Full Disclosure mailing list archives
RE: Cryptome Hacked!
From: "Sung J. Choe" <schoe () oicinc com>
Date: Wed, 26 Feb 2003 14:55:23 -1000
Third, the best method of ensuring the integrity of software right now is signed crypographic checksums from someone you trust.
What would you use to generate that checksum? Can you trust the software used to generate the checksum? How can you trust that software? Please do not give some simple-minded answer like "cryptographic checksums" since that does not answer my specific question. As for your other comments, refer to my reply to the original post. .--------------------------------------------------. | Sung J. Choe <schoe[at]oicinc.com>, TICSA | | Systems Administrator, Facility Security Officer | .--------------------------------------------------.----. | Oceanic Imaging Consultants, Inc. | | Phone #: (808) 539-3634 x3634 | .-----------------------------------. 568D CAD6 53A0 92E6 4A2A 4E87 3BA0 5F90 37BB 8EE7
-----Original Message----- From: batz [mailto:batsy () vapour net] Sent: Wednesday, February 26, 2003 2:30 PM To: Sung J. Choe Cc: 'full-disclosure () lists netsys com' Subject: Re: [Full-disclosure] Cryptome Hacked! On Wed, 26 Feb 2003, Sung J. Choe wrote: :Cryptome.org, a site for privacy enthusiasts and leftists alike, was :apparently hacked today. Their server is up but "all files were deleted". :Besides the usual anti-American/anti-government vitriol that is usually :found at Cryptome.org, they also distribute crypto software. This brings up :the following question: What is the best method for ensuring the integrity :of software which require a high level of trust? I am almost sure that any :crypto software distributed by such extremists as John Young (operator of :cryptome.org) has been tampered with in some way. Does anybody else share :this opinion? First, I should state that the paradox of following up flamebait with a message calling it flamebait is not lost on me. Second, It is not accurate or useful to call people who contribute to cryptome anti-American, though anti-Stupid-American might not be far from the truth. Third, the best method of ensuring the integrity of software right now is signed crypographic checksums from someone you trust. While we're on the topic of stupid, how did you find out about this list without considering this? Fourth, I hope for your sake that you come to appreciate the irony of making shrill and frothing accusations of extremism in public forums. That's a shame about cryptome, but who would have the motive? The NSA? Aliens? Geographers? Maybe Hallmark has a sympathy card we can send to people who get 0wned. Get well soon cryptome! -- batz
Attachment:
schoe.vcf
Description:
Current thread:
- Cryptome Hacked! Sung J. Choe (Feb 26)
- RE: Cryptome Hacked! Steve Wray (Feb 26)
- Re: Cryptome Hacked! Morgan Marquis-Boire (Feb 26)
- Re: Cryptome Hacked! Ian Eyberg (Feb 26)
- RE: Cryptome Hacked! Steve Wray (Feb 26)
- Re: Cryptome Hacked! Etaoin Shrdlu (Feb 26)
- Re: Cryptome Hacked! Morgan Marquis-Boire (Feb 26)
- RE: Cryptome Hacked! Steve Wray (Feb 26)
- Re: Cryptome Hacked! Kevin Spett (Feb 26)
- Re: Cryptome Hacked! yossarian (Feb 26)
- Re: Cryptome Hacked! batz (Feb 26)
- <Possible follow-ups>
- RE: Cryptome Hacked! Sung J. Choe (Feb 26)
- RE: Cryptome Hacked! batz (Feb 26)
- RE: Cryptome Hacked! Sung J. Choe (Feb 26)
- Re: Cryptome Hacked! yossarian (Feb 26)
- RE: Cryptome Hacked! Sung J. Choe (Feb 26)
- Re: Cryptome Hacked! Kevin Spett (Feb 26)
- RE: Cryptome Hacked! Steve Wray (Feb 26)
- Re: Cryptome Hacked! Kevin Spett (Feb 26)