[Cryptography] Updates on Durov charges in France
efc at disroot.org
efc at disroot.org
Tue Sep 3 03:46:32 EDT 2024
On Mon, 2 Sep 2024, Phillip Hallam-Baker wrote:
>
>
> On Mon, Sep 2, 2024 at 3:55 PM efc--- via cryptography <cryptography at metzdowd.com> wrote:
>
>
> On Mon, 2 Sep 2024, Peter Gutmann wrote:
>
> > efc--- via cryptography <cryptography at metzdowd.com> writes:
> >
> >> This is a weakness that I think is underaprpeciated. I mean the fact that
> >> many projects have a small core of programmers, who are know. In order to "
> >> break" the system, you can approach and kidnap members of the family of the
> >> programmers, or one programmer, and have him add bugs to the project.
> >
> > That's an incredibly high-profile, visible attack, and kidnapping as a crime
> > is about... many orders of magnitude more pursuable and punishable by law
> > enforcement than changing a line or two of code in someone's project.
> >
> > I would put this one in the movie-plot-attack category.
> >
> > Peter.
>
> https://www.businessinsider.com/crypto-nft-owners-targeted-kidnaps-home-invasions-robberies-2022-2?op=1
>
> When the return on investment is high, high-profile attacks are not
> unheard of.
>
> Also, infiltrating open source projects for years, is not high-profile.
>
>
> The tell that an attack has a nation state behind it is often a comically long kill chain.
>
> OK to get our backdoor into SSH we are going to compromise this compression algorithm project and futz with the test libraries...
>
> OK, we will buy this Swiss cryptographic equipment maker and ship product for decades...
>
>
> Cases of death caused by autoerotic asphyxiation are vanishingly rare except amongst the enemies of Vladimir Putin which accounted
> for 75% of the known cases until the coincidence was pointed out.
>
Oh yes, and add to that, all the people who seem to fall out of windows
and stairs. Also very common among Putins enemies.
More information about the cryptography
mailing list