[nycbug-talk] Hot Story: German Gov. intelligence agencies decrypt PGP, SSH
nop at insidiae.net
Sun Jun 16 20:26:44 EDT 2013
Have you rotated your keys and update the bits this year?
On Sun, Jun 16, 2013 at 8:09 PM, George Rosamond <
george at ceetonetechnology.com> wrote:
> Isaac (.ike) Levy:
> > Hi All,
> > To throw a little chicken little into what is otherwise a beautiful
> > weekend,
> > A google translation says: "The federal government declared that its
> > secret services were basically able to decrypt PGP and Secure Shell,
> > at least partially."
> > -- Apparently, GnuPG list and others merely have links to this
> > article, I haven't found anything more except links to this vague
> > original article.
> > Thoughts? Is tomorrow morning's commute to work going to look like
> > that new Brad Pitt movie, *or*, are we looking at a dopey expose of
> > well-known widespread worst-practices in cryptographic
> > misunderstandings?
> I don't know if there's more to this, but this may be the important part:
> The response of the federal government is: "Yes, the technology used is
> generally in a position, depending on the type and quality of the
> What? Key length? Encryption type? Password strength?
> My feeling has always been that an adversary with sufficient resources
> and high enough stakes can break anything.
> If you're Jane Q Nobody crossing a border, and they image your drive and
> there's cipher text that's hard to crack, I doubt they devote the
> resources. But if you're a priority target, I'm sure they would and
> ultimately could.
> Passwd strength is usually the weak link though, not the encryption itself.
> talk mailing list
> talk at lists.nycbug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the talk