[Cryptography] [RNG] /dev/random initialisation
Jerry Leichter
leichter at lrw.com
Sat Nov 2 23:16:25 EDT 2013
On Nov 2, 2013, at 5:23 PM, James A. Donald wrote:
> > This pattern has been reported befor; it's the result of Microsoft
> > searching for "evil" URL's
>
> Yet sending an actual evil url in a skype message has no apparent
> consequences.
If an evil URL appears in a Skype message, the intent is almost certainly to get someone to go to that URL. That's where the potential danger is. Of course, for the recipient of the original URL, it's likely way too late. This is a way to build up a database of URL's to warn people against - the *hope* is that large numbers of others will be protected.
I have no data one way or another whether this pays off, and I'm neutral on whether it's appropriate. Scanning of email for malware of various sorts is nothing new and is generally thought to be a good idea. I know of no argument why scanning of chats should be any different. If it makes clear that the emails and chats are actually accessible to your provider ... well, knowing about it doesn't make it worse that having it happen without you knowing about it. (Unless you believe in the NSA's idea that if you don't know your privacy has been invaded, it hasn't been.)
-- Jerry
More information about the cryptography
mailing list