Prev: Criticism of a proposed floating point (cs)prng requested.
Next: Question About Cryptographically Hashing a Hash (SHA-512), Then Hashing That Hash, Etc.
From: Stewart Malik on 6 Jun 2010 06:58
> However, the "ideas" behind the LM hash are simply criminal:
> - processing the password in 7 char long chunks.
> - converting into uppercase
> - restricting to ANSI charset
> - missing salt
> Something as stupid as this might be acceptable for a freeware made by
> a small company, but not when made by a monopolist OS vendor.
>
> They should have been ordered to switch it off immediately and pay for
> all the resulting costs.

I quite agree, when Google decided to forego the use of Windows as an
OS there was this post on the Microsoft Blog raging because they think
that Windows is secure. I nearly raged.

http://windowsteamblog.com/windows/b/bloggingwindows/archive/2010/06/01/windows-and-security-setting-the-record-straight.aspx
From: jmorton123 on 8 Jun 2010 00:26
I would have thought it cliche by now: Microsoft is part of the
Government. They are one and the same. So any security MS provides
cannot be secure by definition. Microsoft nor the Government can
allow it to be secure. Of course they will promote it as being
secure.

Just my fanciful opinion.

JM

On Jun 6, 3:58 am, Stewart Malik <mali0...(a)gmail.com> wrote:
> > However, the "ideas" behind the LM hash are simply criminal:
> > - processing the password in 7 char long chunks.
> > - converting into uppercase
> > - restricting to ANSI charset
> > - missing salt
> > Something as stupid as this might be acceptable for a freeware made by
> > a small company, but not when made by a monopolist OS vendor.
>
> > They should have been ordered to switch it off immediately and pay for
> > all the resulting costs.
>
> I quite agree, when Google decided to forego the use of Windows as an
> OS there was this post on the Microsoft Blog raging because they think
> that Windows is secure. I nearly raged.
>
> http://windowsteamblog.com/windows/b/bloggingwindows/archive/2010/06/...

From: Bryan on 8 Jun 2010 06:39
jmorton123 wrote:
> I would have thought it cliche by now:  Microsoft is part of the
> Government.  They are one and the same.  So any security MS provides
> cannot be secure by definition.  Microsoft nor the Government can
> allow it to be secure.  Of course they will promote it as being
> secure.
>
> Just my fanciful opinion.

Jmorton123, is it not also your stated opinion that "there can be no
better steganography program than" the one you offered, which is
distributed exclusively as an executable for Microsoft Windows, and
works exclusively with the Microsoft Windows BMP format?

I'd call that opinion 'fanciful' as well, but what really amuses me is
that you can hold both at once.


--
--Bryan
From: jmorton123 on 10 Jun 2010 12:42
It's a simple program that does what it is described to do.

Someone can write their own such software. And it can do the same
thing.

If it does then it is just as good as Bitmap Steganography Utility
Program.

If you like to be amused: I met a guy who was driving by the airport
with his girlfriend some time ago. She saw an Alaska Airlines jet fly
in for a landing. She asked who that guy was painted on the vertical
stabilzer. He told her it was Bob Marley. She said that was cool.

JM

On Jun 8, 3:39 am, Bryan <bryanjugglercryptograp...(a)yahoo.com> wrote:
> jmorton123wrote:
> > I would have thought it cliche by now:  Microsoft is part of the
> > Government.  They are one and the same.  So any security MS provides
> > cannot be secure by definition.  Microsoft nor the Government can
> > allow it to be secure.  Of course they will promote it as being
> > secure.
>
> > Just my fanciful opinion.
>
> Jmorton123, is it not also your stated opinion that "there can be no
> better steganography program than" the one you offered, which is
> distributed exclusively as an executable for Microsoft Windows, and
> works exclusively with the Microsoft Windows BMP format?
>
> I'd call that opinion 'fanciful' as well, but what really amuses me is
> that you can hold both at once.
>
> --
> --Bryan

From: Bryan on 10 Jun 2010 23:08
jmorton123 wrote:
> It's a simple program that does what it is described to do.

Well, there are three problems with that: First, what is is described
to do is stated badly. Second, even if we give it the statement of
what it is supposed to do the benefit or the doubt and imagine it in
precise terms, there is no clear evidence that the program does such a
thing. Third and finally, what it is described to do, near as we can
tell, is so far behind the state of the art that is is not today worth
doing.

Hiding a cleartext message in the low-order bits of the BMP image?
Where have you been? That was outdated over a decade ago.

> Someone can write their own such software.  And it can do the same
> thing.
>
> If it does then it is just as good as Bitmap Steganography Utility
> Program.

People have written software that does a whole bunch better. And
people have explained, right here on on sci.crypt, the important issue
on which this particular program misses the boat.

> If you like to be amused:  I met a guy who was driving by the airport
> with his girlfriend some time ago.  She saw an Alaska Airlines jet fly
> in for a landing.  She asked who that guy was painted on the vertical
> stabilzer.  He told her it was Bob Marley.  She said that was cool.

I do like to be amused, but I've seen too many bad, ill-defined,
gibbering posts to find yet another one amusing.


--
--Bryan
First  |  Prev  | 
Pages: 1 2
Prev: Criticism of a proposed floating point (cs)prng requested.
Next: Question About Cryptographically Hashing a Hash (SHA-512), Then Hashing That Hash, Etc.