[ale] [EXTERNAL] Re: Security is still hard

Allen Beddingfield allen at ua.edu
Mon Oct 3 12:28:07 EDT 2022 

That's got nothing on my compost256 encryption :D 

--
Allen Beddingfield
Systems Engineer
Office of Information Technology
The University of Alabama
Office 205-348-2251
allen at ua.edu

________________________________________
From: Ale <ale-bounces at ale.org> on behalf of Jim Kinney via Ale <ale at ale.org>
Sent: Monday, October 3, 2022 11:25 AM
To: Bob Toxen
Cc: Jim Kinney; Atlanta Linux Enthusiasts
Subject: [EXTERNAL] Re: [ale] Security is still hard

I upgraded to rot26. It's twice as strong as rot13.

On Mon, Oct 3, 2022, 11:50 AM Bob Toxen <transam at verysecurelinux.com<mailto:transam at verysecurelinux.com>> wrote:
YUP!  A client asked me to "sniff" traffic that another supplier claimed
was encrypted and I proved that it was not!

In another case a very large manufacturer (you'd instantly recognize their
name) hired a satellite company to provide encrypted communications to
its dealers around the word.  One very smart dealer used a line analyzer
to prove that the communications was NOT encrypted and that each dealer
could see every other dealer's supposedly confidential sales information.

This would allow another dealer to snatch an impending sale away!  The
manufacturer hired a well-known computer security company to fix it and
they contracted with me to write the communication code to encrypted it.

Also, when analyzing don't be fooled by simple obscuring that anyone
can crack quickly, such as ROT 13 (Caeser encoding) that replaces each
'a' with 'n', 'b' with 'o', etc.

Bob Toxen
bob at verysecurelinux.com<mailto:bob at verysecurelinux.com>               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Retired from Quality Linux & UNIX security and SysAdmin & software
   consulting since 1990.
Retired from Quality spam and virus filters.

On Wed, Sep 28, 2022 at 07:44:58PM -0400, Jim Kinney via Ale wrote:
> On Wed, Sep 28, 2022, 7:38 PM DJPfulio--- via Ale <ale at ale.org<mailto:ale at ale.org>> wrote:
>
> >
> >
> > Takeaway:
> > Claims that something is encrypted and secure should be taken with a pound
> > of salt.
> >
>
> I fixed the comma-splice and made the statement true.

More information about the Ale mailing list