[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C1608CE.25919.E8F7752@stuart.cyberdelix.net>
Date: Mon, 14 Jun 2010 11:47:42 +0100
From: "lsi" <stuart@...erdelix.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Introducing TGP...
On 14 Jun 2010 at 4:23, Thor (Hammer of God) wrote:
> >> create a private key with a strong password, post that, and then, say,
> >> encrypt a scan of your passport and post that.
> >
> >So, I think this is a dumb idea... :)
> >
> >You might think your crypto is secure right now, but in 5 years there might be
> >a big hole in it. If copies of your passport are floating about on the net, you
> >can't even delete them, and certainly cannot prevent anyone using the new
> >crack against your old crypto.
>
> Of course you think it's a dumb idea. But according to you, in 3
> years, all the computers in the world will screech to a grinding halt
> because of what Symantec says are "new threats." How can anyone use
> the "new crack" when they can't turn their computers on?
No, only Windows machines will be grinding to a halt. OTOH, my sleek
unix boxen will be whizzing along nicely.... just waiting for some
interesting work to do, such as cracking some files protected by
ancient crypto.
Even if nobody finds a weakness in the algorithm you used, 5 years
from now I will probably have enough spare CPU to brute-force it
using my mobile phone....
If you were posting docs with a shorter shelf-life there would be
less danger. But a passport is always useful....
> >If, of course you think I'm speaking tripe, go ahead and post it...
>
> Here it is! Go nuts.
That's too small to be a passport scan.
> Timothy has developed and implemented networking and application
> security solutions for institutions such as ... Microsoft .... Timothy
> has been a columnist for Security FocusĀ“ Microsoft section,
Uh-huh....
Stu
---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/
---
* Origin: lsi: revolution through evolution (192:168/0.2)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists