Educause Security Discussion mailing list archives

Re: iPad and access to university ERP

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Wed, 21 Jul 2010 23:46:13 -0400

On Wed, 21 Jul 2010 16:45:27 MDT, "SCHALIP, MICHAEL" said:

But.....given that the session *is* encrypted - and not persistent-  wouldn't
*any* kind of encryption be serviceable for something like this?


*any* kind? Given today's CPU speeds, 40 bit encryption is essentially rot-13.
Brute-force test all 1,099,511,627,776 keys in a few minutes.  If you have a
botnet of more than a few hundred machines, it will take more compute power to
distribute the job than it will to break the keys.  Still think "*any*" is good enough? :)

Attachment: _bin
Description:

Current thread:

Re: iPad and access to university ERP, (continued)
- - - Re: iPad and access to university ERP Basgen, Brian (Jul 21)
    - Re: iPad and access to university ERP Russell Fulton (Jul 23)
    - Re: iPad and access to university ERP James Peluso (Jul 24)
    - Re: iPad and access to university ERP Brad Judy (Jul 22)
    - Re: iPad and access to university ERP Brad Judy (Jul 22)
    - Re: iPad and access to university ERP John Hoffoss (Jul 22)
    - Re: iPad and access to university ERP Bret Ingerman (Jul 23)
    - Re: iPad and access to university ERP Richard Hopkins (Jul 22)
    - Re: iPad and access to university ERP Roger Safian (Jul 22)
    - Re: iPad and access to university ERP Richard Hopkins (Jul 22)
    - Re: iPad and access to university ERP Valdis Kletnieks (Jul 21)
    - Re: iPad and access to university ERP SCHALIP, MICHAEL (Jul 22)
    - Re: iPad and access to university ERP Joel Rosenblatt (Jul 22)
    - Re: iPad and access to university ERP Valdis Kletnieks (Jul 24)