RE: CRIME NIPC Watch Daily Report 21 February 2002

From: Geo (geoneve@private)
Date: Thu Feb 21 2002 - 09:25:56 PST

Next message: Crispin Cowan: "Re: CRIME NIPC Watch Daily Report 21 February 2002"

Previous message: Geo: "CRIME NIPC Watch Daily Report 21 February 2002"
Next in thread: Crispin Cowan: "Re: CRIME NIPC Watch Daily Report 21 February 2002"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Good point.  It's the flaws in the server applications that are far easier
prey than the encrypted data.

Geo

-----Original Message-----
From: Jim Binkley [mailto:jrb@private]
Sent: Thursday, February 21, 2002 8:56 AM
To: Geo
Subject: Re: CRIME NIPC Watch Daily Report 21 February 2002

George,

What's wrong with 3-des?  112 "real" bits if I remember or something
like that.  Plus keep in mind, historically cracking encryption
on the fly hasn't been the problem with secure channels.  More like
the Microsoft email/web page that you installed leading to
a hacked server ...  Why worry about encryption when you can attack
the hosts themselves?   Don't attack the VPN.  attack the endpoints.
If it hadn't been for the disaster that is
WEP (and/or PPTP), maybe these questions would not arise :->

				Jim

Next message: Crispin Cowan: "Re: CRIME NIPC Watch Daily Report 21 February 2002"
Previous message: Geo: "CRIME NIPC Watch Daily Report 21 February 2002"
Next in thread: Crispin Cowan: "Re: CRIME NIPC Watch Daily Report 21 February 2002"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:03 PDT