lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Apr 2008 07:38:04 +0200 From: Turgut Baumann <t_baumann@....net> To: Valdis.Kletnieks@...edu Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis.Kletnieks@...edu schrieb: > On Mon, 21 Apr 2008 22:31:53 EDT, Joey Mengele said: > >> So are you trying to suggest compression is not as secure as >> encryption? Have you even *read* the RFC in question? > > The design goal of most compression algorithms is that *anybody* can take > the compressed data and get back the original. The design goal of most > encryption is that *only the intended recipient* can decrypt and get the > original data back. > > The only question left at this point is whether the contents of your brain were > compressed, or merely encrypted, and which of the two would be more secure. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Hi, Mr. Kletniek, i really appreciate what you're doing. You're one of the few person driven by intellect and with a scientific approach here on this list. And your able to make me laugh early in the morming. ;) I really, really appreciate that. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists