On Wed, Apr 12, 2006 at 11:05:04AM +0000, Justin wrote:
VPNs are now pretty vanilla, too. I tend to wrap most things into VPNs, even things which already use crypto. Well, yeah, they can read this letter just fine by packet timing (given that I ssh into a vserver) -- assuming the link is not idle.
Why can't they wait a few minutes to read your posts from their in-house cypherpunks feed?
You are flattering yourself. This list is not all that interesting. Even less so, since the usual suspects have moved on (to bigger and better things, I hope). But picking off things off ssh sessions based on a typing timing model is something quite easy, so I wouldn't be surprised if it happens on a large scale. Btw, in an unrelated vein there are distinct trends in capabilities in Riddle Palace/Body of Secrets, which can be extrapolated to today. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]