[118497] in Cypherpunks
Re: IBM to built crypto-on-a-chip into all its PCs
daemon@ATHENA.MIT.EDU (William H. Geiger III)
Wed Sep 29 23:38:05 1999
Message-Id: <199909300321.XAA05487@domains.invweb.net>
From: "William H. Geiger III" <whgiii@openpgp.net>
Date: Wed, 29 Sep 1999 22:02:23 -0500
To: Damien Miller <dmiller@ilogic.com.au>
In-Reply-To: <Pine.LNX.4.10.9909301135040.1925-100000@mothra.ilogic.com.au>
Cc: Digital Bearer Settlement List <dbs@philodox.com>,
cypherpunks@cyberpass.net, cryptography@c2.net
Reply-To: "William H. Geiger III" <whgiii@openpgp.net>
In <Pine.LNX.4.10.9909301135040.1925-100000@mothra.ilogic.com.au>, on
09/30/99
at 11:39 AM, Damien Miller <dmiller@ilogic.com.au> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>On Tue, 28 Sep 1999, William H. Geiger III wrote:
>> In <v04210101b41578834ee3@[204.167.100.139]>, on 09/27/99
>> at 03:41 PM, Robert Hettinga <rah@shipwright.com> said:
>>
>> >Probably IBM will first want to see how attractive the technology is to
>> >punters. At least the approach of using an ancillary encryption chip
>> >should keep IBM safe from the nightmare Intel faced when it attempted to
>> >railroad CPU ID numbers on users.
>>
>> No Code == No Trust!
>>
>> This has all the security/trust problems that Intel's RNG does and more. I
>> wouldn't touch this thing with a ten foot poll.
>I don't see what this paranoia gains you.
If you haven't noticed this is a business of paranoia.
>If you do not trust the crypto processor then you should throw the whole
>machine out - there are *so* many other ways that IBM could have
>compromised the system.
So you suggest the head in the sand approach? There are so many different
ways a system can be compromised so we will just ignore them all? Surely
you are not naive enough to blindly trust someone's crypto black box just
because they say it's secure?
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------
