[Cryptography] cryptography Digest, Vol 12, Issue 9
tpb-crypto at laposte.net
tpb-crypto at laposte.net
Sat Apr 12 17:36:57 EDT 2014
> Message du 12/04/14 22:01
> De : "ianG"
> > Security flaws aren't the same as tsunamis. Reporting a power station's
> > possible vulnerability to the former doesn't make tsunamis more likely.
> > However, the wide dissemination of a previously unknown security
> > flaw *does* make its future attempted exploitation a near certainty.
>
>
> OK, so you raise a good point -- in the byzantine security world,
> knowledge of an exploit changes the equation, where as in the
> statistical reliability/safety world, knowledge of risks should not
> presumably change the likelihood of risks.
>
> (leaving aside insurance, FUD and homeland security for now).
>
> However I'd question your claim of near-certainty. Seriously, and
> non-facetiously. Near-certainty predicts that there were damages/losses
> for the other recent events:
>
How about this event?
https://www.cloudflarechallenge.com/heartbleed
Private keys retrieved and messages signed. If that's not enough, do you need 40 million credit card numbers spilled to take action? lol
More information about the cryptography
mailing list