1995-08-18 - Re: Netscape security

Header Data

From: Alex Tang <altitude@cic.net>
To: stewarts@ix.netcom.com (Bill Stewart)
Message Hash: bd0aefea9b31d2ae90d468c48765067f08beae73dc599d3fefb4dd3fa17ee567
Message ID: <199508181852.OAA12523@petrified.cic.net>
Reply To: <199508180750.AAA27087@ix4.ix.netcom.com>
UTC Datetime: 1995-08-18 18:53:55 UTC
Raw Date: Fri, 18 Aug 95 11:53:55 PDT

Raw message

From: Alex Tang <altitude@cic.net>
Date: Fri, 18 Aug 95 11:53:55 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Netscape security
In-Reply-To: <199508180750.AAA27087@ix4.ix.netcom.com>
Message-ID: <199508181852.OAA12523@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri Aug 18 03:51:20 1995: you scribbled...
> 
> Mr. Shank - I'm a bit disappointed by your posting about the RC4-40 crack.

<stuff deleted>

After following the threads that have gone on after the SSL/RC4 cracking, 
It seems that we are going about this all wrong.  The cypherpunks and
Netscape shouldn't be at odds about this event.  It would be in everyone's
best interest to join forces against the common foe (ITAR), and try to
prove to the feds that RC4-40 just plain isn't good enough.  

For example, if Netscape (or someone else) were to issue a challenge to
break an SSL Key as fast as possible, and then the cypherpunks did just
that in say...a few hours, it could make a very big statement.  

It seems that one of the problems with Damien's cracking job was that it
was "not sanctioned".  Look at the WSJ article, they didn't mention his
name...they just called him "a hacker".  It shows how public opinion still
sees groups like the cypherpunks as just that, a bunch of punks. 

With some "respected" business on our side, it may make a much bigger
impact (better publicity, better leverage, etc.).

Maybe i'm just dreaming...

...tango...




Thread