Re: [cryptography] Crypto Vulns

2015-03-10 Thread ianG
On 7/03/2015 15:23 pm, John Young wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 I would have said that the #0 vulnerability is failing to deliver anything that the user sees. Because of

Re: [cryptography] Crypto Vulns

2015-03-08 Thread shawn wilson
On Mar 7, 2015 9:11 PM, coderman coder...@gmail.com wrote: On 3/7/15, Dave Horsfall d...@horsfall.org wrote: On Sat, 7 Mar 2015, Kevin wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1

Re: [cryptography] Crypto Vulns

2015-03-07 Thread Kevin
On 3/7/2015 12:01 PM, Dave Horsfall wrote: On Sat, 7 Mar 2015, Kevin wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 I don't agree that the user should be first on that list unless you are talking

Re: [cryptography] Crypto Vulns

2015-03-07 Thread Dave Horsfall
On Sat, 7 Mar 2015, Kevin wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 I don't agree that the user should be first on that list unless you are talking about poor implementation. How

Re: [cryptography] Crypto Vulns

2015-03-07 Thread Ethan Heilman
I seem to recall that Enigma was broken largely due to sloppy user practices e.g. weak message key, re-use of keys, repeating same message with a weaker scheme, etc. Used properly, Enigma would've been unbreakable at the time. Yes, sloppy user practices helped cryptanalysis on all sides,

Re: [cryptography] Crypto Vulns

2015-03-07 Thread Kevin
On 3/7/2015 10:23 AM, John Young wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 ___ cryptography mailing list cryptography@randombit.net

[cryptography] Crypto Vulns

2015-03-07 Thread John Young
No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] Crypto Vulns

2015-03-07 Thread stef
On Sat, Mar 07, 2015 at 10:23:40AM -0500, John Young wrote: No 1 vulnerability of crypto is the user absolutely: pls enjoy this: https://en.wikipedia.org/wiki/List_of_cognitive_biases which i also packed into an ebook for your convenience:

Re: [cryptography] Crypto Vulns

2015-03-07 Thread coderman
On 3/7/15, Dave Horsfall d...@horsfall.org wrote: On Sat, 7 Mar 2015, Kevin wrote: No 1 vulnerability of crypto is the user 2nd passphrases 3rd overconfidence 4th trust in the producer 5th believing backdoors are No. 1 I don't agree that the user should be first on that list unless