I was shocked and horrified to find out that RHEL (and presumably CentOS) and Ubuntu no longer implement the 'rot13' program.
Cheers,
Cliff
On Fri, Jan 10, 2014 at 11:32 AM, Robert Moskowitz rgm@htt-consult.comwrote:
On 01/09/2014 05:15 PM, Les Mikesell wrote:
On Thu, Jan 9, 2014 at 3:55 PM, John R Pierce pierce@hogranch.com
wrote:
On 1/9/2014 1:27 PM, Kanwar Ranbir Sandhu wrote:
I think everyone should assume the entire ecosystem is compromised and shouldn't trust anything. Code should be reviewed and bugs/weaknesses removed IMMEDIATELY. The problem is obviously not everyone is a programmer and not everyone will have the knowledge to understand how
to
fix/improve the security issues. Of course, some software is still good, but who's going to verify that and when? If you don't use free software, you're a goner because now you have no ability whatsoever to audit the code!
I've programmed for 40 years, and I don't understand encryption algorithms nor can I evaluate their strengths and weaknesses. I know very few programmers who can. None personally, in fact.
I always just assumed that blowfish was good precisely because it wasn't the one that was recommended/promoted by the groups likely to be compromised. But, I try to stay out of politics so I don't worry much about keeping secrets anyway.
Bruce's twofish was better; it was his AES submission.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos