relatively easy to check. I ran across an analysis of File Vault not
long ago
At 12:14 PM 10/22/2009, David Wagner wrote:
Back to DNSSEC: The original criticism was that DNSSEC has covert
channels. So what? If you're connected to the Internet, covert
channels are a fact of life, DNSSEC or no. The added risk due to any
covert channels that DNSSEC may enable is somewhere
