Wireless Office

Fernando Duran liberosec-FFYn/CNdgSA at public.gmane.org
Tue Dec 30 16:07:55 UTC 2008


--- James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> wrote:

> Fernando Duran wrote:
> > --- Zbigniew Koziol <softquake-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> >
> >
> >   
> >> I do not trust all these encryption methods.
> >>
> >> If transmission can be intercepted - no way that
> it
> >> is secure anymore.
> >>
> >>     
> >
> > That's incorrect; precisely the beauty of
> asymmetric
> > (public-key) cryptography is that users can
> > communicate securely over a public channel. 
> >
> > Several cryptographic methods have been proven to
> be
> > mathematically secure. A different issue of course
> are
> > problems in particular implementations or
> > configurations, the human factor etc that may make
> a
> > scheme vulnerable.
> >
> >   
> 
> And when a RADIUS server is used, the "password" is
> changed frequently,
> both every time you connect and periodically
> afterward and each
> connection will also have it's own key.  With a
> pre-shared password,
> it's only changed as often as you change it and
> everyone uses the same
> key, though IIRC, the underlying symmetrical key
> gets changed frequently.
> 
> Modern encryption techniques are quite secure (for
> now) and harder to
> break, than tapping in at the phone company, ISP or
> even in the office. 
> Social engineering can make it even easier to break
> in.
> 


Absolutely agree. For instance when law enforcement
agents in the USA found an encrypted disk in the
computer of a mob boss they didn't make a copy and
sent it off to NSA or a similar agency for decryption
(well, maybe they did and we never knew he); they just
planted a hidden camera and captured the password as
the bad guy was typing it.

"Crackers" go to after the weakest link and encryption
is most likely not it.

> 
> -- 
> Use OpenOffice.org <http://www.openoffice.org>
> --
> The Toronto Linux Users Group.      Meetings:
> http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text
> below 80 columns
> How to UNSUBSCRIBE:
> http://gtalug.org/wiki/Mailing_lists
> 


---------------------
Fernando Duran
http://www.fduran.com


      __________________________________________________________________
Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail.  Click on Options in Mail and switch to New Mail today or register for free at http://mail.yahoo.ca
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list