[silk] Flame is Lame
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Jun 12 22:26:39 PDT 2012
Eugen Leitl <eugen at leitl.org> quotes:
>And suddenly, just like that, the discussion on whether Flame is lame or not
>b&vanished.
Yeah, because cryptographacamy is magic. The exploit may have used 0day and
rootkits and ROP and stealth techniques and self-modifying code and who knows
what else, but any five-year-old can do that. However, if there's any
cryptographi... cryptograma... magic involved then it had to have been done by
sikrit gummint agencies.
I'm not saying it was or it wasn't, but I am a bit disturbed at the level of
magical thinking that goes with anything involving crypto. There have been
some pretty sophisticated attacks on crypto keys in embedded devices for
jailbreaking purposes that were done by enthusiastic amateurs, not even the
likes of (to pick some random examples of crypto people who've done this
before) David Wagner or Ed Felten or Markus Kuhn but just some random guys who
decided to give it a go.
Looked at another way, if you submitted a paper "Yet another chosen prefix
attack on MD5" to Crypto/AsiaCrypt/Eurocrypt, do you think it'd get accepted?.
I'm not trying to denigrate the achievement, just to add a little perspective.
Peter.
More information about the cypherpunks-legacy
mailing list