[cryptography] Intel RNG
James A. Donald
jamesd at echeque.com
Tue Jun 19 03:32:05 EDT 2012
On Jun 18, 2012, at 4:21 PM, Jon Callas wrote:
>>> Reviewers don't want a review published that shows they gave a pass on a crap system. Producing a crap product hurts business more than any thing in the world. Reviews are products. If a professional organization gives a pass on something that turned out to be bad, it can (and has) destroyed the organization.
On Jun 18, 2012, at 9:03 PM, Matthew Green wrote:
>> I would really love to hear some examples from the security world.
>> I'm not being skeptical: I really would like to know if any professional security evaluation firm has suffered meaningful, lasting harm as a result of having approved a product that was later broken.
>> I can think of several /counterexamples/, a few in particular from the satellite TV world. But not the reverse.
On 2012-06-19 4:14 PM, Jon Callas wrote:
> The canonical example I was thinking of was Arthur Anderson, which doesn't meet your definition, I'm sure.
Arthur Andersen was shut down for excessively creative accounting, and
if things had stopped there, all would have been fine.
Unfortunately, the shutdown of Arthur Andersen led to Sarbanes–Oxley,
which appears to have either made excessively creative accounting
mandatory, or or else given the remaining big four accountants a roadmap
of how to do creative accounting and never have to say you are sorry
when MF Global was stealing from its customers on your watch.
Sarbannes Oxley is best interpreted as the big accountants saying "Hey,
we all doing what Arthur Anderson did, so it needs to be made legal,
MF Global stole shitloads of money, but because its theft was
Sarbanes–Oxley compliant, there appear to be no consequences
In general, when the elite are caught lying, cheating, or stealing, the
elite close ranks. Similarly, climategate revealed climate scientists
cooking their data, with total lack of consequences. Now cooking your
data to accord with the expectations of your peers is the new scientific
More information about the cryptography