[LAD] [OT] Richard Stallman warns against ChromeOS

Ralf Mardorf ralf.mardorf at alice-dsl.net
Thu Dec 16 02:15:16 UTC 2010


On Wed, 2010-12-15 at 21:47 +0100, Arnold Krille wrote:
> On Wednesday 15 December 2010 20:40:20 Ralf Mardorf wrote:
> > On Wed, 2010-12-15 at 19:56 +0100, Arnold Krille wrote:
> > > On Wednesday 15 December 2010 16:41:32 Jörn Nettingsmeier wrote:
> > > > On 12/15/2010 11:14 AM, gene heskett wrote:
> > > > > Ralf I suspect, if he were to use pgp, would be like me, and only
> > > > > trust pgp-2.6.2a, the last one before they put Zimmerman in jail for
> > > > > a few years. I have often said, and have been called the uber
> > > > > paranoid for it, that one of the conditions of his release was that
> > > > > the next generation of pgp had a back door.
> > > > 
> > > > as they say, paranoia doesn't mean they're not after you!
> > > > 
> > > > :-D
> > > > 
> > > > i think this problem is mitigated somewhat by using open protocols with
> > > > open crypto implementations that have undergone public scrutiny. unless
> > > > you want to believe that "the NSA has quantum computers anyway and have
> > > > solved the entire problem space years ago" :)
> > > 
> > > Some months back fbi had to admit that current encryption is to good for
> > > them. After a year of trying they returned a hard-disk (which Mexican
> > > police asked them to decrypt) admitting they couldn't do anything to get
> > > the data... Went through fefe's blog...
> > > 
> > > Have fun,
> > > 
> > > Arnold
> > 
> > There still is a much easier way to decrypt mails. I'm not talking about
> > a completely encrypted hard disk. Get the non-public, private key. Is
> > this key saved in a file on a computer that is connected to the web,
> > e.g. for usage directly with your mail client? Hack the firewall and get
> > that key or burglarise the flat to get access to the non-public, private
> > key.
> 
> Still you have to know the password for the key :-P

To be honest, I've forgotten about this :D, but anyway, hacking the
password, resp. pass'phrase' should be easier to do. When hacking
online, the time the pass'phrase' doesn't need to be typed again is
important. It's also important how long 'su' for a terminal emulation
could be active, without an 'auto'exit is executed, while there isn't
activity by the admin. While it isn't easy to hack a good protected
Linux, it's relative easy to hack an online audio workstation as mine,
no firewall, no AppAmor etc. ;).





More information about the Linux-audio-dev mailing list