Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Introducing TGP...
From: "Thor (Hammer of God)" <Thor () hammerofgod com>
Date: Mon, 14 Jun 2010 13:40:31 +0000

Ancient crypto?  You really have no effing clue, do you?  But, as I asked, thanks for your feedback.

Secondly, that's NOT too small to be a scan of my passport since that is EXACTLY what that is.   Regardless, please 
feel free to post some actual details about issues with the "ancient" crypto and any other technical observances.   In 
fact, why not start cracking it now and let us know what you come up with?  IOW, do something that would actually be 
useful rather than sit around and bitch about viruses all day?

t

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-
bounces () lists grok org uk] On Behalf Of lsi
Sent: Monday, June 14, 2010 3:48 AM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Introducing TGP...

On 14 Jun 2010 at 4:23, Thor (Hammer of God) wrote:

create a private key with a strong password, post that, and then,
say, encrypt a scan of your passport and post that.

So, I think this is a dumb idea... :)

You might think your crypto is secure right now, but in 5 years there
might be a big hole in it.  If copies of your passport are floating
about on the net, you can't even delete them, and certainly cannot
prevent anyone using the new crack against your old crypto.

Of course you think it's a dumb idea.  But according to you, in 3
years, all the computers in the world will screech to a grinding halt
because of what Symantec says are "new threats."   How can anyone use
the "new crack" when they can't turn their computers on?

No, only Windows machines will be grinding to a halt.  OTOH, my sleek unix
boxen will be whizzing along nicely.... just waiting for some interesting work to
do, such as cracking some files protected by ancient crypto.

Even if nobody finds a weakness in the algorithm you used, 5 years from now I
will probably have enough spare CPU to brute-force it using my mobile
phone....

If you were posting docs with a shorter shelf-life there would be less danger.
But a passport is always useful....

If, of course you think I'm speaking tripe, go ahead and post it...

Here it is!  Go nuts.

That's too small to be a passport scan.

Timothy has developed and implemented networking and application
security solutions for institutions such as ... Microsoft .... Timothy
has been a columnist for Security FocusĀ“ Microsoft section,

Uh-huh....

Stu

---
Stuart Udall
stuart at () cyberdelix dot net - http://www.cyberdelix.net/

---
* Origin: lsi: revolution through evolution (192:168/0.2)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault