[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: use of routing information in anti-fraud mechanisms

Dude my name is Andrew too :D BTW, are you all aware that the TrueCrypt project is now using LRW (http://tinyurl.com/dsstj) "mode of operation" instead of  CBC, which is aparently less secure? This change applies to the implementation of AES, which SSL utilizes (in conjunction with RC4?). I'm no cryptologist or skilled hacker like a lot of you here are, but I thought this development looked like something that might be important for the development of Tor.

phobos@xxxxxxxxxx wrote:
On Tue, Nov 29, 2005 at 09:38:48AM -0500, or@xxxxxxxxx wrote 4.9K bytes in 98 lines about:
: Hmm, when I read this I assumed you were just connecting from some
: high fraud country, though now that I think about it, it could be
: both.  Maybe your billing address is in Cambridge, MA and you're
: connecting from a completely different country which has an extremely
: high fraud rate.

	While this an edge case, when I travel around the world, I
	frequently come from foreign IP addresses that don't match my
	residential or business addresses.  Frankly, i wouldn't do
	business with them, or call them up and explain the situation.
	Lots of the working world are travelers.