Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] on the traceability of circumvention tools

Jacob Appelbaum jacob at
Thu Sep 16 05:01:18 PDT 2010

On 09/16/2010 04:42 AM, Benedikt Kristinsson wrote:
> On Thu, Sep 16, 2010 at 11:31, Jacob Appelbaum <jacob at> wrote:
>> Speaking of personal failures, I'm pretty much unable to comprehend why
>> you just disclosed the above information.
> Kerckhoffs law states that a cryptosystem should be secure even if
> everything about the system is public knowledge. This is also konwn as
> Shannons maxim where it is formulated as "the enemy knows the system".
> This is a very important part in all cryptosystems and secure systems
> and applies very well here. If the system cannot take full disclosure
> it is considered weak. Security though obscurity is a very bad idea.

I would like to thank you for sending the absolutely most awesome email
in this entire discussion.

Also, I agree with you entirely.

Haystack is a weak but sadly, deployed system; as a result of deployment
there are additional complications to consider.

At this time, I believe that disclosing information about the discovered
issues with Haystack is only harmful to Haystack users. It seems
unbelievable that the responsible vendor of the product would disclose
any of those issues given the stakes.

All the best,

More information about the liberationtech mailing list