[Cryptography] [RNG] /dev/random initialisation
James A. Donald
jamesd at echeque.com
Fri Nov 1 22:30:19 EDT 2013
On 2013-10-31 13:28, John Kelsey wrote:
> Lots and lots of dumb policies and decisions have been accepted or
> imposed by people who thought they were doing something sensible,
> but were really making security weaker. And the bit where people
> make up conspiracy theories to explain every such failure has zero
> chance of improving security.
We face real conspiracies by real people. That has to be your threat
model.
Having a valid threat model is bound to make you more secure.
Some bad decisions were made by conspiracy that intended bad outcomes.
More information about the cryptography
mailing list