From owner-freebsd-hackers@FreeBSD.ORG Thu Mar 3 20:00:06 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 546C516A4CE for ; Thu, 3 Mar 2005 20:00:06 +0000 (GMT) Received: from mail3.panix.com (mail3.panix.com [166.84.1.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id D199C43D3F for ; Thu, 3 Mar 2005 20:00:05 +0000 (GMT) (envelope-from tls@rek.tjls.com) Received: from panix5.panix.com (panix5.panix.com [166.84.1.5]) by mail3.panix.com (Postfix) with ESMTP id 47C2E98213; Thu, 3 Mar 2005 15:00:05 -0500 (EST) Received: (from tls@localhost) by panix5.panix.com (8.11.6p3/8.8.8/PanixN1.1) id j23K05C00242; Thu, 3 Mar 2005 15:00:05 -0500 (EST) Date: Thu, 3 Mar 2005 15:00:05 -0500 From: Thor Lancelot Simon To: Poul-Henning Kamp Message-ID: <20050303200005.GA21499@panix.com> References: <87is48k1h2.fsf@snark.piermont.com> <10479.1109877918@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <10479.1109877918@critter.freebsd.dk> User-Agent: Mutt/1.4.2.1i X-Mailman-Approved-At: Fri, 04 Mar 2005 16:36:07 +0000 cc: tech-security@netbsd.org cc: hackers@freebsd.org cc: cryptography@metzdowd.com Subject: Re: FUD about CGD and GBDE X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: tls@rek.tjls.com List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 20:00:06 -0000 On Thu, Mar 03, 2005 at 08:25:18PM +0100, Poul-Henning Kamp wrote: > > At the time where I wrote GBDE, the best that was offered was CGD (and > similar) and users (not cryptographers!) didn't trust it and history > have so far repeated. To quote David Hume, "Never an ought from an is." That "users" (who are they? how many of them? What criterion or criteria of trust do they apply?) _did_ not trust X says precisely nothing about whether users _should_ not trust X. You seem to deny that there is a particular domain of expertise that is cryptography, or perhaps more rightly two domains, one being largely a subset of the other: how to design good cryptographic algorithms and how to use good cryptographic algorithms safely. Personally, I think that you ought to know better, and that your insistence that there is no such expertise and that arbitrary users (or programmers guided by the sentiment of such users) should feel just as warranted to make recommendations about what other arbitrary users should do, in this domain, is grossly irresponsible. If you found out that "most army ordnance officers believe that ball powder is superior to IMR powder as a propellant in small-caliber rifle cartridges", would you ignore the advice of the engineer who designed and tested your new rifle that ball powder would cause the weapon to jam? A lot of people in Vietnam got dead that way: sometimes experts do know what they're talking about, you know, and sometimes giving uninformed advice can have extremely negative consequences. You call Roland's criticisms of GBDE "handwaving". It is very hard to see how his specific refutations of the numerical claims of security that you made in your GBDE paper should be rightly considered as such, or why, on the basis of those false claims, you should continue to feel confident that your advice on disk security is good advice. Thor