[118211] in Cypherpunks
RE: Anonymous Remailers
daemon@ATHENA.MIT.EDU (Sean Roach)
Tue Sep 21 23:49:25 1999
Message-Id: <3.0.6.32.19990921203500.00828e00@mail.intplsrv.net>
Date: Tue, 21 Sep 1999 20:35:00 -0500
To: cypherpunks@algebra.com
From: Sean Roach <roach_s@mail.intplsrv.net>
In-Reply-To: <NDBBIFGOKODBCKDGJDKLCEEKCHAA.shamrock@cypherpunks.to>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Reply-To: Sean Roach <roach_s@mail.intplsrv.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 10:22 PM 9/19/99 -0700, Lucky Green wrote: >
...
>
>I am starting to get sick of Anon's ignorant comments. My job title
>in my day job is "Senior Security Specialist". I should be fired if
>I didn't recommend to our customers to flat-out ignore an RNG for
>which only post-whitening/normalization output is available. And
>this holds true irrespective of any concerns about deliberate
>tampering. Only the most incompetent individual would discount the
>possibility of bugs in software or hardware. Reliability and
>security are not just a function of on careful design, but even more
>so of exhaustive testing. If you can't test a system component, you
>can't trust the system component. No conspiracy theories need. End
>of story.
Besides. If there were a bug, you wouldn't notice it except once in
1,000,000,000 or so years. That is unless you are an educator. But,
if you find the flaw, they'll be sure to trade in your defective one
for the fixed version, so long as they don't have to trade out
everyones who have that flaw.
I'm not exactly knowledgable about the workings of Intel, but they do
have a reputation to live down. Perhaps the lack of pre-whitening
output is an effort to avoid a similar fiasco.
Just adding oil to the fire.
Sean Roach
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
iQA/AwUBN+gyPJHDoiHtqFDZEQJ8+ACfdpk7RxVDZDiM4vJfWxXbRGUAfOgAoMrT
10Ty2038IDIn+7fOxdXH9ABy
=QElt
-----END PGP SIGNATURE-----
