John Ioannidis writes:
> (they [TSA] still picked up "random" people without the search
> string on their boarding passess).
HHH! If this list was to have a subtitle it would be
"Practical uses of randomness". Surely they're rolling dice, or
cutting a well-shuffled deck, or con
John Gilmore writes:
> And, besides identifying what cities they're doing this in, we should
> also start examining a collection of these boarding passes, looking
> for the encrypted "let me through without searching me" information.
> Or the "Don't let me fly" information. Then we can evaluat
[ quoted from the qmail mailing list. -russ ]
For those of you wondering when qmail is going to start protecting mail
messages against eavesdropping and forgery: I'll be in San Francisco
Friday morning in front of Judge Patel arguing that the remaining crypto
regulations are unconstitutional.
I
Adam Back writes:
> So there are practical limits stemming from realities to do with code
> complexity being inversely proportional to auditability and security,
> but the extra ring -1, remote attestation, sealing and integrity
> metrics really do offer some security advantages over the curre
AARG!Anonymous writes:
> I'd like the Palladium/TCPA critics to offer an alternative proposal
> for achieving the following technical goal:
>
> Allow computers separated on the internet to cooperate and share data
> and computations such that no one can get access to the data outside
>
Jim Choate writes:
>
> On Mon, 5 Aug 2002, Russell Nelson wrote:
>
> > AARG!Anonymous writes:
> > > So don't read too much into the fact that a bunch of anonymous postings
> > > have suddenly started appearing from one particular remailer. For your
Dan Bernstein has a response to the June 2002
Lenstra-Shamir-Tomlinson-Tromer paper (and similarly, Bruce Schneier's
comments) about his research into the cost of circuits for integer
factorization.
http://cr.yp.to/nfscircuit.html
--
-russ nelson http://russnelson.com | New Intern
Dan Geer writes:
>
> > The union of the two sets of "cryptography users" and "paranoid
> > people" is necessarily non-empty. Who would bother to use
> > cryptography sans a threat model? And if you've got a non-empty
> > threat model, then by definition you're paranoid.
>
> Uh,
Derek Atkins writes:
> Russell Nelson <[EMAIL PROTECTED]> writes:
>
> > The union of the two sets of "cryptography users" and "paranoid
> > people" is necessarily non-empty. Who would bother to use
> > cryptography sans a threat model? And
Lucky Green writes:
> On Sat, 9 Feb 2002, Russell Nelson wrote:
> > I think the only worthwhile way forward is to create a
> > cryptographic email standard de novo, which is free of export,
> > trademark, and patent problems.
>
> I believe such a standard alr
Werner Koch writes:
> Things would get much better if a PGP 2 version with support for CAST5
> would get more into use. [ etc. ]
I know that you're working hard, Werner, but I believe that the recent
few years have destroyed the PGP brandname. I think the only
worthwhile way forward is to cr
Andrew Odlyzko writes:
> 1. Cryptography does not fit human life styles easily.
> 2. Novel technologies take a long time to diffuse through society.
to which I would add:
3. Cryptography, and therefore PKI, is meaningless unless you first
define a threat model. In all the messages with this
Perry E. Metzger writes:
> Do not destroy the reason I live here to give me
> "safety". I'd rather die in a terrorist attack.
Freeman Dyson once said to me, "It's better to get mugged than to live
a life of fear." Given that he's been mugged, you'd think he ought to
know.
--
-russ nelson <[E
yghost.com/images/kginst2.jpg
David Farber writes:
> >From: Russell Nelson <[EMAIL PROTECTED]>
> >Date: Tue, 31 Jul 2001 22:29:45 -0400 (EDT)
> >Subject: Re: IP: Judge hears U.S. v. Scarfo PGP-spying case; secret trial to
> > come?
> >
> > > >
Trei, Peter writes:
> It's an attempt by a spambot to get by a 'uniqueness filter'. A quick
> google (Google is your friend) gives the stuff appended below.
The Spammer wrote:
> It allows this message to bypass filters on some of the larger domains.
Somehow the term "cover traffic" comes to
This is the goofiest spam I've ever gotten. How many bits are
contained in the message below the % signs? Could be quite a few,
depending on your dictionary of nouns, verb, adjectives, and adverbs.
Sure looks like a message to me. As far as I know, I'm not expecting
any steganographic messages
16 matches
Mail list logo
