Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262892AbVAQVE4 (ORCPT ); Mon, 17 Jan 2005 16:04:56 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262893AbVAQVE4 (ORCPT ); Mon, 17 Jan 2005 16:04:56 -0500 Received: from use.the.admin.shell.to.set.your.reverse.dns.for.this.ip ([80.68.90.107]:48133 "EHLO irulan.endorphin.org") by vger.kernel.org with ESMTP id S262892AbVAQVEx (ORCPT ); Mon, 17 Jan 2005 16:04:53 -0500 Subject: Re: Announce loop-AES-v3.0b file/swap crypto package From: Fruhwirth Clemens To: Paul Walker Cc: linux-kernel@vger.kernel.org, Bill Davidsen , linux-crypto@nl.linux.org, James Morris In-Reply-To: <20050117192946.GT7782@black-sun.demon.co.uk> References: <41EAE36F.35354DDF@users.sourceforge.net> <41EB3E7E.7070100@tmr.com> <41EBD4D4.882B94D@users.sourceforge.net> <1105989298.14565.36.camel@ghanima> <20050117192946.GT7782@black-sun.demon.co.uk> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-QVn+VYgl0pE+X3Kzchq6" Date: Mon, 17 Jan 2005 22:04:49 +0100 Message-Id: <1105995889.14565.47.camel@ghanima> Mime-Version: 1.0 X-Mailer: Evolution 2.0.2 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1893 Lines: 55 --=-QVn+VYgl0pE+X3Kzchq6 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Mon, 2005-01-17 at 19:29 +0000, Paul Walker wrote: > On Mon, Jan 17, 2005 at 08:14:58PM +0100, Fruhwirth Clemens wrote: >=20 > > > Unlikely to go to mainline kernel. Mainline folks are just too much i= n love > > > with their backdoored device crypto implementations [1].=20 >=20 > Just to add back in Jari's link, so the folks added know what you're talk= ing > about: >=20 > > [1] http://marc.theaimsgroup.com/?l=3Dlinux-kernel&m=3D107419912024246= &w=3D2 You will find the same information on my site. Therefore, I do NOT decline this vulnerability. I decline it's security implications. It's on the same level as the vulnerability, that you will give away your root password under torture.[2] Nothing about kernel crypto is backdoored. If Ruusu thinks different, he should show me source code. Till then, treat it as FUD. [2] I think the torture vulnerability is more serious than any watermarking "attack". "Rubberhosing" can be fixed btw. http://web.archive.org/web/20031214064240/http://www.rubberhose.org/ Unfortunately, original site is down and source code outdated. --=20 Fruhwirth Clemens http://clemens.endorphin.org --=-QVn+VYgl0pE+X3Kzchq6 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQBB7ChxW7sr9DEJLk4RAn6MAJ91p057/EmmNFyvqqUCcMIL4GpnAwCfRQze uJ19uJNovDdIMEwRsonRsZc= =yDE8 -----END PGP SIGNATURE----- --=-QVn+VYgl0pE+X3Kzchq6-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/