On Wed, Aug 02, 2006 at 10:47:00PM +0000, Brian M. Carlson wrote:
> Oh, and hi. I've been reading for a while, but I just haven't gotten
> around to auditing anything lately. Just for the record, I am not a
> cryptographer, but I know enough about cryptography to know how things
> work and what problems usually happen with it. I also write crypto code
> on occasion.
Nice! It would be useful if you would take a look at various Debian packages
that implement some kind of encryption and start making noise if you find
things that are obviously insecure (Caesar ciphers, hiding data with XOR,
or whatever usual mistakes people do). I don't think anyone has done that,
at least systematically, so it would be appreciated.
// Ulf
|
