BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Good and Bad Crypto
- Subject: [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Wed, 23 Apr 2014 12:04:22 -0400
- In-reply-to: <20140423155249.GO3247@dragontoe.org>
- References: <14b5446b65314ece8402914040d7efb6@CO2PR04MB684.namprd04.prod.outlook.com> <5355DA7B.4070600@gmail.com> <53567FBD.4010101@gmail.com> <5356CDDB.2000506@gmail.com> <535705D7.1010203@gmail.com> <20140423155249.GO3247@dragontoe.org>
Derek Martin wrote: > Unless they hack the vendor and steal the source. White hats aren't > going to do that. Or... unless the NSA or some other organization has > paid off the vendor to intentionally include weaknesses for them to > exploit. Or... unless the attacker works for the vendor and is taking > advantage of flaws he already knows exist. Or... unless someone who > works for the vendor who feels slighted decides to post the source on > some black hat site. Or... unless some criminal organization pays > someone at the vendor to steal the source code for them. Or... What's your point? That hiding the code is of zero relevance to the security of that code? -- Rich P.
- References:
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Good and Bad Crypto
- Prev by Date: [Discuss] Good and Bad Crypto
- Next by Date: [Discuss] OpenBSD and LibreSSL
- Previous by thread: [Discuss] Good and Bad Crypto
- Next by thread: [Discuss] Good and Bad Crypto
- Index(es):
