RE: [Full-Disclosure] Possibly a stupid question RPC over HTTP

From: Airey, John (John.Airey_at_rnib.org.uk)
Date: 10/22/04

  • Next message: vuln_at_hexview.com: "[HV-LOW] Unsafe WAV header handling can cause DoS on Windows"
    To: <full-disclosure@lists.netsys.com>
    Date: Fri, 22 Oct 2004 14:50:23 +0100
    
    

    > -----Original Message-----
    > From: Kyle Maxwell [mailto:krmaxwell@gmail.com]
    > Sent: 21 October 2004 17:57
    > To: Airey, John
    > Cc: full-disclosure@lists.netsys.com
    > Subject: Re: [Full-Disclosure] Possibly a stupid question RPC
    > over HTTP
    >
    >
    > On Thu, 21 Oct 2004 13:21:10 +0100, Airey, John
    > <john.airey@rnib.org.uk> wrote:
    > > This gives you two options. One, use brute force to break
    > the SSL encryption. Two (and it's entirely possible that the
    > security services have this already) come up with a
    > mathematical way to factor large primes rapidly.
    >
    > I think you may mean something slightly differently; given any large
    > prime p, I can factor it completely extremely quickly:
    >
    > p = 1 * p
    >
    > There are no other factors; this *is* the prime factorization. :) Bill
    > Gates made the same mistake in his book _The Road Ahead_. Factoring
    > large primes is trivial; the prime factorization of large numbers is
    > hard, and I guess that's what you meant.
    >
    > And if the problem of factoring large numbers into primes was indeed
    > solved (this is probably what you meant), I think you'd very quickly
    > see a complete replacement of crypto systems in use today by the
    > governments with such security services.
    > --
    > Kyle Maxwell
    > [krmaxwell@gmail.com]
    >

    Oh no, the whole security of computing has just fallen over, since you've shown that primes don't exist. What next, proving that black is white and getting run over on a zebra crossing?

    The whole security of encryption rests on the belief that prime factorization isn't possible in a reasonable time, and it may well have been solved. Why would any government admit that it had cracked RSA security and its derivates? I realise that we are getting into the realms of conspiracy theories now, however history shows that the UK did not wish it to be made public during the war that it had cracked the Enigma code. Why should it be any different now?

    A prime is defined as being divisible by itself and 1 only, so for the purpose of the definition, 1 is not a factor.

    -- 
    John Airey, BSc (Jt Hons), CNA, RHCE
    Internet systems support officer, ITCSD, Royal National Institute of the Blind,
    Bakewell Road, Peterborough PE2 6XU,
    Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@rnib.org.uk 
    Even if Embryonic Stem Cell Research yielded medical treatments, how could enough eggs be obtained to make them viable? We can't even get enough organs for transplant donation.
    -- 
    DISCLAIMER:
    NOTICE: The information contained in this email and any attachments is 
    confidential and may be privileged.  If you are not the intended 
    recipient you should not use, disclose, distribute or copy any of the 
    content of it or of any attachment; you are requested to notify the 
    sender immediately of your receipt of the email and then to delete it 
    and any attachments from your system.
    RNIB endeavours to ensure that emails and any attachments generated by
    its staff are free from viruses or other contaminants.  However, it 
    cannot accept any responsibility for any  such which are transmitted.
    We therefore recommend you scan all attachments.
    Please note that the statements and views expressed in this email and 
    any attachments are those of the author and do not necessarily represent
    those of RNIB.
    RNIB Registered Charity Number: 226227
    Website: http://www.rnib.org.uk
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: vuln_at_hexview.com: "[HV-LOW] Unsafe WAV header handling can cause DoS on Windows"