Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 9 Jul 2016 20:17:59 +0200
From: "" <>
Subject: Re: Don't Scratch Your Entropy

On 07/09/2016 08:09 PM, Scott Arciszewski wrote:
> Entropy must describe the password pool your password exists
> in, not the password itself.

not "must"
it DOES.

now make the next step:
entropy is completely irrelevant because the attacker will use ANOTHER 
POOL -- he is not obliged to use the same pool the defender used.
(and this is the principal source of the "BIG SURPRISE" on the "experts" 

>> (b) every "security expert" pronouncing "entropy", without defining
> the distribution or at very least the pool of candidate passwords, is a
> brain dead buffoon.
> That's a bit harsh.

how do you call a pompous imbecile who pronounces words without knowing 
their meaning a little bit?

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.