[cryptography] cryptography Digest, Vol 70, Issue 7

Brian Hankey bhankey at gmail.com
Mon Dec 21 10:39:04 EST 2015


> From: Givon Zirkind <givonne at gmx.com>
> 
> On 12/20/2015 2:14 AM, Jeffrey Goldberg wrote:
>> The problem you address is certainly real. And a lot of people have 
>> looked at various approaches over the decades. None, so far, is fully 
>> satisfactory. (I obviously believe that a well designed password 
>> manager is the best solution for most people available today, but I do 
>> not see them as the long term solution.) One common mistake 
> IMHO, the basic problem [on a meta level] is, that if you put all your 
> passwords [eggs] into one basket, all you have to do is steal the 
> basket.  crack the master password to the password file and you have all 
> the passwords.
> 
> old school, manually, ppl used to keep a rolodex of which files to look 
> in for the passwords to certain items.  and, passwords would be hidden 
> in those files.  obstensively, the CIA does this with files that need to 
> "disappear".  e.g. keeping a record in the Atomic Energy Commissions 
> files of some covert op.  with a cross reference that tells someone 
> where to find it.  who's going to look through a warehouse of files to 
> find a record?  it's like a needle in a haystack.  if you could 
> implement that electronically, that would probably be the best way to 
> go.  imho.

This particular needle got lost in the haystack of my inbox… very interesting idea.  Do you have any preliminary ideas on how to implement that electronically? I am not sure where to begin.






More information about the cryptography mailing list