http://www.theregister.co.uk/2013/10/03/lavabit_snowden_investigation_details/
The former operator of a secure email service once used by NSA leaker
Edward Snowden has been fined $10,000 for failing to give federal agents
access to his customers' accounts, newly released court documents show.
Taking random site X like a wiki and
engaging it for immediate auth with the cert is hard, mostly because
these systems out there have never really considered certs, and often
enough they haven't even considered SSL.
iang
ps; More here:
http://wiki.cacert.org/Technology/Knowledge
pie, they don't take from a
shrinking pie. But, there it is! There is now even a separate branch
of economics dealing with why lessons such as Ricardo's concepts in free
trade remain unlearnt, after hundreds of years.
iang
On 17/10/13 11:29 AM, Eugen Leitl wrote:
http://blo
Has anyone got/found test vectors for ChaCha?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 31/10/13 14:31 PM, Sébastien Martini wrote:
Hi,
On Thu, Oct 31, 2013 at 12:14 PM, ianG mailto:i...@iang.org>> wrote:
Has anyone got/found test vectors for ChaCha?
For ChaCha20 it seems there are these tests
https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-02#sec
rectly. I am
assuming that it is as read, haven't checked sources... iang)
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
he question of confidence.
Treason or revelation? You pick. This revelation may even be so useful
to industry (billion dollar losses?) that it might be a dominating
interest over the normal unquestioning patriotic duty of following the
say-so of those previously wiser heads in Fort Meade.
].
What's the XX ? The full length of the redaction can be seen in the
graphic, about 15 letters.
iang
[0] A related question is where were these slides posted on the Guardian
and NYT sites? Which did which redaction?
[1]
https://twitter.com/ashk4n/status/37575818993312/ph
must have been totally asleep to miss them...
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
e system. Access
was sorted and aligned by seniority of staff, and every morning, the
designated senior person would plug their token into a given device,
then walk away and get back to work.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
In the cryptogram sent over the weekend, Bruce Schneier talks about how
to design protocols to stop backdoors. Comments?
https://www.schneier.com/blog/archives/2013/10/defending_again_1.html
Design Strategies for Defending against Backdoors
With these principles in mind, we can list design st
On 18/11/13 10:27 AM, ianG wrote:
In the cryptogram sent over the weekend, Bruce Schneier talks about how
to design protocols to stop backdoors. Comments?
To respond...
https://www.schneier.com/blog/archives/2013/10/defending_again_1.html
Design Strategies for Defending against Backdoors
On 18/11/13 20:58 PM, Thierry Moreau wrote:
ianG wrote:
On 18/11/13 10:27 AM, ianG wrote:
In the cryptogram sent over the weekend, Bruce Schneier talks about how
to design protocols to stop backdoors. Comments?
To respond...
https://www.schneier.com/blog/archives/2013/10
And careful
cost-benefit analysis and careful risk analysis. History has not been
kind to open internet crypto projects.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
lectors?
Right now we're looking at a hybrid design of both: Collectors collect
and save, and push into a mixer pool on their own when full. When the
EF/CSPRNG pulls a seed from the mixer, it pulls from collectors, pulls
from the pool, and mixes all that
need is a combined
cryptographic software engineering block. The old block cipher will be
subsumed with that, and we don't actually expect to see another block
cipher become a champion.
We expect a cipher suite to be the champion, and we expect it to do a
whole lot more.
For my money,
Not just who was first to field a tank or a jet
fighter or a longer pike.
iang
ps;
Intel Ivy Bridge <- only this is right length in justified context shown
software for SDN and network-function virtualization (NFV), moves that
could bring Intel into closer competition with the likes of n
phone, SMS, skype). You can much better appreciate
what works for your design once it is up and running, and once your
users start telling you what they can do. This you cannot achieve at
all if you design in some cold-war PKI design from the get-go
or
BouncyCastle code... :P
Please do not email me anything that you are not comfortable also sharing with
the NSA.
Oh, that too.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 25/12/13 02:38 AM, Bill Frantz wrote:
On 12/25/13 at 2:05 PM, i...@iang.org (ianG) wrote:
So, assuming I sober up by the morn, and SO doesn't notice, where's
Ping's code?
See <http://zesty.ca/pubs/yee-phd.pdf> p217ff
Thanks! I had a quick look, it's in Pytho
community, and for good reason.
There have even been studies done on how effective it is. The one I
recall is selling two t-shirts, one red and one green, with one at twice
the price...
Of course, this still leaves the question of how
lgorithm called Tiny which was quite nice.
If in maths, others can comment.
iang
Hopefully I'll join you again one day ;)
Thanks in advance.
Ross
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
guys are carefully covering up the bleeding obvious.
Maybe that's why the newspaper released it over New Year's Day, for
humour.
iang
[0] http://financialcryptography.com/mt/archives/001451.html
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
tools to fix, this might be the
guide for you.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Question: Is there anything that can put some meat&metrics on how
developed and advanced this relationship is, how far the poison has
spread? How afraid should people in America be?
iang
1. Is there anything in the documentation that speaks to what they are
failing to break into at th
ng to break lots of things.
That's a good idea. I wonder if it could be done efficiently? Hmmm...
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
ng to read a current
version, one that had been written with the IETF and national standards
orgs in mind. Maybe someone could reverse-engineer these emails to
figure it out?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.r
today at ~ 19:00 CET and can discuss
this.
Anyone who wants to join via teleconference: please get in contact with me. We
will arrange for remote participation.
good luck. I'm missing out on all the fun. Again!
iang
___
cryptography mailing li
icult to
answer your real question: what are safe techniques for handling root
CA keys?
(fwiw, the techniques described in BR are not safe, IMHO. But they are
industry 'best practice' so you might have to choose between loving
acceptance and safety.)
iang
___
s the
implementation of ... all of 5. above.
All the same arguments that applied exportation bans for crypto
software apply here, especially that of pointlessness.
Cold war warriors never die, they just add more clauses to Wassenaar.
iang
___
and beer,
distributions services, analysis, protection, legal, ... the list is as
long as society itself.
Knocking these efforts on the head because one has a personal beef with
the way the world is going is just sad.
iang
___
cryptography
On 9/01/14 18:05 PM, Peter Bowen wrote:
On Wed, Jan 8, 2014 at 11:54 PM, ianG wrote:
On 9/01/14 02:49 AM, Paul F Fraser wrote:
Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
Are there any safe techniques for handling
ns to u64s are like the u32s, and
defined in a platform compatible fashion.
2. stick with the two u32s layed out in little-endian format,
regardless, if that's what everyone has already sort of done.
Any comments?
iang
___
cryptography mailin
, much commentary added, and some conversion routines as well. Thanks!
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
guy that tries that process is going to be caught, but
that's part of their story, not this one.)
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
http://www.fierceitsecurity.com/press-releases/nist-requests-comments-its-cryptographic-standards-process
As part of a review of its cryptographic standards development process,
the National Institute of Standards and Technology (NIST) is requesting
public comment on a new draft document that desc
http://www.spiegel.de/international/world/spiegel-interview-with-former-nsa-director-michael-hayden-a-960389-druck.html
In 2008, when President Obama was elected, he had a BlackBerry. We
thought, oh God, get rid of it. He said, "No, I am going to keep it." So
we did some stuff to it to make it a
snippets, mostly to try and figure out what this protocol is
before casting judgement. Anyone got an idea?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 31/03/2014 18:49 pm, Michael Rogers wrote:
> On 31/03/14 18:36, ianG wrote:
>> END of snippets, mostly to try and figure out what this protocol
>> is before casting judgement. Anyone got an idea?
>
> http://tools.ietf.org/html/draft-rescorla-tls-extended-random-02
&g
it could send a little message
saying "YES/NO for abc1234" where the latter is a unique cookie.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Has anyone looked at Tails?
http://www.salon.com/2014/04/02/crucial_encryption_tool_enabled_nsa_reporting_on_shoestring_budget/
Crucial encryption tool enabled NSA reporting on shoestring budget
Big players in Snowden revelations publicly praise Tails, in hope of
gaining much-needed funding fo
On 3/04/2014 11:42 am, John Young wrote:
> Stone's is a good statement which correctly places responsibility
> on three-branch policy and oversight of NSA, a military unit obliged
> to obey command of civilians however bizarre and politically self-serving.
>
> ODNI and NSA have been inviting a ser
On 6/04/2014 05:46 am, coderman wrote:
> On Mon, Mar 31, 2014 at 3:33 PM, ianG wrote:
>> ...
>> In some ways, this reminds me of the audit reports for compromised CAs.
>> Once you know the compromise, you can often see the weakness in the
>> report.
>
>
Original Message
Subject: Announcing Mozilla::PKIX, a New Certificate Verification Library
Date: Mon, 07 Apr 2014 15:33:50 -0700
From: Kathleen Wilson
Reply-To: mozilla's crypto code discussion list
To: mozilla-dev-tech-cry...@lists.mozilla.org
All,
We have been working on a
n't really work.
> The discussions are happening at:
>
> https://www.ietf.org/mailman/listinfo/xmpp
> http://mail.jabber.org/mailman/listinfo/standards
>
> If anyone has the time to make contributions, please do jump in (and
> spread the word).
iang
__
omically and scientifically sound, at
some level.
I maintain a risk history here: http://wiki.cacert.org/Risk/History for
the CA field, so if anyone can find any real damages effecting the CA
world, let me know!
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 8/04/2014 18:12 pm, Jonathan Thornburg wrote:
> On Tue, Apr 08, 2014 at 11:46:49AM +0100, ianG wrote:
>> While everyone's madly rushing around to fix their bits&bobs, I'd
>> encouraged you all to be alert to any evidence of *damages* either
>> anecdotally o
On 8/04/2014 20:18 pm, tpb-cry...@laposte.net wrote:
>> Message du 08/04/14 18:44
>> De : "ianG"
>>
>> E.g., if we cannot show any damages from this breach, it isn't worth
>> spending a penny on it to fix! Yes, that's outrageous and will b
On 8/04/2014 20:33 pm, Nico Williams wrote:
> On Tue, Apr 08, 2014 at 01:12:25PM -0400, Jonathan Thornburg wrote:
>> On Tue, Apr 08, 2014 at 11:46:49AM +0100, ianG wrote:
>>> While everyone's madly rushing around to fix their bits&bobs, I'd
>>> encourag
On 8/04/2014 21:02 pm, tpb-cry...@laposte.net wrote:
> You said you control a quite famous bug list.
Not me, you might be thinking of the other iang?
> I should not ask this here, but considering the situation we found ourselves
> regarding encryption infrastructure abuse from the p
-bug-websites-affected/
http://happyplace.someecards.com/30541/the-heartbleed-bug-which-sites-you-should-change-your-passwords-for-and-how-to-panic
Does anyone have a view as to the average cost to refit?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 11/04/2014 19:36 pm, Arshad Noor wrote:
> On 04/11/2014 03:51 PM, ianG wrote:
>> On 11/04/2014 17:50 pm, Jeffrey Walton wrote:
>>> http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
>>>
>>>
>>>
XKCD strikes again:
https://xkcd.com/1354
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
tory acceptance, not trust as humans know it.
> [1]http://csrc.nist.gov/publications/nistpubs/800-15/SP800-15.PDF,
> http://csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf
> [2]https://www.eff.org/files/DefconSSLiverse.pdf,
> https://www.eff.org/files/ccc2010.pdf
> [3]http://
On 15/04/2014 21:07 pm, d...@deadhat.com wrote:
>> http://clearcryptocode.org/tls/
>>
>> Probably not going to happen, but it's nice to dream...
>>
>
> It is one of my long term, implausible goals to replace TLS with a
> collection of independent app to app function-targeted security protocols
> t
ven greater adoption of this
> cipher suite, and look forward to seeing other websites
> deprecate AES-SHA1 and RC4-SHA1 in favor of AES-GCM and
> ChaCha20-Poly1305 since they offer safer and faster
> alternatives.
Close! 2 is s much closer to 1, it's even O(1).
iang
ps; o
On 26/04/2014 02:15 am, grarpamp wrote:
> On Fri, Apr 25, 2014 at 5:36 PM, ianG wrote:
>> On 25/04/2014 22:14 pm, Jeffrey Walton wrote:
>>> Somewhat off-topic, but Google took ChaCha20/Poly1305 live.
>>> http://googleonlinesecurity.blogspot.com/2014/04/speeding-up-a
basis. The contracts are being sorted out
now, over the last 5 years or so, in secret, but the joke of course is
that we still all believe that we're using trust and PKI and so forth
when none of that really applies.
iang
___
cryptogra
On 25/04/2014 18:40 pm, Tony Arcieri wrote:
> On Fri, Apr 25, 2014 at 3:10 AM, ianG <mailto:i...@iang.org>> wrote:
>
> Worse, consider Firefox's behaviour: it considers a certificate-secured
> site such as a self-cert'd site to be dangerous, but it does no
t improve the
lot of the users unless you actually meet some of them.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
otally incapable of doing
anything about it. Indeed, it's them that stopped others doing anything
about it.
> Although it should be easier establishing your own certificate authority.
Oh, they fixed that too :)
iang
___
cryptography mailing lis
is
CA-playbook crapola meaning "you must trust the authorities that have
been picked for you." The vector has been reversed, people are told
what has to happen, so there is no trust.
Trust derives from choice. Where is the choice?
iang
> On Mon, Apr 28, 2014 at 3:00 PM, Ja
he ordinary user has no choice.
iang
> On Mon, Apr 28, 2014 at 4:42 PM, ianG <mailto:i...@iang.org>> wrote:
>
> On 29/04/2014 00:12 am, Ryan Carboni wrote:
> > trust is outsourced all the time in the non-cryptographic world
>
> trust is built up a
n that not being true, so it isn't.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
is because reputations are now so
> fragile.
That last comment. Yes, either the system worked, or the system never
worked, and wasn't needed.
http://financialcryptography.com/mt/archives/001255.html
Show which? The more things you do to it, and discover that nothing
changes, is evidence to th
had no MITM support,
which was then considered to be a life and death issue by RSADSI ...
which just happened to have invested big in a think called x.509. And
the rest is history.
Some commentary here, which is opinion not evidence.
http://financialcryptography.com/mt/archives/000609.html
iang
___
On 30/04/2014 02:57 am, Jeffrey Goldberg wrote:
> Hi Ian,
>
> I will just respond to one of the many excellent points you’ve made.
Super, thanks!
> On 2014-04-29, at 12:12 PM, ianG wrote:
>
>> On 29/04/2014 17:14 pm, Jeffrey Goldberg wrote:
>>> People do tr
On 1/05/2014 02:54 am, Jeffrey Goldberg wrote:
> On 2014-04-30, at 6:36 AM, ianG wrote:
>
>> On 30/04/2014 02:57 am, Jeffrey Goldberg wrote:
>>> I have been using “trust” in a sort of behavioral way. For the sake of the
>>> next few sentences, I’m going to intro
On 2/05/2014 06:41 am, Jeffrey Goldberg wrote:
>
> On 2014-05-01, at 8:49 PM, ianG wrote:
>
>> On 1/05/2014 02:54 am, Jeffrey Goldberg wrote:
>>> On 2014-04-30, at 6:36 AM, ianG wrote:
>
>>> OK. So let me back peddle on “Ann trusts her browser to maintai
device in the world. And that is not even considering the usability and
> accessibility issues of all the fancy trusted path solutions that I've
> seen.
>
> Security researchers can not even guarantee that the status light of the
> camera is on when it is recording images.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 2/05/2014 13:42 pm, Marcus Brinkmann wrote:
> On 05/02/2014 01:33 PM, ianG wrote:
>>> For me the sentence, “I had little choice but to trust X” is perfectly
>>> coherent.
>>
>>
>> Yes, that still works. It is when it goes to "no choice" that it
y this didn't efficiently solve in society due to information
problems. LulzEconSec, anyone?
iang
[0] additional comments on the 'profit' side:
blue page 13: "Although difficult to quantify, it is likely that
Monsegur’s actions prevented at least millions of dollar
Another in the rash of weaknesses. This might mean that the fabled many
eyeballs have opened up?
https://www.openssl.org/news/secadv_20140605.txt
An attacker using a carefully crafted handshake can force the use of
weak keying material in OpenSSL SSL/TLS clients and servers. This can be
exploi
For all, the motive for this is well described here:
http://www.gwern.net/Self-decrypting%20files
(please correct me if I'm mistaken...)
iang
On 4/06/2014 14:45 pm, Peter Todd wrote:
> Timelock
>
>
> Create a secret key that can be decrypted in a known amoun
Original Message
Subject: [Tcpcrypt] WG Review: TCP Increased Security (tcpinc)
Date: Thu, 05 Jun 2014 14:31:12 -0700
From: The IESG
To: IETF-Announce
CC: tcpinc WG
A new IETF working group has been proposed in the Transport Area. The
IESG has not made any determination yet
ave
breached the sacred trust of trade -- to operate in the interests of
their customers.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
on bogus claims that are not facts
> as you are pearly doing is a really bad idea. In particular...
>
> On 15/06/14 14:13, ianG wrote:
>> What is also curious is that Dan
>> Brown is highly active in the IETF working groups for crypto,
>
> That is not correct as far a
On 15/06/2014 22:09 pm, John Young wrote:
> At 02:29 PM 6/15/2014, two wrote:
>
>> On 15/06/14 19:16, ianG wrote:
>> You are right, I am wrong.
>> Stephen Farrell wrote:
>> Thanks for that refreshing approach!
>
> This is faith shattering.
The revelation t
On 16/06/2014 04:27 am, Thierry Moreau wrote:
> On 2014-06-15 19:24, Tanja Lange wrote:
>> On Sun, Jun 15, 2014 at 02:13:04PM +0100, ianG wrote:
>>>
>>> Or is this impossible to reconcile? If Certicom is patenting backdoors,
>>> the only plausible way I can
http://sel4.systems/
General Dynamics C4 Systems and NICTA are pleased to announce the open
sourcing of seL4, the world's first operating-system kernel with an
end-to-end proof of implementation correctness and security enforcement.
It is still the world's most highly-assured OS.
What's being rel
rowaway for real security purposes. (By throwaway, I
mean the drug dealer's trick of using each phone/sim for one call, then
dropping it in the river.)
iang
ps; John's point is well taken. We don't have a way to escape success
b
>From the "strange bedfellows" department, who cares about us all being
tracked everywhere? The Chinese, that's who ;)
http://www.securityweek.com/apple-iphone-threat-national-security-chinese-media
BEIJING - Chinese state broadcaster CCTV has accused US technology
giant Apple of threatening n
opping in the trade before the lingo reset of recent
times. This is a valuable thing.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
d tricks from a
trusted partner, the backdoor slides in, and nobody knows it is there.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
17, 2014 at 5:01 AM, ianG <mailto:i...@iang.org>> wrote:
>
> On 17/08/2014 05:09 am, Jeffrey Goldberg wrote:
> > On 2014-08-16, at 4:51 PM, David I. Emery <mailto:d...@dieconsulting.com>> wrote:
>
> > I do think, however, that if there are such b
in building a safe door into a paling fence, yet
cryptographers and security people typically fall to the 'out of scope'
bug far more often than we'd like, thus rendering their system as out of
balance as the fortress with the paling fence.
Understanding the weakness of the core &a
t; cares". there is a roaring business for silence and proprietary
> development, and these people care quite a bit.
Yeah, ain't that the truth. Meanwhile, data...
iang
[1] a "lightning rod salesman" is an expression in earlier A
On 13/10/2014 14:32 pm, coderman wrote:
> On 10/13/14, ianG wrote:
>> ...
>> No, and I argue that nobody should care about MITM nor downgrade attacks
>> nor any other theoretical laboratory thing. I also argue that people
>> shouldn't worry about shark attacks,
https://www.openssl.org/~bodo/ssl-poodle.pdf
SSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most
practical purposes it has been replaced by its successors TLS 1.0
[RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], many TLS
implementations remain backwardscompatible with SSL 3
On 13/10/2014 16:45 pm, coderman wrote:
> On 10/13/14, ianG wrote:
>> ...
>> your welcome ;-)
>
> a considered and insightful response to my saber rattling diatribe.
>
> i owe you a beer, sir!
I'm honoured!
>> Ah well, there is another rule we should al
The Workshop on Usable Security (USEC) will be held in conjunction with
NDSS on February 8, 2015. The deadline for USEC Workshop submissions is
November 24, 2014. – In previous years, USEC has also been collocated
with FC; for example in Okinawa, Bonaire, and Trinidad and Tobago.
Additional inform
laced the
blinding formula on a pedestal, and we can note the irony of financial
privacy with Bitcoin.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
http://underhandedcrypto.com/rules/
The Underhanded Crypto contest was inspired by the famous Underhanded C
Contest, which is a contest for producing C programs that look correct,
yet are flawed in some subtle way that makes them behave
inappropriately. This is a great model for demonstrating
On 27/11/2014 03:04 am, Ilya Levin wrote:
On Thu, Nov 27, 2014 at 1:04 AM, ianG mailto:i...@iang.org>> wrote:
http://underhandedcrypto.com/__rules/
<http://underhandedcrypto.com/rules/>
The Underhanded Crypto contest ...
And the main prize for a winner would be n
http://qz.com/147313/ciscos-disastrous-quarter-shows-how-nsa-spying-could-freeze-us-companies-out-of-a-trillion-dollar-opportunity/
Cisco’s disastrous quarter shows how NSA spying could freeze US
companies out of a trillion-dollar opportunity
Bellwether Cisco indicates American tech companies ar
I often point out that our security model thinking is typically informed
by "stopping all breaches" rather than "doing less damage." Here's some
indication of damage.
http://bits.blogs.nytimes.com/2014/12/04/banks-lawsuits-against-target-for-losses-related-to-hacking-can-continue/?smid=tw-nyti
https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
About this project
After Edward Snowden's recent revelations about how compromised our
internet security has become some people have worried about whether the
hardware we're using is compromised - is it?
open hardware designs, we can have
a chance of leaking this project into all sorts of other things like
home routers, IoT things, Bitcoin hardware wallets etc.
iang
On 15/12/2014 19:18 pm, ianG wrote:
After Edward Snowden's recent revelations about how compromised our
internet securit
ainly lead to other benefits.
iang
On 16/12/2014 16:39 pm, ianG wrote:
Surprisingly, the OneRNG project is already half way to the goal of $10k
NZD after only a week.
https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
One reason I really like this proje
lassic spy stories, etc.
Even if we see the evidence, the masses still won't believe it. But,
speaking for myself, knowing that there was compelling verified evidence
of actual skulduggery was something that kept me sane.
iang
___
cryptog
301 - 400 of 421 matches
Mail list logo