Date: Thu, 12 Jul 2007 12:35:57 -0700 From: "David Schwartz" <davids@webmaster.com> To: "Jim Capozzoli" <saltmiser@gmail.com>, =?utf-8?Q?Dag-Erling_=22Sm=C3=B8rgrav=22?= <des@des.no> Cc: chat@freebsd.org Subject: RE: ADVERT: C12G Message-ID: <MDEHLPKNGKAHNMBLJOLKGEAIFEAC.davids@webmaster.com> In-Reply-To: <86wsx5h487.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> I would strongly advise against using any cryptographic product based on > an algorithm which was designed by an amateur and has never been subject > to review or cryptanalysis. > > DES There are what appear to me on quick inspection to be serious flaws in the this software. For example, it uses RSA without proper padding. The website says "E-mail is encrypted using the RSA public-key cryptosystem thus eliminating security risks from symmetric ciphers." Any security expert will tell you that this raises immediate red flags. (And inspection of the code strongly suggests that it's as bad as it sounds.) DS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MDEHLPKNGKAHNMBLJOLKGEAIFEAC.davids>