I was shocked and horrified to find out that RHEL (and presumably CentOS) and Ubuntu no longer implement the 'rot13' program. Cheers, Cliff On Fri, Jan 10, 2014 at 11:32 AM, Robert Moskowitz <rgm at htt-consult.com>wrote: > > On 01/09/2014 05:15 PM, Les Mikesell wrote: > > On Thu, Jan 9, 2014 at 3:55 PM, John R Pierce <pierce at hogranch.com> > wrote: > >> On 1/9/2014 1:27 PM, Kanwar Ranbir Sandhu wrote: > >>> I think everyone should assume the entire ecosystem is compromised and > >>> shouldn't trust anything. Code should be reviewed and bugs/weaknesses > >>> removed IMMEDIATELY. The problem is obviously not everyone is a > >>> programmer and not everyone will have the knowledge to understand how > to > >>> fix/improve the security issues. Of course, some software is still > >>> good, but who's going to verify that and when? If you don't use free > >>> software, you're a goner because now you have no ability whatsoever to > >>> audit the code! > >> I've programmed for 40 years, and I don't understand encryption > >> algorithms nor can I evaluate their strengths and weaknesses. I know > >> very few programmers who can. None personally, in fact. > > I always just assumed that blowfish was good precisely because it > > wasn't the one that was recommended/promoted by the groups likely to > > be compromised. But, I try to stay out of politics so I don't worry > > much about keeping secrets anyway. > > Bruce's twofish was better; it was his AES submission. > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >