Return-Path: <linux-kernel-owner+willy=40w.ods.org-S262892AbVAQVE4@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S262892AbVAQVE4 (ORCPT <rfc822;willy@w.ods.org>);
	Mon, 17 Jan 2005 16:04:56 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262893AbVAQVE4
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Mon, 17 Jan 2005 16:04:56 -0500
Received: from use.the.admin.shell.to.set.your.reverse.dns.for.this.ip ([80.68.90.107]:48133
	"EHLO irulan.endorphin.org") by vger.kernel.org with ESMTP
	id S262892AbVAQVEx (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 17 Jan 2005 16:04:53 -0500
Subject: Re: Announce loop-AES-v3.0b file/swap crypto package
From: Fruhwirth Clemens <clemens@endorphin.org>
To: Paul Walker <paul@black-sun.demon.co.uk>
Cc: linux-kernel@vger.kernel.org, Bill Davidsen <davidsen@tmr.com>,
       linux-crypto@nl.linux.org, James Morris <jmorris@redhat.com>
In-Reply-To: <20050117192946.GT7782@black-sun.demon.co.uk>
References: <41EAE36F.35354DDF@users.sourceforge.net>
	 <41EB3E7E.7070100@tmr.com> <41EBD4D4.882B94D@users.sourceforge.net>
	 <1105989298.14565.36.camel@ghanima>
	 <20050117192946.GT7782@black-sun.demon.co.uk>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-QVn+VYgl0pE+X3Kzchq6"
Date: Mon, 17 Jan 2005 22:04:49 +0100
Message-Id: <1105995889.14565.47.camel@ghanima>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.2 
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1893
Lines: 55


--=-QVn+VYgl0pE+X3Kzchq6
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Mon, 2005-01-17 at 19:29 +0000, Paul Walker wrote:
> On Mon, Jan 17, 2005 at 08:14:58PM +0100, Fruhwirth Clemens wrote:
>=20
> > > Unlikely to go to mainline kernel. Mainline folks are just too much i=
n love
> > > with their backdoored device crypto implementations [1].=20
>=20
> Just to add back in Jari's link, so the folks added know what you're talk=
ing
> about:
>=20
> > [1]  http://marc.theaimsgroup.com/?l=3Dlinux-kernel&m=3D107419912024246=
&w=3D2

You will find the same information on my site. Therefore, I do NOT
decline this vulnerability. I decline it's security implications. It's
on the same level as the vulnerability, that you will give away your
root password under torture.[2]

Nothing about kernel crypto is backdoored. If Ruusu thinks different, he
should show me source code. Till then, treat it as FUD.

<off-topic>
[2] I think the torture vulnerability is more serious than any
watermarking "attack". "Rubberhosing" can be fixed btw.
http://web.archive.org/web/20031214064240/http://www.rubberhose.org/
Unfortunately, original site is down and source code outdated.
</off-topic>

--=20
Fruhwirth Clemens <clemens@endorphin.org>  http://clemens.endorphin.org

--=-QVn+VYgl0pE+X3Kzchq6
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQBB7ChxW7sr9DEJLk4RAn6MAJ91p057/EmmNFyvqqUCcMIL4GpnAwCfRQze
uJ19uJNovDdIMEwRsonRsZc=
=yDE8
-----END PGP SIGNATURE-----

--=-QVn+VYgl0pE+X3Kzchq6--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/