Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 9 Jul 2016 14:25:40 -0400
From: Scott Arciszewski <>
Subject: Re: Don't Scratch Your Entropy

I prefer "misinformed". It depends on their character though.

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <>

On Sat, Jul 9, 2016 at 2:17 PM, <> wrote:

> On 07/09/2016 08:09 PM, Scott Arciszewski wrote:
>> Entropy must describe the password pool your password exists
>> in, not the password itself.
> not "must"
> it DOES.
> now make the next step:
> entropy is completely irrelevant because the attacker will use ANOTHER
> POOL -- he is not obliged to use the same pool the defender used.
> (and this is the principal source of the "BIG SURPRISE" on the "experts"
> part)
> (b) every "security expert" pronouncing "entropy", without defining
>> the distribution or at very least the pool of candidate passwords, is a
>> brain dead buffoon.
>> That's a bit harsh.
> how do you call a pompous imbecile who pronounces words without knowing
> their meaning a little bit?

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.