First pangolin hardware and software located in a datacenter (worlds first!)

[heroic]

Really? And just what do you base that statement on? Do you have first-hand knowledge of who Pangolin has contracted with over the last 12 years as the LD-2000 system was developed and improved?

Pangolin can't afford to hire decent crypto dudes- they are *really* expensive. That's why people use published crypto standards like AES- you don't need to hire world-class cryptographers to implement strong crypto.

If Pangolin were using such a system, they would not need to put a QM in a datacenter- they could just give Pieter the appropriate private key, maybe even embedded in some secure hardware like a smartcard or a USB cryptostick.

I'll say this: if the Pangolin encryption scheme really amounts to nothing more than security through obscurity, then why is it still secure after over 12 years of use?

It isn't. It got cracked recently- that's what all the trapdoored FB3 firmware upgrades were about.

[DZ]

That's a neat idea Pieter, I look forward to checking this out when you're finished!

Tough crowd around here lately...

[buffo]

Homebrewed encryption is a great way to get ripped off, massively and without warning. The history of cryptanalysis is littered with the corpses of businesses that thought they were smart enough to do it well, and discovered that they weren't.

I agree completely. This is common knowledge to anyone who knows even the absolute basics of cryptology. Which is why I'm shocked that you thought Pangolin would be foolish enough to go it alone. I know you don't like Bill, but at least give him some credit. He's no moron.

I can't say for certain, but I seem to remember a conversation with Bill where he mentioned that he paid quite a lot of money for the encryption system that the LD-2000 system uses. I am certain that he did not develop it himself.

It got cracked recently- that's what all the trapdoored FB3 firmware upgrades were about.

Bzzzt! Wrong answer. What got cracked is the license scheme for LivePro on the FB3. (Which is *not* the same as the secure file format for the LD-2000.)

You have never been able to load secure LD-2000 shows on the FB3. (And you still can't.)

Adam

[masterpj]

We now have....VIDEO
about linux.. just like windows there are security flaws in linux too.. pretty big ones according to my programmer, anyway thats off topic.

[heroic]

about linux.. just like windows there are security flaws in linux too.. pretty big ones according to my programmer, anyway thats off topic.

Your programmer is a fool.

[heroic]

I
I can't say for certain, but I seem to remember a conversation with Bill where he mentioned that he paid quite a lot of money for the encryption system that the LD-2000 system uses.
Adam

Bzzzt! Wrong answer. Good cryptosystems don't cost money.

[masterpj]

My programmer to you: Everything can be cracked.
The hosting of the linux code was cracked..end of story

[csshih]

We now have....VIDEO
about linux.. just like windows there are security flaws in linux too.. pretty big ones according to my programmer, anyway thats off topic.

Here's a very important business tip - don't try to hire friends to do your stuff for cheap.
Speaking from experience.

Craig

[heroic]

My programmer to you: Everything can be cracked.

Strong crypto can't. This is mathematically proven.

[masterpj]

Here's a very important business tip - don't try to hire friends to do your stuff for cheap.
Speaking from experience.

Craig

They dont do it for cheap jelle is doing the work here, and he has an experience from over 8 years. I became friends with jelle after doing some bussiness with him and he's really doing great work!
We do stuff contract based and about how it go's in contracts is information that will not be shared, we work in a professional way.. not just a friendly deal.. we are working on bussiness level here not friendship level just to make it clear.

Also heroic learn to edit a post instead of making a seperate post each time.