one time pads are a great idea.
Originally Posted by axemansean
Yes... but think of messages that are critical that are using encryption standards similar to DES. The point is we can all indirectly harbor the works of hackers by installing certain P2P softwares. So now if someone intercepts this message and uses a million pcs on a P2P network they can crack that message in no time. Nothing is secure in this world, every code is breakable given time and resources so why should we provide people with these resources.
the point of changing your keys is not to ensure the security of a single message, but of your entire system. it is the same idea behind one time pads, securIDs and such. change the key very regularly, and it makes it that much harder for someone to break in. there is no concrete way to encrypt a message and send it without the threat of someone decrypting it given the time and resources. but i never really disagreed with that, did i? using a better encryption standard is an added safegaurd, something to deter or stall an attacker. a one time pad doesn't provide any additional security for
transmitting a single message, only for protecting an entire system/network
also, i've never heard of a hacker using an existing p2p network to run malicious code. they'd have to break into the p2p network itself, and be able to install and run code on client machines for that to work - a lot more work than they need to do. there are many attacks run in a distributed manner, but the authors write the code to proliferate on it's own using other means (just like the blaster worm proliferated, or the MyDoom attack recently launched). removing spyware from a p2p client won't prevent anything