R. A. Hettinga writes:
> Juarez: You have the ability to establish the notion of trusted code which
> can't be observed or modified. Moreover, information on your machine, which
> is living in one of those vaults or one of the sub-vaults, or as storage on
> your disc can be encrypted with ma
hy Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
--
--------
Paul A.S. Ward, Assistant Professor Email: [EMAIL PROTECTED]
University of Waterloo [EMAIL PROTECTED]
Department of Computer Engineering Tel: +1 (519) 888-4567 ext.3127
Waterloo, OntarioFax: +1 (519) 746-3077
Canada N2L 3G1 URL: http://shoshin.uwaterloo.ca/~pasward
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
(519) 885-1208
Canada N2L 3G1 URL: http://shoshin.uwaterloo.ca/~pasward
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Eric Rescorla writes:
> <[EMAIL PROTECTED]> writes:
>
> > Eric Rescorla writes:
> > > Ben Laurie <[EMAIL PROTECTED]> writes:
> > > > And most (all?) commercial CAs then disclaim any responsibility for
> > > > having actually checked that right correctly...
> > > While this is true, I'd
Eric Rescorla writes:
> Ben Laurie <[EMAIL PROTECTED]> writes:
>
> > Michael Sierchio wrote:
> > >
> > > Carl Ellison wrote:
> > >
> > > > If that's not good enough for you, go to https://store.palm.com/
> > > > where you have an SSL secured page. SSL prevents a man in the middle
> >
Jay D. Dyson writes:
> -BEGIN PGP SIGNED MESSAGE-
>
> On Tue, 27 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > > > Hrm, how about a worm with a built-in HTTP server that installs itself
> > > > on some non-standard port, say TCP/28462 (to pick one at random)?
> > >
> > >
Adam Fields writes:
>
> On a somewhat related note, is it
> wise for the FBI to open itself up to potential lawsuits if their
> software corrupts data or otherwise interferes with legitimate
> business, or allows an intruder to do so undetected by utilizing the
> AV-invisibility channel res
Jay D. Dyson writes:
> On 27 Nov 2001, Derek Atkins wrote:
>
> > Hrm, how about a worm with a built-in HTTP server that installs itself
> > on some non-standard port, say TCP/28462 (to pick one at random)?
>
> Craftier still, backdoor an existing service that behaves normally
> unt
Jay D. Dyson writes:
> On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > But this doesn't really address the question. Certainly you take
> > various precautions. The question is: how can I know if the system is
> > compromised?
>
> There's a wealth of utilities that can indicate
Jay D. Dyson writes:
> -BEGIN PGP SIGNED MESSAGE-
>
> On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > > Yet another reason why Open Source is your friend.
> >
> > I did not mean to imply that I am running some variety of windows. I am
> > interested in the technical
Jay Sulzberger writes:
>
>
> On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > Jay Sulzberger writes:
> > >
> > >
> > > On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
> > >
> > > > R. A. Hettinga writes:
> > > > > Everyone remember First Virtual's Nat Borenstein's "major discov
Jay Sulzberger writes:
>
>
> On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > R. A. Hettinga writes:
> > > Everyone remember First Virtual's Nat Borenstein's "major discovery" of the
> > > keyboard logger?
> > >
> > > 'Magic Lantern' part of new 'Enhanced Carnivore Project'
> >
Jay D. Dyson writes:
> On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
>
> > > Everyone remember First Virtual's Nat Borenstein's "major discovery"
> > > of the keyboard logger?
> > >
> > > 'Magic Lantern' part of new 'Enhanced Carnivore Project'
> >
> > In the same vein, but a different a
Kent Borg writes:
> On Wed, Nov 21, 2001 at 10:40:11AM -0500, [EMAIL PROTECTED] wrote:
> > In the same vein, but a different application, does anyone know what
> > the state of the art is for detecting such tampering? In particular,
> > when sitting at a PC doing banking, is there any mechani
R. A. Hettinga writes:
> Everyone remember First Virtual's Nat Borenstein's "major discovery" of the
> keyboard logger?
>
> 'Magic Lantern' part of new 'Enhanced Carnivore Project'
> [etc]
In the same vein, but a different application, does anyone know what
the state of the art is for dete
P.J. Ponder writes:
> The default settings will be the permanent settings for many users, and if
> it is easier to buy something through a .Net affiliate than to shop
> around, then the .Net sites will get a certain percentage of users just by
> 'default'. They won't get all, certainly, but
Rick Smith at Secure Computing writes:
>
> While I would feel compassion for consumers
> who are hurt or inconvenienced by some huge scam that exploited a poor
> Microsoft security implementation, such a scenario would be entertaining to
> watch.
What makes you believe that you will not
David Jablon writes:
>
> Not until vendors are held legally accountable for negligent design.
>
> Maybe someday, somehow, there will be a class action law suit.
> (I saw a recent infosec conference flyer that had some silly quote
> about the annual cost of viruses or something being in the
David Jablon writes:
>
> Yet, on a sad note, public crypto research has to stop.
> One might think it could survive in purely academic circles.
> But no, you'd have to be a fool to criticise even an academic paper.
> Anybody, perhaps the resentful author, could co-opt the work for
> Copy P
19 matches
Mail list logo
