FW: [rc5] 56 bits seem to be enough

Sean Reifschneider jafo at tummy.com
Thu Jun 5 01:48:12 EDT 1997


On Thu, Jun 05, 1997 at 12:52:58AM -0400, Fedor Kouranov wrote:
>Another chain. All sources and binaries are distributed under the signature
>of the guy who distributes them. Tweaking it is supposed to be hard. When

The attack doesn't come from having you INSTALL compromised binaries.  I
know of a cracker who routinely installs compromised PGP binaries OVER the
existing ones when he attacks a machine.

>hundreds of paranoids scrutinize the code, some of them may spot the troyan
>created by him. Maintaining integrity of your software is your task. That
>is, you are the only one hwo can fail.

So, unless you're a security expert and can keep your compuer secure, and
your environment bug-free, you might as well leave your car unlocked?

Sean
-- 
 "I can sum it up in one word:  Indescribable!"  -- Gonzo
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
URL: <http://www.tummy.com/xvscan> HP-UX/Linux/FreeBSD/BSDOS scanning software.
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list