[144992] in cryptography@c2.net mail archive
Re: Security of Mac Keychain, File Vault
daemon@ATHENA.MIT.EDU (=?UTF-8?Q?Ivan_Krsti=C4=87?=)
Tue Oct 27 10:21:50 2009
Cc: Cryptography List <cryptography@metzdowd.com>
From: =?UTF-8?Q?Ivan_Krsti=C4=87?= <krstic@solarsail.hcs.harvard.edu>
To: Jerry Leichter <leichter@lrw.com>
In-Reply-To: <538BE49A-C3DF-49EF-9D3B-FC63C2FB2860@lrw.com>
Date: Mon, 26 Oct 2009 23:19:08 -0700
On Oct 24, 2009, at 2:31 PM, Jerry Leichter wrote:
> The article at http://www.net-security.org/article.php?id=3D1322 =20
> claims that both are easily broken.
Shrug. He doesn't explain what 'broken' means to him or under what =20
threat model, and dammit, security without a threat model is like =20
motherhood without apple pie. I can "easily break" a bank vault by =20
putting an MP5 to the head of the guy with the key, but that's hardly =20=
the vault's fault, now is it?
Speaking-only-for-myself,
--
Ivan Krsti=C4=87 <krstic@solarsail.hcs.harvard.edu> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
