[cryptography] Preserve us from poorly described/implemented crypto
iang at iang.org
Tue Jun 7 08:18:14 EDT 2011
On 6/06/11 2:53 PM, Marsh Ray wrote:
> Come on. There are people in tall glass buildings that will be using
> this keyboard to enter passwords that manage accounts containing
> millions of dollars on a regular basis. And there's a very high
> practical limit on the gain of the antenna that could be aimed directly
> at them from an office on the same floor across the street.
People in tall glass buildings should learn not to throw electronic
stones then.... It's easy, just use a laptop w/ethernet. No wireless,
no keyboard loggers. Corporates know how to issue laptops.
> On the defense side, the agencies that are experienced at looking at
> signals also have the mission of protecting the US government itself.
> Surely they realize it's impractical to keep every off-the-shelf
> keyboard out of every marginally sensitive location.
Then, the rest of society has to pay for their incompetence?
Anyone know what the price of a DoD-secured keyboard is :)
> Check this out:
> Someone please tell them they ought to require HTTPS for this kind of
"To access any of our SSL-protected web pages, you will need to
authorize your browser to trust either our certificate, or (better
choice) the US Government's DoD Root CA-2 (which vouches for the root of
our certificate chain)."
More information about the cryptography