RE: PGP scripting (reprise)
From: lsi (stuart@cyberdelix.net)
Date: 01/24/03
- Previous message: Pete Herzog: "RE: Secure programming FAQ?"
- In reply to: Peter Gutmann: "RE: PGP scripting (reprise)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "lsi" <stuart@cyberdelix.net> To: robert.morson@wdc.com, secprog@securityfocus.com, pgut001@cs.auckland.ac.nz (Peter Gutmann) Date: Fri, 24 Jan 2003 11:15:35 -0000
Thanks Peter,
I was actually hoping the msg wasn't posted onto the list, as since I wrote it I successfully implemented
the system using GPG 1.2. Which although contains less secure source (PGP 2.x has had longer for
peer review, GPG has had longer to become infiltrated by spooks, has more places to hide backdoors,
uses different algorithms, etc) seems to overall be a better solution.
I thought the topic of the list was "the aspects of programming that involve security" which most definitely
includes the design of crypto-based solutions.
I didn't actually notice a Linux debate. :) However..
1. In the real world, people still use legacy systems, a fact that linux geeks need to face. I can talk about
DOS security if I want! If a corporate network uses a DOS system, then the security of that system is just
as important as the rest of the corporate network. Security is only as strong as its weakest link - if that
link is DOS-based, so be it.
2. Linux uses a GNU kernel, R. Stallman says so himself - a fact that GNU/Linux geeks need to face too.
3. Linux uses BSD components as well. BSD has a rich legacy others can only try and emulate. Which
is why my favoured flavour is FreeBSD. Why play around, when you can get the Real Deal?
Stuart
On 23 Jan 2003 at 15:43, Peter Gutmann wrote:
Date sent: Thu, 23 Jan 2003 15:43:44 +1300
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: robert.morson@wdc.com, secprog@securityfocus.com,
stuart@cyberdelix.net
Subject: RE: PGP scripting (reprise)
> "Robert B. Morson" <robert.morson@wdc.com> writes:
>
> >Windows 95 and 98 use the same type of DOS as you could buy stand-alone many,
> >many years ago (like DOS 6.22).
> >
> >Windows NT 4.0, 2000 and XP all use a DOS emulation, there is no longer a
> >"division" between DOS and the Windows OS, like there was with 95 and 98. It
> >is fairly common for DOS programs that ran under 95 and 98 to have problems
> >with NT 4.0, 2000 and XP. Has to do with the fact that emulation is not the
> >same thing as the original.
>
> I've resisted replying so far because I couldn't see that this was relevant
> to a secure-programming list, but in an attempt to kill the thread:
>
> - I have run PGP for DOS on a variety of NT and Win2K systems without any
> problems.
>
> - If you really want to run PGP 2.x under NT et al, get one of the Disastry
> versions, which is the 2.x code built as a Win32 binary.
>
> We now rejoin the debate in progress over Linux vs. Gnu/Linux...
>
> Peter.
-- Stuart Udall stuart@cyberdelix.net - http://www.cyberdelix.net/ ..revolution through evolution want to make some cash? check out http://cyberdelix.net/affiliates.htm
- Next message: frank @ absoluta.org ( Frank Ned ): "Re: protecting perl script source"
- Previous message: Pete Herzog: "RE: Secure programming FAQ?"
- In reply to: Peter Gutmann: "RE: PGP scripting (reprise)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
