Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] CryptoParty Handbook

Sacha van Geffen sacha at greenhost.nl
Wed Oct 10 04:08:22 PDT 2012


Hi Julian,

congratulations with the cryptoparty book;

On 10/10/12 12:10, Julian Oliver wrote:

> Indeed the unchecked references to PPTP were unfortunate, imported from the book
> Basic Internet Security (Gerber, Hassan, Stein, van Geffen, van Santen, van der
> Velden, den Tex, Schmidt et al). It was trusted material. I don't think any of
> us knew PPTP was cloud-crackable albeit we did know it was less secure than
> OpenVPN (I'm doubly thankful I use OpenVPN on my own server!). It shouldn't have
> gone into the first draft without appropriate warnings for fear of it being
> misconstrued as endorsement of this readily breakable PPP tunnelling method.
> 

In the introduction to VPN networks 'Basic internet Security' says:
" PPTP is one of the older VPN technologies. While PPTP is known to use
weaker encryption than either L2TP/IPSec or OpenVPN, it may still be
useful for bypassing Internet blocking and give some level of
encryption. The client software is conveniently built into most versions
of Microsoft Windows, Apple, Linux computers and even mobile phones. It
is very easy to setup."

While it is easy to copy content to add to a book, (BIS did this from
Security in a box and from Circumventing censorship) You should be
careful when to do that. I do not understand why you did not just give a
list of resources including the above mentioned and focus more on the
Cryptoparty specific content.

About trusted source: unchecked means copy paste without review, that is
also bad practice with trusted content, because the content is part of a
longer story, if you are just in a chinese room shuffling symbols you
should not edit or include a chapter. The whole idea of books is to
transfer knowledge from one place to another. Also what was secure or
acceptable for some use cases yesterday can be very problematic today.

Cheers, Sacha

-- 

Greenhost - Sustainable Hosting
T: +31204890444
info at greenhost.nl
https://greenhost.nl/

A digital signature can be attached to this e-mail,
you need opengpg software to verify it. see:
http://tinyurl.com/openpgp-manual

Key fingerprint = 4F15 CE56 36AB A1C2 0D81  BE10 E12B B435 F2D5 2E48



More information about the liberationtech mailing list