-----BEGIN PGP SIGNED MESSAGE----- - ---- Ignore any slobber between above and the PGP line. I just obtained a copy of Doug Floyd's data haven code. I am working on a workable implementation. The address of the data haven will be put on the list as soon as I make SURE the stuff is reliable. Until commands are finalized, they will not be revealed. When the site is up, please don't store much as I do not have that much disk space, and ENCRYPT your files. I fear that someone will send me some stuff that is very illegal, and leave it in the clear. So, I will try to see what is sent, and possibly post it if its not encrypted with something. Heck, use crypt or something better than rot13. I hate to appear as a snooper about people's files, but when this is up, I will demand encryption to protect my DH, and your stuff. PGP is easily available, use it, or DES, or crypt if you live on the dangerzone. Sorry for my prattling, but I am new to this. PS: Doug, use cb. Your code smells like a ten year old dead turkey with its looks. At least its relatively bug-free, and does the job well. Another thing, should you use SHA instead of MD5 for hashing? SHA has more bits, and there is a less chance for two files to collide. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLpOhhf8zicXJ5vudAQEk1QP8CG+JmzMPnrjRMPzomt/yWvWfWUwQktgS UXwTkLocL5+KkD3/0OHaZ8Eg3jWZnm9D4oPOhBljJX/yOBa7/5opN9nDwUeAmDOs +ULyrEEpfehmrit8wAQcVHvwtQdxaUz8Sg6XRWd0QOOCs71MmLx9JCxR2p2fJyin GPQ9djI7NIU= =1I2L -----END PGP SIGNATURE-----
On Oct 6, 6:09am, Anonymous wrote: [Sacrificed to the Great God Bandwidth whose presence we kowtow to.]
PS: Doug, use cb. Your code smells like a ten year old dead turkey with its looks. At least its relatively bug-free, and does the job well. Another thing, should you use SHA instead of MD5 for hashing? SHA has more bits, and there is a less chance for two files to collide.
My code smells like that? I didn't think C code smelled... 2^128 and 2^150+ are big numbers. I doubt that any collisions will occur. Another thing... I do like Eric's idea for an entropy checker. Is there any code like this laying around on some ftp site? Keep poor VK from worrying about his account...
When the site is up, please don't store much as I do not have that much disk space, and ENCRYPT your files. I fear that someone will send me some stuff that is very illegal, and leave it in the clear. I'd suggest that you test for various entropies of distribution, and reject anything that doesn't look random. I'd also suggest testing for various magic numbers such as for compressed files (various formats) and executables. Either you should concern yourself _and_ do something about it, or not. Worrying about it and not preventing what you are concerned about is silly. Eric
participants (3)
-
Anonymous -
Douglas R. Floyd -
hughes@ah.com