[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comparing PGP to Symantec's Secret Stuff

To: [email protected]
Subject: Re: Comparing PGP to Symantec's Secret Stuff
From: Bruce Schneier <[email protected]>
Date: Mon, 05 Jan 1998 20:46:26 -0600
In-Reply-To: <[email protected]>
Posted-Date: Mon, 5 Jan 1998 20:47:00 -0600 (CST)
References: <v03007800b0bc0c9a7689@[198.115.179.81]>
Sender: [email protected]


>	Having worked for those multinationals and defense
>contractors, I've seen them buy new products with serious weaknesses
>in key generation, with year 2000 problems, with stream ciphers used
>to protect stored data--keyed the same way each time.  I've seen them
>use code that sent cleartext where it should have been encrypting on
>the wire.

I second this.  The pitiful state of "secure code" is shocking.  (Actually,
I just wrote an essay on the topic.  Get a copy for yourself at:
http://www.counterpane.com/pitfalls.html.)

Bruce
**************************************************************************
* Bruce Schneier                 For information on APPLIED CRYPTOGRAPHY
* Counterpane Systems            2nd EDITION (15% discount and errata), 
* [email protected]       Counterpane Systems's consulting services, 
* http://www.counterpane.com/    or the Blowfish algorithm, see my website.
**************************************************************************

Prev by Date: Re: [Humor] Kennedy's New Legislation
Next by Date: Re: Comparing PGP to Symantec's Secret Stuff
Prev by thread: Crypto-enemy senator gets cash from Johnny Chung
Next by thread: Re: Comparing PGP to Symantec's Secret Stuff
Index(es):
- Date
- Thread