Forwarded from: "Michael J. Reeves, AA, ASc" <mjreevesat_private> I find the comments made by J. D. Dyson interesting. I recognize he is one of the more knowledgable and visible persons of this forum. However, I cannot totally agree with his views in this matter. Having studied the history of cryptoanalysis, it is apparent that most cryptoanalysis is supported by the government. Secondly, though the URL link is highly critical of contests, it does not offer many concrete facts to support the position of the writer. For example, the contest mentioned, and the alleged fact that the algorithm was broken by various means. Nowhere is it indicated whether the TEXT was in fact RECOVERED??? Fact: IF you have NOT recovered the text, you have NOT broken the code. Fact: Babbage was an academic who worked for the government. So are many other academics. In the present instance, the game is to break into/through a security system on a computer network. For a lot of hackers who take this as a PERSONAL affront to their skills, they will increase their attacks on the system. This will of course generate a great deal of information for the developer/publisher of the software in question. It should be obvious that the developer will use this information to enhance and fix security breaches in thier program. ALL FOR FREE!!! THANK YOU VERY MUCH FOR YOUR EGOTISTICAL COOPERATION!!! LOW SELF-ESTEEM is SO-OO manipulatable!!! IF I was going to play the role of a "BLACK HAT HACKER" (IF!!!), I would keep my mouth shut, and WAIT until the software has been disseminated into the network system. I would attack the USER's system, and leave the developer alone. THIS is the strategy that HURTS the developer's credibility!!! IF the developer wants to test their system through a contest, let them put up some SERIOUS money. Consider they are attempting to hire for FREE the combined skills of numerous hackers of various abilities that may total hundreds of hacking experiemce years. An appropriate amount of money would be several ANNUAL salaries that could be shared among those who successfully breach the system. Consider this a CONSULTING FEE for contributing to the further development of the security features!!! IMHO... MJR InfoSec News wrote: > Forwarded from: Jay D. Dyson <jdysonat_private> > > -----BEGIN PGP SIGNED MESSAGE----- > > On Thu, 15 Nov 2001, InfoSec News wrote: > <SNIP> > > If stupidity is dangerous, then Mr. Ellison's statement is > accurate. > > For clear and concise refutation on why the challenge is bogus, I > need only point to Bruce Schneier's December 1998 remarks on the matter: > > http://www.counterpane.com/crypto-gram-9812.html#contests > > Mr. Ellison would do well to read it and recognize his folly. > > And for the record, nothing, but *nothing* is perpetually secure. > Time is the greatest reducer of perceived absolutes. And when (not if) > the time comes when Oracle is breached, I will personally laugh... > > ...and point. > > - -Jay > <SNIP> -- Michael J. Reeves, AA, ASc MJR Consulting Services 4231 Watrous Avenue Sacramento, California 95842 Voice: (916) 344-7834 FAX: (916) 349-1849 By Appointment E-Mail: mjreevesat_private --------------------------------------------------------- REMEMBER: Artificial Intelligence beats real Stupidity!!! Failure, the FIRST step toward SUCCESS!!! I have no SPAM. I don't give a SPAM. I take no SPAM from anyone. I am NOT in the SPAM business!!! There are NO OBSTACLES, only CHALLENGES to CONQUER... NO PARADOXES, only ILLUSIONS... Rule #1: Murphy's Law: Shit Happens!!! Rule #2: YOU CAN'T CHANGE RULE #1!!! Murphy's Law of Statistics: You will never get the minimum sample size desired no matter how large a group you select from. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 16:04:54 PST