Full Disclosure mailing list archives
Re: RE: hPRoTeCT Labs Releases vulnfind (hprotect () hushmail com)
From: Joachim Schipper <j.schipper () math uu nl>
Date: Mon, 2 May 2005 11:19:14 +0200
On Mon, May 02, 2005 at 10:58:55AM +0200, Alexander.Haeussler () ZF-Lenksysteme com wrote: <snip: post>
---- Ascom IDEAsecure SIGNED MESSAGE ---- BASE64 AAEBAAACAQAAAwAAAgIAAAjRgAEAAAbGgAIAAAa0AAQAAAACAAIAAgAABpg+IERhdGU6IF dlZCwgMjcgQXByIDIwMDUgMTE6NTc6MTUgLTA3MDANCj4gRnJvbTogPGhwcm90ZWN0QGh1 c2htYWlsLmNvbT4NCj4gU3ViamVjdDogW0Z1bGwtZGlzY2xvc3VyZV0gaFBSb1RlQ1QgTG FicyBSZWxlYXNlcyB2dWxuZmluZA0KPiBUbzogPGZ1bGwtZGlzY2xvc3VyZUBsaXN0cy5n cm9rLm9yZy51az4NCj4gTWVzc2FnZS1JRDogPDIwMDUwNDI3MTg1Ny5qM1JJdk1RdTA3NT A3OUBtYWlsc2VydmVyMi5odXNobWFpbC5jb20+DQo+IA0KPiBoUFJvVGVDVCBMYWJzIGlz IHBsZWFzZWQgdG8gYW5ub3VuY2UgdGhlIHJlbGVhc2Ugb2YgdnVsbmZpbmQsIGFuIA0KPi BhdXRvbWF0ZWQgdW5pdmVyc2FsIHZ1bG5lcmFiaWxpdHkgZGlzY292ZXJ5IGFuZCBleHBs b2l0YXRpb24gDQo+IGVuZ2luZS4gdnVsbmZpbmQgcGVybWl0cyB0aGUgdW5pdmVyc2FsIG FuZCBhdXRvbWF0ZWQgZGlzY292ZXJ5IG9mIA0KPiB2dWxuZXJhYmlsaXRpZXMgYWNyb3Nz IGFsbCBXaW5kb3dzIFhQIHBsYXRmb3JtcyB2aWEgdGhlIA0KPiBpbnN0cnVtZW50YXRpb2 4gb2Ygc2hhcmVkIGxpYnJhcnkgY29kZSByZXNwb25zaWJsZSBmb3IgdmlydHVhbGx5IA0K PiBhbGwgdnVsbmVyYWJpbGl0aWVzLiBBbiBhZHZhbmNlZCAnZGV0b3VycycgaG9vayBsaW JyYXJ5IGluc3RydW1lbnRzIA0KPiB0aGUgc2hhcmVkIGxpYnJhcnkgY29kZSByZXNwb25z aWJsZSBmb3IgJ3N0cmNweScsIGEgbWFqb3IgY2F1c2Ugb2YgDQo+IHZ1bG5lcmFiaWxpdG llcywgYW5kIG5vdGlmaWVzIHdoZW4gdGhlIHNhdmVkIGZyYW1lIHBvaW50ZXIgYW5kIA0K PiByZXR1cm4gYWRkcmVzcyAoJ2VicCcgYW5kICdlaXAnKSB3aWxsIGJlIGNvbXByb21pc2 VkIGR1ZSB0byBleGNlc3MgDQo+IHN0cmluZyBsZW5ndGguIEluIGFkZGl0aW9uLCB2dWxu ZmluZCBwZXJtaXRzIHZ1bG5lcmFiaWxpdHkgDQo+IGRpc2NvdmVyeSBhbmQgcGVuZXRyYX Rpb24gdGVzdHMgYWxpa2UgdmlhIHJ1bi10aW1lIHJlcGxhY2VtZW50IG9mIA0KPiB0aGUg Y29tcHJvbWlzZWQgcmV0dXJuIGFkZHJlc3MgKCdlaXAnKSB3aXRoIGFuIGFkZHJlc3Mgb2 YgbWVtb3J5LQ0KPiByZXNpZGVudCBzaGVsbGNvZGUgcmVzaWRlbnQgaW4gdGhlIG1lbW9y eSBvZiB0aGUgcHJvY2Vzcy4NCj4gDQo+IHZ1bG5maW5kIGlzIHJlbGVhc2VkIGFzIG9wZW 4gJ2MnIHNvdXJjZSBhbmQgaXQgd2lsbCBiZSBwb3J0ZWQgdG8gDQo+ICdjKysnIGluIHRo ZSBjb21pbmcgd2Vla3MuIHZ1bG5maW5kLCBhbG9uZyB3aXRoIG92ZXIgMjUwIG90aGVyIG MsIA0KPiBjcHAsIGN4eCwgYW5kIGggZmlsZXMgd3JpdHRlbiBieSBoUFJvVGVDVCBzdGFm ZiwgaXMgYXZhaWxhYmxlIHZpYSANCj4gdGhlIGhQUm9UZUNUIExhYnMgaG9tZSBwYWdlLC BpbiBhZGRpdGlvbiB0byBvdmVyIDI1MCBvdGhlciANCj4gcHJvamVjdHMuDQoNCldoYXQg aXMgdGhlIFVSTCBmb3IgdGhlIGhQUm9UZUNUIExhYnMgaG9tZSBwYWdlPyBZb3UgZm9yZ2 90IHRvIGluY2x1ZGUgdGhlIGxpbmsgaW4gdGhlIHBvc3RpbmcNCg0KPiANCj4gVGhlIGF2 YWlsYWJpbGl0eSBvZiBhZGRpdGlvbmFsIHByb2plY3RzIHdpbGwgYmUgYW5ub3VuY2VkIH RvIGFsbCANCj4gbWFpbGluZyBsaXN0cyB1cG9uIGJlY29taW5nIGF2YWlsYWJsZS4NCj4g DQo+IFdpbGV5IE1pbGxlcg0KPiBQcm9kdWN0IE1hbmFnZXIsIGhQUm9UZUNUIExhYnMNCg ADAAAACEJvZHkudHh0gAcAAAAGAAwAAAAAgAUAAAH5ABIAAAAEQnXrzgAKAAAAogMBAQEA ECvHdu2zGcZYnr4GlDOG6FEACPycWCgexBR5AIBAr8VSPfPwADRbHQLdLwynPfKeZqbuzw aiwwJitKFu7Fow2o32LgQS1V8TROx/keJTlGvyP2k57dTy4UuChwlRdHBkZstrx+KHZLVc quSvuPOTTW77cXCtyU5wjQHBpKJ3RaJir78fecvLE7twD2CigIeHClmfSoE5oaJ7D2TsCg AWAAAAgIF1Q2zUXiPnIdL8haKRVGACtQsn0OceqpKCCBy75YH5O8pA9KuSv3HbalQJcwJH /GgKcN7ucMH9NmM6w7eAJSjOCXpu/Qu3CSs58bm3w0ShIuXBDrhOqI+jAOeWARmcAJ08Ri Rt2YJ1EROWmUc91TzPqSZInP0p28qVhPMrP6o0ABcAAAACAAEAFAAAACQvbz1aRi9vdT1a RkcvY249UmVjaXBpZW50cy9jbj1HNTE3NzQAEQAAACUvbz1aRi9vdT1aRkcvY249UmVjaX BpZW50cy9jbj1yb290LWNhABAAAAADD0V0AAYAAAAI/JxYKB7EFHkAGAAAABtIYWV1c3Ns ZXIgQWxleGFuZGVyIFNHRCBGSVcAGQAAACZBbGV4YW5kZXIuSGFldXNzbGVyQFpGLUxlbm tzeXN0ZW1lLmNvbQAPAAAAAAMBC3k= ---- Ascom IDEAsecure End Message ----
Erm, why not just use an OpenPGP implementation (GnuPG)? I can actually verify that, you know... (not to mention the fact that having a signature equal to the size of the whole post is bad form, and that's equally true if we're not talking .sig here!) And IDEA is full of patent problems, anyway, which makes it even less useful. If the people you're sending to aren't going to be able to verify it, anyway, why bother signing it? Joachim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: hPRoTeCT Labs Releases vulnfind (hprotect () hushmail com) Alexander . Haeussler (May 02)
- Re: RE: hPRoTeCT Labs Releases vulnfind (hprotect () hushmail com) Joachim Schipper (May 02)