LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 09-12-2013, 10:49 AM   #31
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269

Quote:
Originally Posted by nobahn View Post
Paradoxically enough, the man would -- in later years -- go on to purchase slaves!
Well, I guess he answered his own question
 
Old 09-13-2013, 03:06 PM   #32
weirdwolf
Member
 
Registered: Jun 2007
Location: 1 AU from a G2V star
Distribution: PCLinuxOS LXDE
Posts: 107

Rep: Reputation: 152Reputation: 152
This seems relavant to this discussion.
http://www.theregister.co.uk/2013/09...tion_standard/
I'd suppose if they had access to a "backdoor" you wouldn't necessarily have a need to weaken it.
Also, The fact that Serpent has a higher security margin than Rijndael, (from what little I understand), Would seem to support the statement the standard was weakened in favor of a faster and easier way for implementation.

Last time I tried encryption was with TruCrypt using Serpent and whirlpool for the hash funtion.

Maybe it's time to start playing/familiarizing myself with it again.
 
Old 09-18-2013, 04:55 AM   #33
911InsideJob
Member
 
Registered: Jul 2013
Distribution: Mint KDE
Posts: 74

Rep: Reputation: Disabled
Quote:
Originally Posted by weirdwolf View Post
This seems relavant to this discussion.
http://www.theregister.co.uk/2013/09...tion_standard/
I'd suppose if they had access to a "backdoor" you wouldn't necessarily have a need to weaken it.
Also, The fact that Serpent has a higher security margin than Rijndael, (from what little I understand), Would seem to support the statement the standard was weakened in favor of a faster and easier way for implementation.

Last time I tried encryption was with TruCrypt using Serpent and whirlpool for the hash funtion.

Maybe it's time to start playing/familiarizing myself with it again.
NIST is a front for government propagada. They lost all crediility when they delivered their WTC7 "report"
http://www.youtube.com/watch?v=FPTuAcZV_2s

It was actually FEMA that broke the lie wide open by devoting an entire appendix to unusual melting of steel in building 7
http://www.youtube.com/watch?v=VvQDFV1HINw
 
Old 09-18-2013, 07:53 AM   #34
Arcane
Member
 
Registered: May 2006
Location: Latvia, Europe
Distribution: random
Posts: 287

Rep: Reputation: 156Reputation: 156
Nothing is 100% safe anymore..here is english article about FBI cracking Tor.
http://www.crikey.com.au/2013/08/13/...cret-internet/
 
Old 09-18-2013, 08:03 AM   #35
tangle
Senior Member
 
Registered: Apr 2002
Location: Smithville, TN
Distribution: Slackware
Posts: 1,744

Rep: Reputation: 70
Quote:
Originally Posted by Arcane View Post
Nothing is 100% safe anymore..here is english article about FBI cracking Tor.
http://www.crikey.com.au/2013/08/13/...cret-internet/
Nothing has ever been safe.
 
Old 09-18-2013, 09:03 AM   #36
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Freenet was a good alternative, but it is java-based. I don't trust java at all. It does work with openjdk tho.
 
Old 09-18-2013, 11:22 AM   #37
cyberwar
LQ Newbie
 
Registered: Sep 2013
Posts: 4

Rep: Reputation: Disabled
Anonymity is totally pointless and useless against the NSA today. However, I still do encrypt my files but everything is done locally.
 
Old 09-18-2013, 12:12 PM   #38
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,327

Rep: Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099
Tor has always been vulnerable to good ol' traffic analysis. If you have the means to sample merely the payload size of the traffic that is being bounced from one node to the next, you can trace the payload back to its source even if you cannot in real time decrypt the messages. You don't have to peel-the-onion if you just want to figure out where a message is ultimately going. (You make guesses ... then you examine what's coming-out of whatever nodes you know the message-of-interest might have gone to, to either substantiate or deny your guesses.)

Quote:
http://www.cl.cam.ac.uk/~sjm217/pape...and05torta.pdf:

"Tor is the second generation Onion Router, supporting the anonymous transport of TCP streams over the Internet. Its low latency makes it very suitable for common tasks, such as web browsing, but insecure against traffic-analysis attacks by a global passive adversary. We present new traffic-analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor. Furthermore, we show that otherwise unrelated streams can be linked back to the same initiator. Our attack is feasible for the adversary anticipated by the Tor designers. Our theoretical attacks are backed up by experiments performed on the deployed, albeit experimental, Tor network. Our techniques should also be applicable to any low latency anonymous network. These attacks highlight the relationship between the field of traffic-analysis and more traditional computer security issues, such as covert channel analysis. Our research also highlights that the inability to directly observe network links does not prevent an attacker from performing traffic-analysis: the adversary can use the anonymising network as an oracle to infer the traffic load on remote nodes in order to perform traffic-analysis."
(Emphasis mine. Furthermore, this paper is just "Low-Cost" Traffic Analysis of Tor. If money were no object . . . )

You also have the perfect "crib" to an upstream message if you are correct in your guess about the identity of the downstream one. In fact, you can snag a "crib" about every layer of the onion, if you have the capability of performing all-inclusive traffic monitoring, such that you captured the (probable) output of every (probable) bounce. NSA has that capability: the core of the Internet, after all, is a government network.

Personally, I have zero sympathy for those who seek to use the Internet to cover themselves in the committing of a felony. I think such people deserve, not just "to get what's coming to them," but to be drawn-and-quartered.

My personal concern about NSA is not so much that "they crack encrypted messages." (That's part of their mission.) My concern is that they are operating wastefully, to the enrichment of private contractors, and outside of the law ... and that no one seems to be able to test whether this or isn't so. (Hence, we must wisely presume that it is. Therefore, "Houston, we have a problem.")

The profound secrecy surrounding this agency creates the penultimate "the cat's away" situation, and the mice have an unlimited secret budget. Which gives us: extremely fat mice, and not-necessarily better "national security." If there is no real oversight, good public decisions will not be made, and bureaucrat-types (yeah, they're in black-ops too) will make self-serving assessments. This is just human nature. If people can lie to Congress, even while keeping most of its Members totally in the dark, the Public's interests cannot be served ... yet "serving the Public's interests" also is "the Mission."

Given the profound importance of this Agency's mission, these issues are a very big matter of legitimate Public concern. We are spending #CLASSIFIED# on this. Are we getting what we paid for? How can we be sure?

Last edited by sundialsvcs; 09-18-2013 at 12:32 PM.
 
Old 09-18-2013, 01:03 PM   #39
tangle
Senior Member
 
Registered: Apr 2002
Location: Smithville, TN
Distribution: Slackware
Posts: 1,744

Rep: Reputation: 70
If the NSA is collecting private data that belongs to US citizens without a warrant. They are breaking the law.
 
Old 09-18-2013, 02:10 PM   #40
rdx
Member
 
Registered: Apr 2007
Location: Dallas
Distribution: Slackware 11, 14.1 :: Slackware64 14.1
Posts: 105

Rep: Reputation: 22
Quote:
Originally Posted by tangle View Post
If the NSA is collecting private data that belongs to US citizens without a warrant. They are breaking the law.
1. Guilt requires proof.
2. It's not whether you do it, it's whether you get caught.
3. Laws are like spider webs, they catch the small, the big just break on through to the other side.

This thread really rocks. I say encrypt everything, not to hide anything but to make them work for it. I'm pretty sure they can be swamped by too much data.
 
Old 09-18-2013, 02:18 PM   #41
tangle
Senior Member
 
Registered: Apr 2002
Location: Smithville, TN
Distribution: Slackware
Posts: 1,744

Rep: Reputation: 70
Quote:
Originally Posted by rdx View Post
1. Guilt requires proof.
2. It's not whether you do it, it's whether you get caught.
3. Laws are like spider webs, they catch the small, the big just break on through to the other side.

This thread really rocks. I say encrypt everything, not to hide anything but to make them work for it. I'm pretty sure they can be swamped by too much data.
So are you saying that the NSA had the right to collect the data without a warrant?
 
Old 09-18-2013, 04:02 PM   #42
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,327

Rep: Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099
If no one is actively watching the NSA('s contractors with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# budgets, and lying to the US Congress about it all, then ... No. "Warrants? We don't need no stinkin' warrants. And, just because you dared to ask, you go to jail Forever." (Very convenient, huh?)

The Due Process Of Law™ is ... "an unnecessary expense," when your real purpose is to sell the US Government another #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# hard-disk drives to go along with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# coffee makers.

That's the risk.

On the one hand, we like to think that "The National Security Agency" is an "Agency" with a "Holy Mission."

But ... we also have to consider $$ Human $$ Nature $$.

There are plenty of companies out there whose sole purpose it is to $$contract$$ $$with$$ this faceless entity which, they know all too well, has the capability to spend bottomless amounts of Money and to do it all in Secret. (These companies also know, of course, that "Congress $$ Can $$ Be $$ Bought," and even that the Supreme Court has said that it's not "Bribery.") (Gee, wonder why they saw fit to say that?)

That's the risk. Human Nature.

"The United States Constitution?" Inconvenient. "$$$$$!!!" "Supreme Law of the Land?" Aww, c'mon, I know how to fix THAT! "$$$$$!!!" Forget "who wants to be a millionaire!" We're talking bil- or even tril- here... and $$ no one $$ will $$ ever $$ know!! $$ "Take thine ease, oh my soul!" <<belch!>>

That's the risk. Human. Nature. Some things have not changed since the days of ancient Babylon.

Last edited by sundialsvcs; 09-18-2013 at 04:07 PM.
 
Old 09-19-2013, 02:40 AM   #43
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Linus Torvalds at Linuxcon:
http://www.eweek.com/developer/linus...-linuxcon.html
He was asked whether he was asked to insert a backdoor into the kernel.

Personally I have been wondering about the Linux hacking incident that happened a while back, and very few details were ever release about what happened...
 
Old 09-19-2013, 05:12 AM   #44
Arcane
Member
 
Registered: May 2006
Location: Latvia, Europe
Distribution: random
Posts: 287

Rep: Reputation: 156Reputation: 156
Quote:
Originally Posted by tangle View Post
So are you saying that the NSA had the right to collect the data without a warrant?
Are you surprised? Even basic police structures do this whole time behind your and mine back. Afterall the 'excuse of security' argument never gets old or rusty. If someone will ask why they did it they will just say they did it for safety reasons which is purpose of such organisations in first place and they won't face any charges with this anyway.
Quote:
Originally Posted by sundialsvcs View Post
If no one is actively watching the NSA('s contractors with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# budgets, and lying to the US Congress about it all, then ... No. "Warrants? We don't need no stinkin' warrants. And, just because you dared to ask, you go to jail Forever." (Very convenient, huh?)

The Due Process Of Law™ is ... "an unnecessary expense," when your real purpose is to sell the US Government another #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# hard-disk drives to go along with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# coffee makers.

That's the risk.

On the one hand, we like to think that "The National Security Agency" is an "Agency" with a "Holy Mission."

But ... we also have to consider $$ Human $$ Nature $$.

There are plenty of companies out there whose sole purpose it is to $$contract$$ $$with$$ this faceless entity which, they know all too well, has the capability to spend bottomless amounts of Money and to do it all in Secret. (These companies also know, of course, that "Congress $$ Can $$ Be $$ Bought," and even that the Supreme Court has said that it's not "Bribery.") (Gee, wonder why they saw fit to say that?)

That's the risk. Human Nature.

"The United States Constitution?" Inconvenient. "$$$$$!!!" "Supreme Law of the Land?" Aww, c'mon, I know how to fix THAT! "$$$$$!!!" Forget "who wants to be a millionaire!" We're talking bil- or even tril- here... and $$ no one $$ will $$ ever $$ know!! $$ "Take thine ease, oh my soul!" <<belch!>>

That's the risk. Human. Nature. Some things have not changed since the days of ancient Babylon.
Had to quote this so it won't go away later. Brilliant post. Money really makes world events go 'round..some things really never change. Have a look at this for example how they spend our money:
Quote:
$800,000 prostate cancer research for minorities
$1.6 million for computerization of hospital records in Oakland, CA
$2.4 million handicap access and a fire sprinkler system at a community club in New York
$3.6 million to eradicate marijuana in Kentucky
$3.9 million energy-efficient solar film for buildings development grant
$5 million San Francisco visitors center
$18 million Edward Kennedy Policy Institute in Massachusetts
$20 million World War II Museum in Louisiana
$23 million indigent health care for Hawaii
$47 million anti-drug training centers throughout the U.S.
http://teaparty.yepperee.com/2010/02...-to-plague-us/
 
Old 09-19-2013, 05:52 AM   #45
rdx
Member
 
Registered: Apr 2007
Location: Dallas
Distribution: Slackware 11, 14.1 :: Slackware64 14.1
Posts: 105

Rep: Reputation: 22
Is it right?

Quote:
Originally Posted by tangle View Post
So are you saying that the NSA had the right to collect the data without a warrant?
No, I'm not saying it's right. I'm saying when you live in a twisted Orwellian universe you must not rely on Cartesian concepts like right and wrong. If the NSA breaks the law, what are you going to do about it? Call the Police or write your Congressman? Better to complain to your bank that you doubt their ability to protect your financial security and get them to fight the battle. After all, you fight fire with fire, fight government with big business.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The NSA is Commandeering the Internet LXer Syndicated Linux News 3 08-16-2013 03:00 AM
LXer: XKeyscore: NSA tool collects 'nearly everything a user does on the internet' LXer Syndicated Linux News 0 07-31-2013 03:02 PM
LXer: XKeyscore: NSA tool collects 'nearly everything a user does on the internet' LXer Syndicated Linux News 0 07-31-2013 12:41 PM
Can Demand Paging be disabled or circumvented? ajmayhall Linux - Newbie 13 12-16-2007 08:04 PM
LXer: AT&T Forwards ALL Internet Traffic Into NSA Says EFF LXer Syndicated Linux News 0 04-06-2006 11:21 AM


All times are GMT -5. The time now is 07:34 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration