I am in the process of implementing this for linux right now... I was working from the 1996 TIS papers on "DTE" (domain and type enforcement), and saw (well, noticed) no mentions of patents.
First, I used to take a common phrase and append a site-specific phrase. Then, I started keeping passwords in an encrypted file, so I could do more random passwords. Then, one weekend, I got bored, so I wrote a little c command line and gtk interface prog to keep (username, site, password) sets encrypted.
The concept of just remembering passwords doesn't work for me:(
I do have a few questions about the source (to wipe a message from memory, they overwrite with a *static* *number* of -'s, and I don't see where they limit the size of the message to that size... Just as an example.)
But still, I see this as a big step up from, say, hotmail. No passwords being sent in the clear accross the net... (is that the case for hotmail? I'm not sure - never used it.:) Maybe someone'll become ambitious and work in some cryptix code so you *could* send encrypted mail to non-hush users...
Of course, I tried to create an account twice and isn't working. Not that I have use for such an account.
> Additionally, attached is a worksheet showing what it would (will) cost > FNTS to recall the PCX phones in the marketplace if the source code has > been compromised or is not safe. > GRAND TOTAL $5,517,389.61 (Melanie W. Scofield, Corporate Counsel Fujitsu)
In other words, "since our code sucks so bad that anyone who sees it will instantly see blatant exploitable security holes, and since this is of course not *our* responsibility but that of the irresponsible person who looked at the code, we would like that person to pay us to recall all phones we have sold so far."
>onsense. It's just a macro virus, not a balanced AVL tree. It doesn't take a genius to write a macro virus.
It also doesn't take a genius to replace a few bytes in one file with those from another. If everytime the doc were saved it also saved a MAC (as in an encrypted hash) with the windows global id, then we could talk about proof. As it stands, there's nothing.
Slashdot Mirror
Well, TE != encryption, not even close.
I am in the process of implementing this for linux right now... I was working from the 1996 TIS
papers on "DTE" (domain and type enforcement), and saw (well, noticed) no mentions of patents.
First, I used to take a common phrase and append
:(
a site-specific phrase. Then, I started keeping
passwords in an encrypted file, so I could do
more random passwords. Then, one weekend, I got
bored, so I wrote a little c command line and gtk
interface prog to keep (username, site, password)
sets encrypted.
The concept of just remembering passwords doesn't
work for me
I do have a few questions about the source (to wipe a message from memory, they overwrite with a
:)
*static* *number* of -'s, and I don't see where they limit the size of the message to that size...
Just as an example.)
But still, I see this as a big step up from, say, hotmail. No passwords being sent in the clear
accross the net... (is that the case for hotmail? I'm not sure - never used it.
Maybe someone'll become ambitious and work in some cryptix code so you *could* send encrypted mail to
non-hush users...
Of course, I tried to create an account twice and isn't working. Not that I have use for such an
account.
Now this is priceless:
> Additionally, attached is a worksheet showing what it would (will) cost
> FNTS to recall the PCX phones in the marketplace if the source code has
> been compromised or is not safe.
> GRAND TOTAL $5,517,389.61
(Melanie W. Scofield, Corporate Counsel Fujitsu)
In other words, "since our code sucks so bad that anyone who sees it will
instantly see blatant exploitable security holes, and since this is of course
not *our* responsibility but that of the irresponsible person who looked at
the code, we would like that person to pay us to recall all phones we have sold
so far."
>onsense. It's just a macro virus, not a balanced AVL tree. It doesn't take a genius to write a macro virus.
It also doesn't take a genius to replace a few bytes in one file with those from another. If
everytime the doc were saved it also saved a MAC (as in an encrypted hash) with the windows global
id, then we could talk about proof. As it stands, there's nothing.