Quote:
|
This seems relavant to this discussion.
http://www.theregister.co.uk/2013/09...tion_standard/ I'd suppose if they had access to a "backdoor" you wouldn't necessarily have a need to weaken it. Also, The fact that Serpent has a higher security margin than Rijndael, (from what little I understand), Would seem to support the statement the standard was weakened in favor of a faster and easier way for implementation. Last time I tried encryption was with TruCrypt using Serpent and whirlpool for the hash funtion. Maybe it's time to start playing/familiarizing myself with it again. |
Quote:
http://www.youtube.com/watch?v=FPTuAcZV_2s It was actually FEMA that broke the lie wide open by devoting an entire appendix to unusual melting of steel in building 7 http://www.youtube.com/watch?v=VvQDFV1HINw |
Nothing is 100% safe anymore..here is english article about FBI cracking Tor.
http://www.crikey.com.au/2013/08/13/...cret-internet/ |
Quote:
|
Freenet was a good alternative, but it is java-based. I don't trust java at all. It does work with openjdk tho.
|
Anonymity is totally pointless and useless against the NSA today. However, I still do encrypt my files but everything is done locally.
|
Tor has always been vulnerable to good ol' traffic analysis. If you have the means to sample merely the payload size of the traffic that is being bounced from one node to the next, you can trace the payload back to its source even if you cannot in real time decrypt the messages. You don't have to peel-the-onion if you just want to figure out where a message is ultimately going. (You make guesses ... then you examine what's coming-out of whatever nodes you know the message-of-interest might have gone to, to either substantiate or deny your guesses.)
Quote:
You also have the perfect "crib" to an upstream message if you are correct in your guess about the identity of the downstream one. In fact, you can snag a "crib" about every layer of the onion, if you have the capability of performing all-inclusive traffic monitoring, such that you captured the (probable) output of every (probable) bounce. NSA has that capability: the core of the Internet, after all, is a government network. Personally, I have zero sympathy for those who seek to use the Internet to cover themselves in the committing of a felony. I think such people deserve, not just "to get what's coming to them," but to be drawn-and-quartered. My personal concern about NSA is not so much that "they crack encrypted messages." (That's part of their mission.) My concern is that they are operating wastefully, to the enrichment of private contractors, and outside of the law ... and that no one seems to be able to test whether this or isn't so. (Hence, we must wisely presume that it is. Therefore, "Houston, we have a problem.") The profound secrecy surrounding this agency creates the penultimate "the cat's away" situation, and the mice have an unlimited secret budget. Which gives us: extremely fat mice, and not-necessarily better "national security." If there is no real oversight, good public decisions will not be made, and bureaucrat-types (yeah, they're in black-ops too) will make self-serving assessments. This is just human nature. If people can lie to Congress, even while keeping most of its Members totally in the dark, the Public's interests cannot be served ... yet "serving the Public's interests" also is "the Mission." Given the profound importance of this Agency's mission, these issues are a very big matter of legitimate Public concern. We are spending #CLASSIFIED# on this. Are we getting what we paid for? How can we be sure? |
If the NSA is collecting private data that belongs to US citizens without a warrant. They are breaking the law.
|
Quote:
2. It's not whether you do it, it's whether you get caught. 3. Laws are like spider webs, they catch the small, the big just break on through to the other side. This thread really rocks. I say encrypt everything, not to hide anything but to make them work for it. I'm pretty sure they can be swamped by too much data. |
Quote:
|
If no one is actively watching the NSA('s contractors with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# budgets, and lying to the US Congress about it all, then ... No. "Warrants? We don't need no stinkin' warrants. And, just because you dared to ask, you go to jail Forever." (Very convenient, huh?)
The Due Process Of Law™ is ... "an unnecessary expense," when your real purpose is to sell the US Government another #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# hard-disk drives to go along with their #CLASSIFIED# #WAY-BEYOND-TOP-SECRET# coffee makers. That's the risk. On the one hand, we like to think that "The National Security Agency" is an "Agency" with a "Holy Mission." But ... we also have to consider $$ Human $$ Nature $$. There are plenty of companies out there whose sole purpose it is to $$contract$$ $$with$$ this faceless entity which, they know all too well, has the capability to spend bottomless amounts of Money and to do it all in Secret. (These companies also know, of course, that "Congress $$ Can $$ Be $$ Bought," and even that the Supreme Court has said that it's not "Bribery.") (Gee, wonder why they saw fit to say that?) :rolleyes: That's the risk. Human Nature. "The United States Constitution?" Inconvenient. "$$$$$!!!" "Supreme Law of the Land?" Aww, c'mon, I know how to fix THAT! "$$$$$!!!" Forget "who wants to be a millionaire!" We're talking bil- or even tril- here... and $$ no one $$ will $$ ever $$ know!! $$ "Take thine ease, oh my soul!" <<belch!>> That's the risk. Human. Nature. Some things have not changed since the days of ancient Babylon. |
Linus Torvalds at Linuxcon:
http://www.eweek.com/developer/linus...-linuxcon.html He was asked whether he was asked to insert a backdoor into the kernel. Personally I have been wondering about the Linux hacking incident that happened a while back, and very few details were ever release about what happened... |
Quote:
Quote:
Quote:
|
Is it right?
Quote:
|
All times are GMT -5. The time now is 07:41 PM. |