Backdoor Man...

Allen netsecurity at
Sat Jun 30 07:45:38 EDT 2007

Hi gang,

Apparently "Backdoor Man" is still popular, but not as a blues.

So, the question is, can you trust *any* commercial vendor where 
you can't verify the code?

We have no clue if this was done for Intuit itself or if it was 
done at the request of some _agency_; however, even if it was 
only done for Intuit it does leave a rather sour taste because 
this is yet another proof of security by obscurity does not work 
and will eventually be exploited.

BTW, does anyone have a conversion metric for, say John the 
Ripper on a P4 3GHz with 1GB of memory (or some other commodity 
level computer) to the tera (soon to be peta it looks like) flop 
ratings on super computers?



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list