[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Internet Privacy Guaranteed ad (POTP Jr.)
I have been following this debate with some interest. I think that
it is quite clear that without your publishing the algorithms for your
product, you have to accept our skepticism obout your claims. You have
offered to do this so I will wait to make my judgement.
The issue that I have not seen you address is one that has been
brought up by several posters to this thread. This issue has to do with
the fact that if you generate all of the keys (or whatever) what is to
stop someone from offering one of your employees a LARGE bribe to cough up
the keys?
I don't think that anyone on this list would accept as secure any
system, no matter how clever, that relies on a human factor. People are
weak, properly used, mathematics is not. To suggest that such a security
breach would not occur with your procedures is disingenuous in the
extreme.
I am not trying to start (or continue) a flame war. I am willing
to learn more about your system before I pass judgement but I must tell
you, however, that I have heard nothing yet to give me any confidence
that your system is secure.
Regards,
Tim Philp
===================================
For PGP Public Key, Send E-mail to:
[email protected]
In Subject line type:
GET PHILP
===================================