Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!sri-unix!hplabs!sdcrdcf!eric
From: eric@sdcrdcf.UUCP (Eric Lund)
Newsgroups: sci.crypt
Subject: Re: Encryption of satilite broadcasts
Message-ID: <3517@sdcrdcf.UUCP>
Date: Tue, 9-Dec-86 13:37:39 EST
Article-I.D.: sdcrdcf.3517
Posted: Tue Dec  9 13:37:39 1986
Date-Received: Sun, 14-Dec-86 20:30:33 EST
References: <543@mit-amt.MEDIA.MIT.EDU> <2485@prls.UUCP>
Reply-To: eric@sdcrdcf.UUCP (Eric Lund)
Organization: System Development Corporation R&D, Santa Monica
Lines: 28

>           Your .signature file is not going to make them stop or even to
>consider stopping their suppossed actions. You accomplish nothing, they
>continue as always. At most you've wasted a couple of seconds of some poor
>clods day and burned up few nano-seconds of Cray cpu time. So what. Sounds
>real adolescent to me.

Speaking as a System Administrator who has been both perpetrator and
victim of both friendly and hostile attacks, I say PLEASE KEEP
ATTACKING!!!!!  A security system that is installed and never tested
never shows its flaws until too late.  I, personally, would rather be
under friendly attack that shows me how to shield myself rather than
become victim (again!) of a hostile attack.

If these simple attacks show up a flaw in this supposed keyword
seaching of exported data, then this will force our security agencies
to come up with better measures, which, in turn, enhances our own
security.

To bring this back to sci.crypt, would you buy a cryptographic system
from some guy that tells you "This system is so hard to break, we
don't even bother testing it!"?

These are my opinions, not necessarily those of my employer, my
friends, my enemies, or any of my other personalities.  My new
flameproof armor needs a field test; do you need to test your new
flamethrower?

					Eric the DBA