[146521] in cryptography@c2.net mail archive
Re: [Cryptography] NSA and cryptanalysis
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Mon Sep 2 15:42:34 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <5223F959.1040204@echeque.com>
Date: Mon, 2 Sep 2013 14:45:00 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "James A. Donald" <jamesd@echeque.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6390287898792464040==
Content-Type: multipart/alternative; boundary=089e0112c5c835b32704e56af81f
--089e0112c5c835b32704e56af81f
Content-Type: text/plain; charset=ISO-8859-1
On Sun, Sep 1, 2013 at 10:35 PM, James A. Donald <jamesd@echeque.com> wrote:
> On 2013-09-01 9:11 PM, Jerry Leichter wrote:
>
>> Meanwhile, on the authentication side, Stuxnet provided evidence that the
>> secret community *does* have capabilities (to conduct a collision attacks)
>> beyond those known to the public - capabilities sufficient to produce fake
>> Windows updates.
>>
>
> Do we know they produced fake windows updates without assistance from
> Microsoft?
Given the reaction from Microsoft, yes.
The Microsoft public affairs people have been demonstrating real anger at
the Flame attack in many forums.
--
Website: http://hallambaker.com/
--089e0112c5c835b32704e56af81f
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Sun, Sep 1, 2013 at 10:35 PM, James A. Donald <span dir=
=3D"ltr"><<a href=3D"mailto:jamesd@echeque.com" target=3D"_blank">jamesd=
@echeque.com</a>></span> wrote:<br><div class=3D"gmail_extra"><div class=
=3D"gmail_quote">
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On 2013-09-01 9:11 PM, Jer=
ry Leichter wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
Meanwhile, on the authentication side, Stuxnet provided evidence that the s=
ecret community *does* have capabilities (to conduct a collision attacks) b=
eyond those known to the public - capabilities sufficient to produce fake W=
indows updates.<br>
</blockquote>
<br></div>
Do we know they produced fake windows updates without assistance from Micro=
soft?</blockquote><div><br></div><div>Given the reaction from Microsoft, ye=
s.</div><div><br></div><div>The Microsoft public affairs people have been d=
emonstrating real anger at the Flame attack in many forums.</div>
<div>=A0</div></div>-- <br>Website: <a href=3D"http://hallambaker.com/">htt=
p://hallambaker.com/</a><br>
</div></div>
--089e0112c5c835b32704e56af81f--
--===============6390287898792464040==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6390287898792464040==--
