[147956] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] /dev/random initialisation
daemon@ATHENA.MIT.EDU (James A. Donald)
Sat Nov 2 12:19:30 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 02 Nov 2013 12:30:19 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <B376430B-4FE0-4C1D-8A69-A9424F728E78@gmail.com>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-10-31 13:28, John Kelsey wrote:
> Lots and lots of dumb policies and decisions have been accepted or
> imposed by people who thought they were doing something sensible,
> but were really making security weaker. And the bit where people
> make up conspiracy theories to explain every such failure has zero
> chance of improving security.
We face real conspiracies by real people. That has to be your threat
model.
Having a valid threat model is bound to make you more secure.
Some bad decisions were made by conspiracy that intended bad outcomes.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography