Re: [stunnel-users] Three patches

7 Jun 2010


      Jason Haar wrote:
...
IMHO I think you're over-engineering this. If that is the enemy you
*have to* design against, then you shouldn't be using SSL - you should
get yourselves a bunch of cryptologists and invent your own proprietary
alternative like DRM products do - security-through-obscurity is
probably your best friend... However if the bad guys have your
equipment, then they can reverse engineer that too.
In my humble opinion as a cryptologist
(http://ehash.iaik.tugraz.at/wiki/StreamHash) and a penetration tester
(http://www.linkedin.com/in/mtrojnar) security-through-obscurity is your
worst enemy.  It is also *my* best friend, since I make a living by
breaking proprietary cryptographic protocols.  8-)
Mike

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [stunnel-users] Three patches