[nycbug-talk] Elliptic Curve Backdoor? [was] RSA/DSA for encryption: has it's time come?
George Rosamond
george at ceetonetechnology.com
Fri Sep 13 14:52:39 EDT 2013
Pete Wright:
> On 09/13/2013 07:58 AM, Okan Demirmen wrote:
>
>>> So throwing it back to list...
>>>
>>> What have you changed?
>>>
>>> What changes have taken place in your organization, whether or not
>>> influenced by you?
>>
>> Zero.
>
> same here - although the incompetent IT department at my day-job is not
> insisting on not allowing encrypted IM's because..."compliance". so
> that's awesome.
I have some technical clients who are very conscious of the fact that
there has been a shift for non-technical people.
The argument that privacy has to be designed, as opposed to being
promises or policy is has reasserted itself. If a provider *can* access
data of its clients, then there isn't privacy.
Can't find them ATM, but this is a great spot to see useful articles on
the topic, including a lot of stuff on the changes in people's thinking
recently:
https://twitter.com/liberationtech
And LibTech's list is a central place for discussions around this stuff
today.
(hi again Jan!)
>
>>
>>> Factors of authentication, keys used, additional encryption added,
>>> office or home Tor, pgp/gpg....
>>
>> Nothing new.
>>
>
> same here, i think being a practical paranoid has prepped me for this
> inevitable day where it's known that telecomunications is an inherently
> unsafe communication medium. as is anything that requires 3rd party trust.
Very much the case for me also. But I am convinced more of our 'tools'
will start accounting for the 'new world' and I'm keeping tabs on that.
Thanks for being relevant Pete. I shifted this thread for a reason.
g
More information about the talk
mailing list