mailing list archives
Re: Introducing TGP...
From: "lsi" <stuart () cyberdelix net>
Date: Mon, 14 Jun 2010 11:47:42 +0100
On 14 Jun 2010 at 4:23, Thor (Hammer of God) wrote:
create a private key with a strong password, post that, and then, say,
encrypt a scan of your passport and post that.
So, I think this is a dumb idea... :)
You might think your crypto is secure right now, but in 5 years there might be
a big hole in it. If copies of your passport are floating about on the net, you
can't even delete them, and certainly cannot prevent anyone using the new
crack against your old crypto.
Of course you think it's a dumb idea. But according to you, in 3
years, all the computers in the world will screech to a grinding halt
because of what Symantec says are "new threats." How can anyone use
the "new crack" when they can't turn their computers on?
No, only Windows machines will be grinding to a halt. OTOH, my sleek
unix boxen will be whizzing along nicely.... just waiting for some
interesting work to do, such as cracking some files protected by
Even if nobody finds a weakness in the algorithm you used, 5 years
from now I will probably have enough spare CPU to brute-force it
using my mobile phone....
If you were posting docs with a shorter shelf-life there would be
less danger. But a passport is always useful....
If, of course you think I'm speaking tripe, go ahead and post it...
Here it is! Go nuts.
That's too small to be a passport scan.
Timothy has developed and implemented networking and application
security solutions for institutions such as ... Microsoft .... Timothy
has been a columnist for Security Focus´ Microsoft section,
stuart at () cyberdelix dot net - http://www.cyberdelix.net/
* Origin: lsi: revolution through evolution (192:168/0.2)
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/