Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
|
08-19-2012, 07:52 AM
|
#31
|
|
LQ Newbie
Registered: Aug 2012
Posts: 4
Rep: 
|
Another practical and far more common scenario than governments-controlling-nukes is mobiles. That is, mobile phones, computers, police cars; anything mobile that needs to communicate with HQ, and which do periodically physically return to those headquarters. As already mentioned, data storage is cheap these days, and data transfer for voice or even video fairly efficient in terms of data usage. When mobiles physically return to headquarters; e.g. police cars returning to the garage, walkie-talkies being docked for re-charging, laptops put back on the desk; pad transfer can happen securely, as it is happening within secure premises and does not need to be transported anywhere that interception could be considered a risk. The mobiles can consume the pads throughout the day while out and about, with an unbreakable communications stream back to headquarters, deleting chunks of pad as they are used in case the mobiles are stolen.
This is not merely theoretical.
|
|
|
|
|
08-19-2012, 09:18 AM
|
#32
|
|
Senior Member
Registered: Nov 2005
Distribution: Debian
Posts: 2,015
|
@NyteOwl: I think that's a great example of a case where PGP would be more secure, although it sounds like ROT13 would have sufficed.
@iddles: That sounds like a plausible scenario. However, I still don't think the 100% unbreakability is that significant: a likely attack is putting spyware on the laptop. You might object because that would be a weakness regardless of the cipher. But my point is that even if you use a standard (theoretically breakable) cipher, an attacker won't try to break it because that would be a waste of their time. They'll use some other method. In which case we may as well use a standard cipher and get the convenience of never having to return to HQ to "recharge" the pad.
|
|
|
|
|
08-19-2012, 03:08 PM
|
#33
|
|
Member
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 503
Rep: 
|
Yes, PGP would have been a good solution in such a case. I've no idea why it wasn't used. ROT13 would not really have sufficed as any real attempt to compromise the message typically starts with frequency analysis which breaks ROT13 pretty quickly. ROT13 also has the drawback of being alphabetic only  |
|
|
|
|
08-19-2012, 07:42 PM
|
#34
|
|
Senior Member
Registered: Nov 2005
Distribution: Debian
Posts: 2,015
|
Quote:
Originally Posted by NyteOwl
ROT13 would not really have sufficed as any real attempt to compromise the message typically starts with frequency analysis which breaks ROT13 pretty quickly. ROT13 also has the drawback of being alphabetic only  |
The method you described sounds pretty insecure to me, so I can only assume that Alice and Bob expected there would be no real attempts to compromise the message. Therefore, ROT13 (or a substitution cipher that works for non alphabetic data) would have been fine. Okay, perhaps I exaggerate a bit; ROT13 could probably be broken by people who don't even know much about cryptography so you might want something a little better, but still, it's not a high security situation. |
|
|
|
|
10-13-2012, 04:10 AM
|
#35
|
|
LQ Newbie
Registered: Jul 2012
Posts: 19
Original Poster
Rep:
|
Quote:
Originally Posted by ntubski
|
There is a defense from torture etc, and that is plausible deniability. For streaming purposes that would be sending the encrypted data together with an equal amount of random data, and claiming there is no message in the random data. |
|
|
|
|
10-25-2012, 01:02 PM
|
#36
|
|
Member
Registered: Sep 2012
Posts: 45
Rep:
|
Somebody sent me today the link to the newborn company that claims it solved the secured communication problem in a new original way: www.alessoft.com
I was to lazy to download the documentation. It's all about accessing the server applications in a very secured way using SMTP protocol (email).
See if it can help you... |
|
|
|
|
10-25-2012, 01:58 PM
|
#37
|
|
Senior Member
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 4,551
|
Quote:
Originally Posted by evgenyz
Somebody sent me today the link to the newborn company that claims it solved the secured communication problem in a new original way: www.alessoft.com
I was to lazy to download the documentation. It's all about accessing the server applications in a very secured way using SMTP protocol (email).
See if it can help you... |
Damn! That used to be Top Secret! Alan Turing Himself first came up with it, and that's why they secretly poisoned him ... so he wouldn't divulge the secret! And now, here's this company, spilling everything!! Gasp!! Now the secret's out! |
|
|
|
|
10-25-2012, 02:18 PM
|
#38
|
|
Member
Registered: Sep 2012
Posts: 45
Rep:
|
Frankly speaking, I don't understand what are you talking about... Sorry!
The product looks interesting, I got the documentation, but just need to digest the information...
What do you think?
|
|
|
|
|
10-27-2012, 06:02 AM
|
#39
|
|
LQ Newbie
Registered: Oct 2012
Posts: 4
Rep:
|
The product is ABSOLUTELY UNBREAKABLE (at least this what they claim...)
|
|
|
|
|
10-29-2012, 11:50 AM
|
#40
|
|
Senior Member
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 4,551
|
Quote:
Originally Posted by pin
The product is ABSOLUTELY UNBREAKABLE (at least this what they claim...)
|
They always do. |
|
|
|
|
10-29-2012, 01:01 PM
|
#41
|
|
LQ Newbie
Registered: Oct 2012
Posts: 4
Rep:
|
get their PP presentation. It's interesting approach. I sent them email and asked for trail license...
Wnt to test in my server.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 04:54 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
