[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cryptography] the spell is broken
----- Forwarded message from Peter Gutmann <[email protected]> -----
Date: Fri, 04 Oct 2013 13:15:48 +1300
From: Peter Gutmann <[email protected]>
To: [email protected]
Cc: [email protected]
Subject: Re: [cryptography] the spell is broken
Message-Id: <[email protected]>
"James A. Donald" <[email protected]> writes:
>By moving away from anything NIST has touched he deprives the NSA of leverage
>to insert backdoors,
Just as a bit of a counterpoint here, how far do you want to go down this
rathole? Someone recently pointed me to the latest CERT vuln. summary
(because of a few interesting entries there):
https://www.us-cert.gov/ncas/bulletins/SB13-273
Now this is just a single weeks' worth, and yet look at all the remote-code-
execution and seize-control-of-device issues in just that seven-day stretch.
The NSA doesn't really need to backdoor crypto when the barn door isn't just
propped wide open, it's entirely missing in some cases.
(I completely support Jon's position in terms of being seen to do the right
thing, but there are more things to worry about than just backdoored crypto).
Peter.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5