From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 2 Jun 94 11:23:33 PDT
To: cypherpunks@toad.com
Subject: Re: News Flash: Clipper Bug?
Message-ID: <9406021822.AA11015@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Here is what the article on the upper right hand side of this morning's 
> New York Times says:
> 
> "To defeat the system, Dr. Blaze programmed a 'rouge' unit to test 
> thousands of LEAF's.  Once he found a valid key, he inserted it in place 

I assume 'rouge' is a typo - Matt's paper was talking about
rogue units, rather than Commies or makeup-artists :-)

One weakness in the weakness is that most Clippersystems
appear to be designed to use the same session key in each direction,
so both ends have to be privacy-protected versions to prevent
wiretapping, since a non-rogue LEAF from either end will give away the key.

But it's a good start, and ought to be exploited for all the
political mileage we can get out of it.... and it's not surprising
that security in a conversation is everybody's job...

		Bill