@cosmo @stefenauris @bersl2 I like how the researchers in their release squarely blame the TEA1 issues on failure to adhere to Kerckhoffs's principle; but ETSI in their response completely fail to address that and adopt a “this is fine” stance.
ret
joined 1 year ago
@cosmo @stefenauris @bersl2 agree except that TEA2/3 weren’t vulnerable *in this particular study*. ETSI/TCCA are (foolishly, I think) sticking to their guns on the algorithms being tightly controlled. Without proper, widespread academic scrutiny there is little confidence that they are *actually* secure.
@froztbyte @dgerard @patterfloof I think the reality is that Microsoft hasn’t changed at all. It always does what will make Microsoft the most money. It’s just that over the last couple of years that has happened to be “good” (or at least semi-good) for us in the developer space.
Now, an opportunity (“AI”) has presented itself to shit all over that and instead sell to people in a very different space. People who will enjoy the convenience of their computer becoming a panopticon and disregard or simply not know the consequences of that.