New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Anyone using PGP?
http://translate.google.com/translate?sl=de&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http://www.golem.de/news/bundesregierung-deutsche-geheimdienste-koennen-pgp-entschluesseln-1205-92031.html
also it's possible that they are able to decrypt some part of SSH communication...
Comments
Nah that news is crap... They can't decrypt shit
Read e.g. this
Don't worry, this is a vague answer from them - It basically says that they CAN read SSH/PGP but only if the key is not very large (128-256Bit).
Since anyone uses much better anyway (1024-2048Bit) this does not matter at all.
Hmmmm as far as I know intelligence agencies they are announcing only previous successes not current so it's better to asume that they are able to decrypt even large key secured communication
They just bought a software that tries to bruteforce that. And now they think they are 1337...
@gsrdgrdghd exactly
If they could decrypt that, SSL, RSA, etc etc etc would be broken. And they never announced anything, better read a proper translation of the original documents instead of a Google Translator version of some newspaper article.
Edit:
Yeah thats the point. Anyone can say they can decrypt RSA because anyone can bruteforce it.
I know that the translation is not great (link is from cryptome.org) but it's rare that intel agencies announce such things so I'm assuming that's possible. I'm not sure that you are aware that there is something called white intelligence which is using freely available sources. By the way do you know any alternative for SSH? Maybe any communication protocol using eliptic curves algorithms?
@gbshouse: It would be serious if they could crack the algorithm, because as @gsrdgrdghd already said we would have a big problem on the internet - but, if you have a shitty password, of course they can bruteforce it. They also can bruteforce Truecrypt if you have a bad password. All those software isn't bulletproof, the users have to activate their brains, too...
If you have a house that is very secure but leave your door opened... the secureness is worthless.
SSH is secure, don't worry
Edit: And the point is, if the German could decrypt it... the American can that since years I think. German Law enforcements aren't very good. There was a issue where they raid a apartment from one and forgot to take the computer because it was an iMac and they thought it's just the screen... :O
Better way of putting it, having a very secure house but your door can be opened with a twig.
They didn't announce it, they were asked by the communists in the government if its possible for them to decrypt it and the answer was published. But as @Amfy pointed out:
No, the left in germany are not the communists - The communists are far more left and have no parliament seats currently.
I wouldn't say that, while the executive-executive is not very good the German intelligence is highly advanced and on par with Israel and the US, just less spies outside the own country than them.
@Amfy - trained few times with guys from GSG9 and KSK they are good. German intel is present in Syria and working close with Israel.
I found this http://pthree.org/2011/02/17/elliptic-curve-cryptography-in-openssh/ - going to try
@gbshouse if you think RSA is broken you might as well stop using devices connected to the internet all together
I'm a little bit sceptic about things related to US gov. To be honest I would prefer to use Polish or Russian algorithms over AES, DES or RSA. During my studies I heard few things about US forcing other NATO countries to use specific encryption methods even for internal communication. Poland offered NATO their new EC based alg. but US were against it. The rumor states that they were unable to decrypt/brake it. Why US is building new super DC or run the whole Echelone project? To store communication which they are unable to decrypt? I doubt it...
If the US government was able to break RSA they sure as hell wouldn't use it to snoop your SSH sessions.
@gsrdgrdghd - I'm not telling that they are going to listen my SSH sessions, I'm just pointing that there is no such thing as secure algorithm
http://en.wikipedia.org/wiki/One-time_pad
;-)
Well, that depends on how you define communists.
@gsrdgrdghd - in theory it's secure but it's vulnerable for social engineering attacks (see page 12 of http://users.telenet.be/d.rijmenants/papers/one_time_pad.pdf)
Well, the only way to eliminate social engineering attacks would be to eliminate humans.
I am in favour of this plan.
Of course, anythinig is vulnerable if you disclose the key or the plaintext
However OTPs still have the problem of key distribution. That can be solved with QKD which isn't really practicable yet.
@Aldryic Yeah - Есть человек — есть проблема, нет человека — нет проблемы ;-)
Эта истина :P
good old uncle Joseph
I've never heard that term, could you explain it?
Let's just go back to natural selection. Maybe give a couple years of proper schooling (just enough for literacy really), and then let you learn shit on your own. If you don't bother, well then, good luck in life.
@DimeCadmium that's more or less how the education system works nowadays At least here.
@gsrdgrdghd - http://en.wikipedia.org/wiki/Open-source_intelligence
For example during '70 Russian GRU was using press announcements to track movement of US fleets (including real estate and travel adverts)
Yea, well not in Europe. Those who are not willing to learn in school are put in learning groups with the best of the class. The effect is: it puts the bests down and is no chance for the better for the rest. If those dumbheads leave school they won't find a job so they are put in jobs by the social service or are simply paied to stay at home. This is financed by those who have been willing to learn in school and now work hard and pay taxes.
Our governments have successfully created a generation that is feeding those who don't want and putting pressure on those that at least try to make a living. Needless to say we had and have a lot of socialist-green governments in Europe.
Humans will probably never be eliminated but we will likely be subjugated by our own creations.
A classic: http://www.wired.com/wired/archive/8.04/joy.html