[8051] in cryptography@c2.net mail archive
Re: Republic targeted for sale of 'unhackable' system
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Thu Nov 16 15:20:53 2000
From: "Steven M. Bellovin" <smb@research.att.com>
To: William Knowles <wk@c4i.org>
Cc: cryptography@c2.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 14 Nov 2000 19:20:18 -0500
Message-Id: <20001115002019.0030B35DC2@smb.research.att.com>
In message <Pine.LNX.4.21.0011101758590.16344-100000@idle.curiosity.org>, Willi
am Knowles writes:
>Snakeoil?
>
>[Smells like it. --Perry]
>
>http://www.ireland.com/newspaper/finance/2000/1110/fin10.htm
>
I don't know if it's really snake-oil -- it's possible, of course, that
they've developed a new, useful encryption algorithm, though of course
the odds are against that -- but no matter how good the algorithm is,
it's not "unhackable". Leaving aside the distinction between
cryptanalysis and hacking (and it's a huge one!), most security
problems are due to buggy code and/or bad systems administration. The
best encryption in the world can't stop buffer overflows, to give just
one example.
--Steve Bellovin
