On 7/21/14, Iain R. Learmonth wrote:
> Hi Jacob,
>
> On Mon, Jul 21, 2014 at 01:14:14PM +0000, Jacob Appelbaum wrote:
>> I believe you are mistaken. My understanding is that you're not
>> supposed to use crypto on the radio layer and IP packets are already
>> sever
On 7/21/14, Iain R. Learmonth wrote:
> On Mon, Jul 21, 2014 at 01:12:37PM +0200, Holger Levsen wrote:
>> Hi Iain,
>>
>> On Sonntag, 20. Juli 2014, Iain R. Learmonth wrote:
>> > The main one is that there are places in the world you just can't use
>> > HTTPS
>> > for legal reasons [...]
>>
>> I'm c
On 7/21/14, Holger Levsen wrote:
> Hi Iain,
>
> On Sonntag, 20. Juli 2014, Iain R. Learmonth wrote:
>> The main one is that there are places in the world you just can't use
>> HTTPS
>> for legal reasons [...]
>
> I'm curious, can you name one?
>
I'm also curious - is there a Debian developer who
On 6/13/14, Theodore Ts'o wrote:
> On Fri, Jun 13, 2014 at 06:51:44PM +0000, Jacob Appelbaum wrote:
>> I would expect that if the NSA wanted to take control of the RDRAND or
>> the rest of the CPU, they'd dynamically update the microcode in the
>> CPU to change
On 6/13/14, Theodore Ts'o wrote:
> On Fri, Jun 13, 2014 at 10:09:02AM +0200, Martijn van Oosterhout wrote:
>> > Excuse me if I'm blunt here, but I understand that, on the point of
>> > using entropy to seed a PRNG, if you have several shitty entropy
>> > sources and one _really_ good one, and you
On 6/11/14, Joey Hess wrote:
> I stumbled over a library which has switched to using RDRAND in a new
> upsteam version (not yet packaged), instead of /dev/urandom[1].
Which library is using it?
>
> I don't have a stong opinion on the security of RDRAND, which is a
> contentious topic in a domain
On 4/25/14, Kevin Chadwick wrote:
> previously on this list Paul Wise contributed:
>
>> I have written a non-exhaustive list of goals for hardening the Debian
>> distribution, the Debian project and computer systems of the Debian
>> project, contributors and users.
>>
>> https://wiki.debian.org/Ha
On 2/14/14, Paul Tagliamonte wrote:
> On Fri, Feb 14, 2014 at 04:44:21AM +0000, Jacob Appelbaum wrote:
>> Heya Sam,
>>
>> On 2/14/14, Sam Hartman wrote:
>> > All rants aside, I believe there's a fairly wide agreement that we
>> > should throw aw
Heya Sam,
On 2/14/14, Sam Hartman wrote:
> All rants aside, I believe there's a fairly wide agreement that we
> should throw away binaries from builds.
I'd encourage something slightly different and then I'd expand on it a bit.
I think it would be useful to have an historical archive of each
bi
On 2/13/14, Jakub Wilk wrote:
> * Jacob Appelbaum , 2014-02-13, 18:36:
>>How many uploaded binaries might include malware?
>
> *shrug* It's not like it's difficult to hide malicious code in source
> packages.
>
It is much harder for you to hide source code chang
No kidding!
How many uploaded binaries might include malware?
A lack of binary determinism in the build process basically ensures
that it isn't feasible to discover an answer to this question. :(
All the best,
Jacob
On 2/13/14, Holger Levsen wrote:
> Hi,
>
> On Donnerstag, 13. Februar 2014, On
Philip Rinn:
> Hi,
>
> I think it's important to add also the paragraph about actual usability for
> the
> homepage:
>
> Dear God, please don't use Pond for anything real yet. I've hammered out
> nearly
> 20K lines of code that have never been reviewed. Unless you're looking to
> experiment you
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum <[EMAIL PROTECTED]>
* Package name: biosmemimage
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C
Description : Tools for capturing memory du
Package: wnpp
Severity: wishlist
Owner: Debian Forensics <[EMAIL PROTECTED]>
* Package name: AESFix
Version : 1.0.1
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C++
Description : A tool for correcting bit errors in an AE
Package: wnpp
Severity: wishlist
Owner: Debian Forensics <[EMAIL PROTECTED]>
* Package name: RSAKeyFinder
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C++
Description : A tool for locating RSA private and
Package: wnpp
Severity: wishlist
Owner: Debian Forensics <[EMAIL PROTECTED]>
* Package name: AESKeyFinder
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C
Description : A tool for finding and repairing AES
Lucas Nussbaum wrote:
> On 06/08/08 at 23:17 +0100, Steve McIntyre wrote:
>> Jacob wrote:
>>> Package: wnpp
>>> Severity: wishlist
>>> Owner: Jacob Appelbaum <[EMAIL PROTECTED]>
>>>
>>>
>>> * Package name: ozymandns
&g
Clint Adams wrote:
> On Thu, Aug 07, 2008 at 12:48:20AM +0200, Lucas Nussbaum wrote:
>> Confirmed. And it hasn't been fixed.
>
> That's why I run it in a while loop and find it to be reasonable
> functional that way.
>
>
I've done just that in a screen session and I've found it to be quite
usef
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum <[EMAIL PROTECTED]>
* Package name: ozymandns
Version : 0.0.1
Upstream Author : Dan Kaminsky <[EMAIL PROTECTED]>
* URL : http://www.doxpara.com/ozymandns_src_0.1.tgz
* License : (Currently con
19 matches
Mail list logo
