[10622] in cryptography@c2.net mail archive
Re: crypto question
daemon@ATHENA.MIT.EDU (Jim Choate)
Mon Mar 25 00:34:13 2002
Date: Sat, 23 Mar 2002 16:54:29 -0600 (CST)
From: Jim Choate <ravage@ssz.com>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: mkb@black-ice.org, Pat Farrell <pfarrell@pfarrell.com>,
"McMeikan, Andrew" <McMeikanA@logica.com>,
cryptography@wasabisystems.com
In-Reply-To: <v04210108b8c132105814@[192.168.0.2]>
Message-ID: <Pine.LNX.3.96.1020323164649.440M-100000@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 22 Mar 2002, Arnold G. Reinhold wrote:
> I'm not sure what changes in your argument if you delete the word
> "physical."
I don't think you understand what that means. I was responsible for a
multi-campus (at the time the largest private system ever built) computer
controlled real-time security system connected to the fire, telephone,
video, and computer networks. This involves mag switches, PIR's, thermal,
ultrasonic, microwave, mag stripe cards, etc. We even had a small reactor
on campus as well as a couple of Gutenburg bibles that my group was
partialy responsible for.
> Perhaps we should all just give up with this security nonsense.
I'm not suggesting that at all. I -am- suggesting that one should never
under estimate ones opponents. If you could build it, so can they. If they
can build it they can spend time taking it apart. Do most security
organizations or systems have those sorts of time/resources? My experience
is they don't. The major issue is more one of responsibility/indemnity in
conflict with time. The longer a system remains unbroken the more likely
it is to be broken, the only significant caveat is if the system is
updated and modified often enough. Then there is a data collection issue
that limits what is -reasonable-.
--
____________________________________________________________________
There is less in this than meets the eye.
Tellulah Bankhead
ravage@ssz.com www.ssz.com
jchoate@open-forge.org www.open-forge.org
--------------------------------------------------------------------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
