Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Anyone using PGP?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
«1

Comments

  • gsrdgrdghdgsrdgrdghd Member
    edited June 2012

    Nah that news is crap... They can't decrypt shit

    Read e.g. this

  • Don't worry, this is a vague answer from them - It basically says that they CAN read SSH/PGP but only if the key is not very large (128-256Bit).
    Since anyone uses much better anyway (1024-2048Bit) this does not matter at all.

    Thanked by 1klikli
  • gbshousegbshouse Member, Host Rep

    Hmmmm as far as I know intelligence agencies they are announcing only previous successes not current so it's better to asume that they are able to decrypt even large key secured communication

  • AmfyAmfy Member

    @gbshouse said: also it's possible that they are able to decrypt some part of SSH communication...

    They just bought a software that tries to bruteforce that. And now they think they are 1337...

    @gsrdgrdghd exactly

  • gsrdgrdghdgsrdgrdghd Member
    edited June 2012

    @gbshouse said: it's better to asume that they are able to decrypt even large key secured communication

    If they could decrypt that, SSL, RSA, etc etc etc would be broken. And they never announced anything, better read a proper translation of the original documents instead of a Google Translator version of some newspaper article.

    Edit:

    @Amfy said: They just bought a software that tries to bruteforce that. And now they think they are 1337...

    Yeah thats the point. Anyone can say they can decrypt RSA because anyone can bruteforce it.

  • gbshousegbshouse Member, Host Rep

    I know that the translation is not great (link is from cryptome.org) but it's rare that intel agencies announce such things so I'm assuming that's possible. I'm not sure that you are aware that there is something called white intelligence which is using freely available sources. By the way do you know any alternative for SSH? Maybe any communication protocol using eliptic curves algorithms?

  • AmfyAmfy Member
    edited June 2012

    @gbshouse: It would be serious if they could crack the algorithm, because as @gsrdgrdghd already said we would have a big problem on the internet - but, if you have a shitty password, of course they can bruteforce it. They also can bruteforce Truecrypt if you have a bad password. All those software isn't bulletproof, the users have to activate their brains, too...

    If you have a house that is very secure but leave your door opened... the secureness is worthless.

    SSH is secure, don't worry :)

    Edit: And the point is, if the German could decrypt it... the American can that since years I think. German Law enforcements aren't very good. There was a issue where they raid a apartment from one and forgot to take the computer because it was an iMac and they thought it's just the screen... :O

  • @Amfy said: If you have a house that is very secure but leave your door opened... the secureness is worthless.

    Better way of putting it, having a very secure house but your door can be opened with a twig.

  • @gbshouse said: it's rare that intel agencies announce such things so I'm assuming that's possible

    They didn't announce it, they were asked by the communists in the government if its possible for them to decrypt it and the answer was published. But as @Amfy pointed out:

    @Amfy said: They just bought a software that tries to bruteforce that. And now they think they are 1337...

  • WilliamWilliam Member
    edited June 2012

    No, the left in germany are not the communists - The communists are far more left and have no parliament seats currently.

    @Amfy said: German Law enforcements aren't very good.

    I wouldn't say that, while the executive-executive is not very good the German intelligence is highly advanced and on par with Israel and the US, just less spies outside the own country than them.

  • gbshousegbshouse Member, Host Rep

    @Amfy - trained few times with guys from GSG9 and KSK they are good. German intel is present in Syria and working close with Israel.

    I found this http://pthree.org/2011/02/17/elliptic-curve-cryptography-in-openssh/ - going to try

  • @gbshouse if you think RSA is broken you might as well stop using devices connected to the internet all together

  • gbshousegbshouse Member, Host Rep

    I'm a little bit sceptic about things related to US gov. To be honest I would prefer to use Polish or Russian algorithms over AES, DES or RSA. During my studies I heard few things about US forcing other NATO countries to use specific encryption methods even for internal communication. Poland offered NATO their new EC based alg. but US were against it. The rumor states that they were unable to decrypt/brake it. Why US is building new super DC or run the whole Echelone project? To store communication which they are unable to decrypt? I doubt it...

  • If the US government was able to break RSA they sure as hell wouldn't use it to snoop your SSH sessions.

    Thanked by 1Amfy
  • gbshousegbshouse Member, Host Rep

    @gsrdgrdghd - I'm not telling that they are going to listen my SSH sessions, I'm just pointing that there is no such thing as secure algorithm

  • @gbshouse said: I'm just pointing that there is no such thing as secure algorithm

    http://en.wikipedia.org/wiki/One-time_pad

    ;-)

  • nabonabo Member
    edited June 2012

    @William said: the left in germany are not the communists

    Well, that depends on how you define communists.

  • gbshousegbshouse Member, Host Rep

    @gsrdgrdghd - in theory it's secure but it's vulnerable for social engineering attacks (see page 12 of http://users.telenet.be/d.rijmenants/papers/one_time_pad.pdf)

  • rds100rds100 Member

    Well, the only way to eliminate social engineering attacks would be to eliminate humans.

  • @rds100 said: Well, the only way to eliminate social engineering attacks would be to eliminate humans.

    I am in favour of this plan.

  • @gbshouse said: it's vulnerable for social engineering attacks

    Of course, anythinig is vulnerable if you disclose the key or the plaintext :D

    However OTPs still have the problem of key distribution. That can be solved with QKD which isn't really practicable yet.

  • rds100rds100 Member

    @Aldryic Yeah - Есть человек — есть проблема, нет человека — нет проблемы ;-)

  • Эта истина :P

  • gbshousegbshouse Member, Host Rep

    good old uncle Joseph :)

  • @gbshouse said: I'm not sure that you are aware that there is something called white intelligence which is using freely available sources

    I've never heard that term, could you explain it?

  • @Aldryic said: @rds100 said: Well, the only way to eliminate social engineering attacks would be to eliminate humans.

    I am in favour of this plan.

    Let's just go back to natural selection. Maybe give a couple years of proper schooling (just enough for literacy really), and then let you learn shit on your own. If you don't bother, well then, good luck in life.

  • rds100rds100 Member

    @DimeCadmium that's more or less how the education system works nowadays :) At least here.

  • gbshousegbshouse Member, Host Rep
    edited June 2012

    @gsrdgrdghd - http://en.wikipedia.org/wiki/Open-source_intelligence
    For example during '70 Russian GRU was using press announcements to track movement of US fleets (including real estate and travel adverts)

  • nabonabo Member
    edited June 2012

    @rds100 said: that's more or less how the education system works nowadays :) At least here.

    Yea, well not in Europe. Those who are not willing to learn in school are put in learning groups with the best of the class. The effect is: it puts the bests down and is no chance for the better for the rest. If those dumbheads leave school they won't find a job so they are put in jobs by the social service or are simply paied to stay at home. This is financed by those who have been willing to learn in school and now work hard and pay taxes.

    Our governments have successfully created a generation that is feeding those who don't want and putting pressure on those that at least try to make a living. Needless to say we had and have a lot of socialist-green governments in Europe.

  • raindog308raindog308 Administrator, Veteran

    Humans will probably never be eliminated but we will likely be subjugated by our own creations.

    A classic: http://www.wired.com/wired/archive/8.04/joy.html

Sign In or Register to comment.