On 2013-08-20, at 3:31 PM, Fabio Pietrosanti (naif) wrote:
> Hi all,
>
> at GlobaLeaks we are going to implement a feature that want to
> mitigate time correlation attacks between a Whistleblower submitting
> something and a Receiver, receiving a notification that there's a new
> leak outstanding
I find it likely that the Google engineer quoted had things like the
NSA taps on routers and in telecom facilities in mind, rather than
whether users of various services can expect that their providers will
hand over to the government. In other words, encrypting data in motion
rather than at rest.
Assume all mayor cryptotools are exploited. Sad but true. Any other reason
people complain OpenSSL is written in tongues (so to speak)? Hiding
exploits is easier in a mess.
That said the people in the IETS might be ignorant to the fact that TLS is
likely backdoor'ed. The thing with this problem is
Zooko Wilcox-OHearn writes (on the old cryptogra...@metzdowd.com list):
> I'd be keen to see a list of potentially-relevant patents which have
> expired or are due to expire within the next 5 years.
http://ed25519.cr.yp.to/software.html includes a chart and pointers.
Pretty much the entirety of th
On Sun, Aug 25, 2013 at 4:45 PM, Marco Pozzato wrote:
> ...
> Recently, android SecureRandom PRNG proved to be seriously flawed
> (http://android-developers.blogspot.it/2013/08/some-securerandom-thoughts.html)
> because, by default, it is not properly initialized with "good" entropy.
>
> The weakn
Hi all,
I'm CTO at PrivateWave, developing solutions for secure telephony.
Recently, android SecureRandom PRNG proved to be seriously flawed (
http://android-developers.blogspot.it/2013/08/some-securerandom-thoughts.html)
because, by default, it is not properly initialized with "good" entropy.
T
Bitcoin Brainwallet software creates ECDSA keys that you can use for
multiple purposes, not only for Bitcoin.
A link to Phidelius, which was previously mentioned:
http://dankaminsky.com/2012/01/03/phidelius/
---
I would like to see some standardized hierarchial deterministic scheme
to generate v
On 2013-08-25 alser...@inbox.ru wrote:
On Sat, 24 Aug 2013, Krisztián Pintér wrote:
has anybody done something like that already? does it have a name?
There was a ECC program from the previous century that worked as you
described: the private key was derived solely from the user password.
Se
On Sat, 24 Aug 2013, Krisztián Pintér wrote:
> has anybody done something like that already? does it have a name?
There was a ECC program from the previous century that worked as you
described: the private key was derived solely from the user password.
Unfortunately, I cannot recall its name (an
It's Sunday, it's time for some amusement. I agree with everything John
writes, and although I prefer an alternate style, it may be time for
straight talking.
On 24/08/13 00:33 AM, John Young wrote:
Comsec experts should not be surprised at the Snowden
revelations about NSA so far, most of
10 matches
Mail list logo
