1995-10-24 - Re: Reducing the Flames, Attacks, and Nit-Pickings
Header Data
From: Scott Brickner <sjb@universe.digex.net>
To: tcmay@got.net (Timothy C. May)
Message Hash: a1136f9f874634eb7c7d8232357ff95f68e051ac001d22b01a1001ad1ff9fe75
Message ID: <199510240133.VAA13731@universe.digex.net>
Reply To: <acb06aea5b021004cdd9@[205.199.118.202]>
UTC Datetime: 1995-10-24 01:33:51 UTC
Raw Date: Mon, 23 Oct 95 18:33:51 PDT
Raw message
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 23 Oct 95 18:33:51 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Reducing the Flames, Attacks, and Nit-Pickings
In-Reply-To: <acb06aea5b021004cdd9@[205.199.118.202]>
Message-ID: <199510240133.VAA13731@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain
Timothy C. May writes:
>Worse, idle speculation about possible security flaws seems wasteful.
Not always. A couple of months ago someone was asking what the fuss
was about in making sure random number generators were secure. In
describing potential problems with poor RNG seeds I "idly" speculated
that if Netscape has a lousy RNG that it might be *lots* easier to
attack that than the (then current) brute force attack was.
A week or to later, Ian posted a reverse engineered copy of the
Netscape RNG stuff, and a week or so after that announced his big
hole.
Occasionally, idle speculation sparks good ideas.
Thread
Return to October 1995
- Return to “Scott Brickner <sjb@universe.digex.net>”
Return to “tcmay@got.net (Timothy C. May)”
- 1995-10-23 (Sun, 22 Oct 95 21:45:02 PDT) - Re: Reducing the Flames, Attacks, and Nit-Pickings - tcmay@got.net (Timothy C. May)
- 1995-10-24 (Mon, 23 Oct 95 18:33:51 PDT) - Re: Reducing the Flames, Attacks, and Nit-Pickings - Scott Brickner <sjb@universe.digex.net>