Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Introducing TGP...
From: "Thor (Hammer Of God)" <thor () hammerofgod com>
Date: Mon, 14 Jun 2010 08:41:51 -0700

The source of the decryptor?  Everything you would possibly need to  
know is right there in the read me.  I'm confused why you would ask  
for that, unless of course you didn't bother reading it, opting  
instead to make immediate assumptions of how it is insecure.

And I think you misunderstand (not surprisingly).  If you don't want  
to post your data, then don't. Keep it as private as you would like  
and the cloud won't "dissapear" as you predict (as funny as that is).  
If you want to, you can. I would have hoped that much would be obvious.

I find the application better and easier than for-pay applications. If  
you don't then don't use it. You won't hurt my feelings one bit. But  
if you are going to claim it is insecure, please provide some  
technical support for your argument.
T


On Jun 14, 2010, at 8:21 AM, lsi <stuart () cyberdelix net> wrote:

Ancient crypto?  You really have no effing clue, do you?

Whatever you use today, it will be ancient in 5 years.

why not start cracking it now

May I have source for the decryptor?

do something that would actually be useful

Just lending a clue, always a pleasure!  I been there done that with
encrypted files in public places (back in the day, I used a
webserver).  I ended up concluding what I told you - that anyone who
downloaded it could spend as long as they wanted attacking it, with
whatever tech, and there is no revocation function.  So I stopped
doing it.  These days I use SSH (and VNC if I want access to Windows
machines), or USB, if internet connectivity is not a given.

Not to mention polluting the net with mountains of your private data,
your cloud actually consists of other people's servers, who have
generously provided them to host archives of meaningful discussion,
and whose goodwill you will certainly consume, along with their
diskspace.  End users still receive and store a copy of your data,
but this cannot be accessed by you, and is useless.

And, if everyone did it of course there would be massive storage
usage, followed by a magic regex to block those mails, and the cloud
would disappear.

So, no, insecure, waste of bandwidth and storage, unscalable.

Stu


---
Stuart Udall
stuart at () cyberdelix dot net - http://www.cyberdelix.net/

---
* Origin: lsi: revolution through evolution (192:168/0.2)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]