Re: [cryptography] [FORGED] Re: Kernel space vs userspace RNG

up and e-mailed to me. I haven't been able to resurrect it. > components energised at 400-600V 24/7 probably isn't optimal in terms of > both power consumption and component life. It's USB powered so that wasn't really a big deal. As for component life, it undoubtedly bur

Re: [cryptography] [FORGED] Re: Kernel space vs userspace RNG

they > were using hasciicam on lavalamps and sharing read-only text dumps via > NFS. Not sure this was in Portland, but I'm quite sure this is the > dream of the 90's :^D That's pretty cool. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1

Re: [cryptography] [FORGED] Re: Kernel space vs userspace RNG

for a year or two (it was good practice for "generating SSL certs on an airgapped machine and transfer them securely" ceremonies, something I'd always wanted to do myself to see how easy they were to mess up). - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0

Re: [cryptography] Kernel space vs userspace RNG

t helpfully warning you about an attacker aiming beams of gamma radiation at your giger counter to skew the RNG in a predictable direction so your generated keys are easier to guess... - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1

Re: [cryptography] Best practices for paranoid secret buffers

tation/html/wheeler-trusting-trust-ddc.html http://www.dwheeler.com/trusting-trust/ Interesting times. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtad

Re: [cryptography] The Compromised Internet

seem to, but they also seem to fall into the camp of "It's on the amateur bands, so if it's something I'd want to encrypt I'm not going to talk about it while chewing the rag anyway." > least the old hands (are there even new hands?). Hello. - -- The Doctor [41

Re: [cryptography] urandom vs random

t; resulting number streams? I've done some non-scientific experiments (i.e., sated my curiosity) with ENT (formerly at http://www.fourmilab.ch/random/, now maintained at http://packages.debian.org/sid/ent). I found the results interesting and somewhat useful. - -- The Doctor [412/724/301/70

Re: [cryptography] http://goldbug.sourceforge.net/ - Secure Instant Messenger

nable public references (at best) are being posted to multiple forums (among them one of the cypherpunks mailing lists and liberation-tech). Caveat user. https://cpunks.org//pipermail/cypherpunks/2013-July/000144.html - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: ht

Re: [cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

hip when you can have someone look for 0-days? Cheaper and emminently practical. Oh, and already being done. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://dr

Re: [cryptography] openssl on git

he user does not do something dumb, like including crypto keys in the repository, chances are most-but-probably-not-all of the contents of those repos are not sensitive, so the user probably cares little about making their personal settings for their text editor of choice public. - -- The Doctor

Re: [cryptography] openssl on git

e people who set up personal Git repositories on Github for their configuration files (in /etc, ~/.config, and apparently sometimes ~/.ssh). Some seem to do a `git add .ssh/*` without stopping to think about what might be in there aside from a config file. - -- The Doctor [412/724/301/703] [

Re: [cryptography] Gmail and SSL

If one does it, that gives the idea to others, and they might not get caught. There is a lot of money that could be made selling them as well as a market for them (the same market for DLP hardware). See also, Jeff Walton's post earlier to this list. - -- The Doctor [412/724/301/703] [Z

Re: [cryptography] Gmail and SSL

ployment in DLP hardware, too. - -- The Doctor [412/724/301/703] [ZS|Media] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ FizerPharm: Trust. Profit. Deniability. -BEGIN PG

Re: [cryptography] can the German government read PGP and ssh traffic?

world.com/article/231359/microsoft_patents_spy_tech_for_skype.html http://trendsupdates.com/microsoft-skype-to-now-allow-legal-interception-of-skype-calls-by-authorities/ Whether or not Microsoft has actually made Skype CALEA compliant is unknown at this time but it seems that they are headed in that direction. - --

Re: [cryptography] airgaps in CAs

business in 2008. - -- The Doctor [412/724/301/703] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Life is too short to drink bad coffee. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozil