Possible Serious Security Flaw In ATMs
http://it.slashdot.org/it/06/11/30/2139235.shtml

ATM system called unsafe
http://redtape.msnbc.com/2006/11/researchers_who.html

from above:

A U.S. Secret Service memo obtained by MSNBC.com indicates that
organized criminals are systematically attempting to subvert the ATM
system and unscramble encrypted PIN codes.

... snip ...

Tom St Denis wrote:

I think you could gain some speed for SHA-1 by precomputing some stuff. Each
uint must be read from the memory as big endian:

"Alan" hotmail.com> writes:

Actually no. A language is just a substitution cypher ( substituting words
in one language with those in another). It is easy to break them. Just
learn the new language. Ie, if you have the plaintext for a relatively
small amount of "encrypted" text then you have broken the cypher.

The Americans were worried that some anthropoligist from Japan had learned
Navaho before the way. If they had, the code would have been completely
broken.

Ie, such a cypher is not resistant to known plaintext attacks.

VPE writes:

No I mean that IF you "make sure that you never never reuse.... then the
cypher is unbreakable."

vedaal wrote:

Well, you sayed it yourself. :)

I believe that the W3C XML Encryption standard defines two kinds of
element encryption:
· the element encryption mode to encrypt an entire element; start
tag, children and end tag
· the content encryption mode to encrypt the content of the element
but leave the start and end tags in clear.

What I need is to use multiple keys to encrypt the element name and its
contents with one key, but encrypt sub-elements with other keys (or,
leave them in clear). (Note: I do NOT want to use super-encryption.)
Example.


bb
cc
aa

http://events.ccc.de/congress/2006/Fahrplan/events.de.html
Some real interesting presentations planned for the
23rd Chaos Communication Congress

How about for example:
Hot or Not:
Defeating anonymity by monitoring clock skew to remotely detect the temperature
of a PC.

I think it is cute, but Tom will have it covered already somewhere.
In that case consider it a reminder.

Eye Say, and Lord Gnome Answers

My interactions with Private Eye started in May 1995, shortly after I'd started bleating on usenet. I tried to get the Eye
interested in my case, as I thought they more than anyone have their finger on the pulse, and would surely already know
something about my case. In my first email to them, entitled "pas de bouteille?" (wot no bottle?), I asked if they had the
nerve to publish what was known to many thousands of people. Their email flunky answered;

Date: Thu, 11 May 95 13:40 BST-1
From: strobes@cix.compulink.co.uk (Private Eye)
Subject: Re: pas de bouteille?

In-Reply-To: <199505102232.SAA19988@freenet.carleton.ca>
Bottle? Dunno really - but I've passed your mail on to the Ed for his
consideration.

Steve Mann
(strobes)
==========================================================
Date: Mon, 15 May 95 12:51 BST-1
From: strobes@cix.compulink.co.uk (Private Eye)
Subject: Re: hello again

In-Reply-To: <199505122236.SAA02574@freenet.carleton.ca>
Hello yourself...

Counter-surveillance sweep by Nationwide Investigations Group

In July 1994 the private detective agency Nationwide Investigations Group conducted an electronic counter-surveillance
sweep of my parents' home in London. They checked for radio transmitter devices, and tested the telephone line for attached
bugs. They found nothing.

I am afraid that I was unsurprised at their not finding any evidence of covert surveillance. It had been made very clear to me,
particularly during 1990-92, that audio, and almost certainly video, surveillance of my parents' home was taking place. But this
would not have been made quite so obvious unless the persecutors were confident of their apparatus being undetectable using the
technology the police, or a private agency like Nationwide, would be using.

I don't know very much about the surveillance technology that has been used against me, but I understand that devices can be built
which switch off on receiving a coded command, and may switch on again after a counter- surveillance sweep has completed; that devices
may rapidly alter the frequency of transmission, "frequency-hopping" devices which presumably cannot be detected in a sequential scan
of the sort employed by Nationwide; and of course "probe" microphones can be inserted "through-the-wall", although I hesitate to
believe our neighbours would permit this.

We paid Nationwide

On 28 Nov 2006 07:43:58 -0800, "Tom St Denis" gmail.com>
wrote:

Yeah. Issues.

[...]

The senseless flamewar is in your fat head.

Its imaginary. As imaginary as the job you arrive at every day all
tingly and jacked up and ready to pounce on all good people.

Of course I'm speaking of the invented (made up by you) job of
sci.crypt group netcop.

Hint: There's no position to fill here. Move on.

Fact: We don't need, want, or approve of anyone being group netcop.

An Analogy: You lecturing to people about how and what to post is
like a turd yelling at a beautiful sunset.