| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Jun 2010 08:41:51 -0700 From: "Thor (Hammer Of God)" <thor@...merofgod.com> To: "<stuart@...erdelix.net>" <stuart@...erdelix.net> Cc: "<full-disclosure@...ts.grok.org.uk>" <full-disclosure@...ts.grok.org.uk> Subject: Re: Introducing TGP... The source of the decryptor? Everything you would possibly need to know is right there in the read me. I'm confused why you would ask for that, unless of course you didn't bother reading it, opting instead to make immediate assumptions of how it is insecure. And I think you misunderstand (not surprisingly). If you don't want to post your data, then don't. Keep it as private as you would like and the cloud won't "dissapear" as you predict (as funny as that is). If you want to, you can. I would have hoped that much would be obvious. I find the application better and easier than for-pay applications. If you don't then don't use it. You won't hurt my feelings one bit. But if you are going to claim it is insecure, please provide some technical support for your argument. T On Jun 14, 2010, at 8:21 AM, lsi <stuart@...erdelix.net> wrote: >> Ancient crypto? You really have no effing clue, do you? > > Whatever you use today, it will be ancient in 5 years. > >> why not start cracking it now > > May I have source for the decryptor? > >> do something that would actually be useful > > Just lending a clue, always a pleasure! I been there done that with > encrypted files in public places (back in the day, I used a > webserver). I ended up concluding what I told you - that anyone who > downloaded it could spend as long as they wanted attacking it, with > whatever tech, and there is no revocation function. So I stopped > doing it. These days I use SSH (and VNC if I want access to Windows > machines), or USB, if internet connectivity is not a given. > > Not to mention polluting the net with mountains of your private data, > your cloud actually consists of other people's servers, who have > generously provided them to host archives of meaningful discussion, > and whose goodwill you will certainly consume, along with their > diskspace. End users still receive and store a copy of your data, > but this cannot be accessed by you, and is useless. > > And, if everyone did it of course there would be massive storage > usage, followed by a magic regex to block those mails, and the cloud > would disappear. > > So, no, insecure, waste of bandwidth and storage, unscalable. > > Stu > > > --- > Stuart Udall > stuart at@...erdelix.dot net - http://www.cyberdelix.net/ > > --- > * Origin: lsi: revolution through evolution (192:168/0.2) > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists