Re: Prosecution based on memory forensics

2011-01-14 Thread Milo
instream - it's not easy :/ (not mentioning doing it for multiple kernels + waiting for upgrade of libcs or doing workarounds). So beign probaly the easiest way it's not easy way at all. Some project are distributing userland piece of code with

Re: Is the OpenPGP model still useful?

2011-07-06 Thread Milo
re are fine. Perhaps instead of serving extreme form of relativism is better to not anwser at all. I think that informative and didactic value of such response is negligible. -- Kind regards, Milo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://

Re: GPA File Manager

2011-11-16 Thread Milo
ferent alternatives? Ok, got it. Thanks. :) > > > Doug > You are missing a slight difference between discussing alternatives and - more or less - advertising proprietary software on "GPL-powered" project's mailing list. -- Regards, Milo _

Re: Using root CAs as a trusted 3rd party

2012-01-23 Thread Milo
log.torproject.org/blog/diginotar-damage-disclosure http://www.links.org/?p=1196 ... And many, many more examples. There were discussions about x509 and CA's credibility or ability to perform their tasks. Not much to add here I think. -- Regards, Milo ___

Re: SSH Agent keys >4096 bit?

2012-05-04 Thread Milo
and effort (if any) in some kind of approach/tools/procedures because you believe there will be no incident in which they'll provided you protection. Giving users easier-then-hacking-through-sources way of setting bigger key size isn't a crime. I think I should give Werner much faster phone now ;) (on my own using 8192-bit RSA key takes about 2-4 seconds to successfully auth; phone was made in 2010 and is simply _average_ smartphone) -- Kind regards, Milo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: SSH Agent keys >4096 bit?

2012-05-04 Thread Milo
On 05/04/2012 05:13 PM, Robert J. Hansen wrote: > On 05/04/2012 10:17 AM, Milo wrote: >> Well, many expect rise of the quantum computing during lives of most >> of us. This can trash most (if not all) asymmetric algorithms >> (Shor's algorithm) > > No. It can tr

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 01:57 AM, Robert J. Hansen wrote: > On 05/04/2012 04:35 PM, Milo wrote: >> Yes - niche, proof-of-concept, poorly analyzed ciphers. Let's talk >> about those widely used and considered mainstream. Those are our >> biggest concern. > > McEliece is almos

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 10:13 AM, Faramir wrote: > El 04-05-2012 10:17, Milo escribió: >> Hello Robert, Hello all. > ... >>> How many petabytes are sent across the wire each day? Do you >>> really think people will be storing all of today's traffic for >>> twen

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 12:08 PM, Peter Lebbing wrote: > On 04/05/12 22:35, Milo wrote: >> You can't tell consumer or end-user that he can't use 256-bit, symmetric >> cipher for his (even!) porn stash because this is some kind of faux pas >> and he is iconoclast because of

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 01:09 PM, Peter Lebbing wrote: > On 05/05/12 12:49, Milo wrote: >> 1) You are responding to citation regarding symmetric crypto with >> widely used key length. > > (...) > > >>>> One more time - this is not up to you or software authors

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 02:20 PM, Robert J. Hansen wrote: > On 5/5/12 4:37 AM, Milo wrote: >> This is futile. I'm reminding you that you are giving one example of >> rarely used algo (so _niche_ and _out_of_mainsteam_) to back your >> statement "that there is good amount of t

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 03:13 PM, Robert J. Hansen wrote: > On 5/5/12 8:57 AM, Milo wrote: >> "Derivatives of Shor's algorithm are widely conjectured to be effective >> against all mainstream public-key algorithms including RSA, >> Diffie-Hellman and elliptic curve cryptog

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 04:26 PM, Robert J. Hansen wrote: > On 5/5/12 10:17 AM, Milo wrote: >> "(...) This improves the strength of the algorithm when using keying >> option 2, and _provides_ _backward_compatibility_ with DES with keying >> option 3." > > One-key 3DES

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
On 05/05/2012 04:17 PM, Milo wrote: > (...) > > You are mixing two topics: > > Need of security margin better then provided by one of common, widely > used asymmetric algorithms using 4k key I was rather thinking about 4k RSA key or "security equivalent provided by one

Re: SSH Agent keys >4096 bit?

2012-05-05 Thread Milo
If I look at the debug messages emitted by the OpenSSH client, I'm > under the impression that key exchange is already completed before > authentication with RSA starts. Hm, shouldn't authentication happen before exchanging key for symmetric part of encryption during the SSH sess

Re: Cross-compiling GPGME

2012-06-28 Thread Milo
86-644.6.3-1ubuntu5+5ubuntu1 mingw-w64 2.0.1-1 mingw-w64-dev 2.0.1-1 mingw-w64-tools 2.0.1-1 mingw32-runtime 3.15.2-0ubuntu1 (...) -- Regards,

Re: A safe text editor

2012-09-09 Thread Milo
g some level of integration with gnupg. Please follow vim docs for details. > --Paul > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Regards, Milo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A safe text editor

2012-09-09 Thread Milo
Peter. On 09/09/2012 08:39 PM, Peter Lebbing wrote: > On 09/09/12 13:12, Milo wrote: >> Also there are vim scrips allowing some level of integration with gnupg. > > Personally, I'd have more faith in a text editor that was written ground-up > with > security in mind.

Re: A safe text editor

2012-09-09 Thread Milo
Hi! On 09/09/2012 09:16 PM, Peter Lebbing wrote: > On 09/09/12 21:06, Milo wrote: >> I'm not sure what you are trying to say/prove by polemics with things I >> didn't wrote. I won't speculate about your faith in editors, your threat >> model, and probab

Re: A safe text editor

2012-09-09 Thread Milo
describing "secure data modification/handling" without troubling yourself with defining "safe editor". Also considering your chase after "safety" and "privacy" think about focusing on "secure" hardware and OS (could be that your "safe text editor