Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Good and Bad Crypto



On April 24, 2014 at 10:34 AM Richard Pieri <richard.pieri at gmail.com> wrote:
> Mike Small wrote:
> > heartbeat requirement at all for the TCP case, but it's always a bug to
> > take external untrusted data at its word in this way.
>
> I maintain that this isn't a bug; it's willful stupidity.

The reason a bug happens is not relevant when the bug causes damage.

> > Perhaps. There may be an economic argument why Open Source, or some
> > parts of it, isn't getting enough attention from enough of the right
> > people. I don't know. I only have trouble with the idea that having
>
> Most of the right people when it comes to crypto are identified by
> security agencies very quickly, and then either recruited or constrained
> before they pose any threat -- which is to say, before they can
> contribute substantially to either open source or proprietary ventures.
> Of those who remain, the ones who aren't good enough for the NSA and
> similar agencies, most either end up working for big companies like
> Microsoft and Google, because these are the only ones that can afford
> their salaries, or start their own security-related companies.

Phil Zimmerman, who was hounded for years legally and eventually prevailed.

peabo



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org