[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat

Subject: [ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat
From: jim.kinney at gmail.com (Jim Kinney)
Date: Fri, 6 Sep 2013 12:27:22 -0400
In-reply-to: <CADT30qUULNtV9Z6PcWa=2H6s4FdoRMkdsCvH+u8HmD4evNVwsw@mail.gmail.com>
References: <CADT30qUULNtV9Z6PcWa=2H6s4FdoRMkdsCvH+u8HmD4evNVwsw@mail.gmail.com>

I read it mostly as signing key access thus collect all and unlock later as
needed.

So self-signed certs are much harder for spooks to read.
On Sep 6, 2013 10:08 AM, "Charles Shapiro" <hooterpincher at gmail.com> wrote:

> But not gpg, according to the NYT (
> http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp&_r=0).  My read of the article is that most of the compromises involve getting
> access to keys through vendors, rather than compromises of the actual
> algorithms, although there are some hints that the NSA has tried to subvert
> standards as well.
>
> Moral of the story:  Use FOSS, don't trust any service providers.
>
>
> -- CHS
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130906/c1e354a5/attachment-0001.html>

References:
- [ale] The NSA has compromised httpd,ssh,TLS/SSL, and secure chat
  - From: hooterpincher at gmail.com (Charles Shapiro)

Prev by Date: [ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat
Next by Date: [ale] CUPS or LPR?
Previous by thread: [ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat
Next by thread: [ale] Possible backdoor in /dev/random? [discussion]
Index(es):
- Date
- Thread