| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: markus.jansson at hushmail.com (Markus Jansson) Subject: Insecurity in Finnish parlament (computers) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 26 Dec 2004 18:59:28 -0800 James Tucker <jftucker@...il.com> wrote: >I don't have the time or inclination to teach you myself. >Please go and learn some more about dealing with radio >frequency attacks on modern networks. Please learn the basic fact: If you want something to remain secure that goes airwaves, you have to encrypt it. Everything else is just kinda "security by obscurity" (you presume opponents dont have equipment needed to receive them). >Just because the communications stream has not been >encrypted (or an encryption has been cracked) does >not mean that it is readable by an attacker. If they can read it, anyone else with similiar hardware can do it too. Its really pretty much that simple. >Practical attacking of GSM over the >air is also very difficult for similar >(although not so extreme) reasons. ROTFLOL! Please take time to google since you are terrible wrong once again. http://www.chiare.com/products/spy/GSM900-1800e.htm http://www.endoacustica.com/gsm_interceptor.htm http://www.geocities.com/CapeCanaveral/Hangar/8539/GSMMONI.HTM >TETRA also operates in a similar manner and is hard >to attack over the air for the same reason. ROTFLOL! We use TETRA in here Finland and there are equipment available here to listen to it too. Same goes with GSM. You cannot rely on airwave security to think that "nobody else has devices like we use" to be secure. Thats why they implemented crypto to GSM and TETRA in the first place!!! >The two most common SSH clients save the server keys after first >connection; you seem to not know this or not understand/appreciate >it. Argumentum ad nauseam & argumentum ad hominem. Please tell me what exactly you do NOT understand in my last posting when I sayed that in my pages in that place I say:"Unless you can receive the publickey or the fingerprint of the publickey used in some secure manner"? >Advertising weak systems is simply making other peoples >lives worse. Advertising weak software also makes peoples lives worse since they have to patch and update them. Advertising weak systems does the same thing: The people behind them have to spend time and effort to secure them...as they should have done in the first place. >Do you expect people to jump when you point them to a site which >contains the opening line: "I am 26-year guy, currently living in >Turku, Finland. I have been involved with software, computers and >Internet for many years, although I don't do programming nor work >in the IT-industry." >I am not at all surprised that the government chose to ignore your >message to them. Argumentum ad hominem. You clearly dont have any reasonable arguments to make, since you are only attacking against ME in person instead of attacking my arguments. Markus Jansson Turku http://www.markusjansson.net -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkHP/60ACgkQp4wnv3Na2tr7uACgmuylROMIjwebcUbAbiNZKBsRsvQA oICTCDvjJX2xVTBNKdYVlPrzonHm =q5YC -----END PGP SIGNATURE-----
Powered by blists - more mailing lists