Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] CryptoParty Handbook

Sacha van Geffen sacha at
Wed Oct 10 04:08:22 PDT 2012

Hi Julian,

congratulations with the cryptoparty book;

On 10/10/12 12:10, Julian Oliver wrote:

> Indeed the unchecked references to PPTP were unfortunate, imported from the book
> Basic Internet Security (Gerber, Hassan, Stein, van Geffen, van Santen, van der
> Velden, den Tex, Schmidt et al). It was trusted material. I don't think any of
> us knew PPTP was cloud-crackable albeit we did know it was less secure than
> OpenVPN (I'm doubly thankful I use OpenVPN on my own server!). It shouldn't have
> gone into the first draft without appropriate warnings for fear of it being
> misconstrued as endorsement of this readily breakable PPP tunnelling method.

In the introduction to VPN networks 'Basic internet Security' says:
" PPTP is one of the older VPN technologies. While PPTP is known to use
weaker encryption than either L2TP/IPSec or OpenVPN, it may still be
useful for bypassing Internet blocking and give some level of
encryption. The client software is conveniently built into most versions
of Microsoft Windows, Apple, Linux computers and even mobile phones. It
is very easy to setup."

While it is easy to copy content to add to a book, (BIS did this from
Security in a box and from Circumventing censorship) You should be
careful when to do that. I do not understand why you did not just give a
list of resources including the above mentioned and focus more on the
Cryptoparty specific content.

About trusted source: unchecked means copy paste without review, that is
also bad practice with trusted content, because the content is part of a
longer story, if you are just in a chinese room shuffling symbols you
should not edit or include a chapter. The whole idea of books is to
transfer knowledge from one place to another. Also what was secure or
acceptable for some use cases yesterday can be very problematic today.

Cheers, Sacha


Greenhost - Sustainable Hosting
T: +31204890444
info at

A digital signature can be attached to this e-mail,
you need opengpg software to verify it. see:

Key fingerprint = 4F15 CE56 36AB A1C2 0D81  BE10 E12B B435 F2D5 2E48

More information about the liberationtech mailing list