Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Feeling Paranoid? Come and share your thoughts! - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Feeling Paranoid? Come and share your thoughts!

2

Comments

  • @Maounique said: (…) have the OS log you out regularly, say, every 10 minutes…

    Okay. Why? How's this help?

    …have your OS run in RAM, and other measures to protect against raids and gun to the head things (…)

    Same question: how's this help keep things more secure from snooping?

    Thanked by 10xdragon
  • MaouniqueMaounique Host Rep, Veteran

    @aglodek said:

    It helps when paratroopers jump you when asleep or when going to the bathroom or you simply have no time to hit the nuke button.

    Thanked by 3aglodek 0xdragon netomx
  • @Maounique said:

    Oh, okay, now I get it… in case there's a raid… well, personally, should I ever manage to elicit such attention from those quarters, I should think I'd start with establishing some kind of perimeter long before such contingencies were likely to arise ;)

  • 4n0nx4n0nx Member
    edited September 2015

    @aglodek

    you are already "on the list" now. :D

  • MaouniqueMaounique Host Rep, Veteran

    @aglodek said:

    You may never know, unless you have contacts up there. Every citizen must consider this because you can't know when you are found to have eaten at the same restaurant with someone who liked a post by a muslim someplace. It will mean all your contacts will be subjected to the same treatment while you are in prison or rotting some place.

  • scyscy Member
    edited September 2015

    4n0nx said: you are already "on the list" now. :D

    You already were because of your signature:

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    If this thread keeps going everyone visiting LET will be on the list and @mkpossen will lose his JOB. Come on guys, realize you might be hurting the economy.

    @Maounique : your ideas are fun but is it really possible to set that up? The computer that can automatically destroy itself in case an enemy arises like in a sci fi movie :)

    The only solution to be sure to avoid heavy surveillance and torture is simple: be a good, law abiding citizen. edit: you won't avoid surveillance, but might avoid torture in most juridictions. Probably good enough for most of us.

  • @scy one misunderstood post on facebook...

  • MaouniqueMaounique Host Rep, Veteran
    edited September 2015

    scy said: @Maounique : your ideas are fun but is it really possible to set that up? The computer that can automatically destroy itself in case an enemy arises like in a sci fi movie :)

    Yes, it can.

    The only solution to be sure to avoid heavy surveillance and torture is simple: be a good, law abiding citizen. edit: you won't avoid surveillance, but might avoid torture in most juridictions. Probably good enough for most of us.

    When police shoots first even people with hands in the air in order to avoid the task of asking questions later, because of their color or religion, when the law requires to give them reasons to prosecute or kill your neighbour, being a good citizen will be different than law abiding one, some will be law abiding, others will be good citizens, you cant be both, even today.
    Surveillance digs dirt on people so the police, the prosecutors, the judges, the lawmakers, the military, the president etc can be blackmailed for issues having no link to their activity in office, once you control all those and the rival spy agencies, you are the real ruler of the country so everything goes, the law has no meaning, even if it is not changed to give you absolute power, you do not need that.

  • singsingsingsing Member
    edited September 2015

    Maounique said: You should use cascading encryption, at least 3 ways from different projects and with different approaches, so, one 0day will not expose you.

    Umm, zero-day refers to new exploits against software that patches don't exist for yet. Nobody uses the term zero-day to refer to breaking of a cryptographic cipher. That is not something that can be patched. Also, encryption will not protect you from zero-day attacks. However encrypted your HTTPS over OpenVPN session may be, the browser still sees all input in unencrypted form (d'oh, or it couldn't display it or execute JS, etc ...).

    Using cascaded ciphers can indeed stop a communication stream that was saved in encrypted form from being subjected to effective cryptanalysis later (compared with only one cipher being used that is later discovered to have flaws).

  • @4n0nx said: you are already "on the list" now.

    So what else is new? Been there all my life.

    @Maounique said: You may never know, unless you have contacts up there…

    C'mon, be serious! Of course I'd know. I watched all 6 - or was it 7? - seasons of Burn Notice! ;)

  • MaouniqueMaounique Host Rep, Veteran

    singsing said: Nobody uses the term zero-day to refer to breaking of a cryptographic cipher.

    And where did I say that?
    However, the implementation itself can be bugged and leak the cipher somehow or bypass it altogether, nobody can really keep checking every new version of code and you have to stay updated, one might be bugged, so you must use 3 different implementations and ciphers, not only protecting from using cryptanalysis, that would be enough to use 3 ciphers and one encryption app, however, if you use a VPN to connect to an iSCSI device which holds an encrypted container and you mount that, chances are minimal to be able to break all encryption, you have 3 implementations and 3 different ciphers. Maybe the VPN protocol can be broken due to some error in encryption, weak encryption being forced by some bug, for example, you cannot really monitor everything in real time, this is what i meant.

  • Maounique said: However, the implementation itself can be bugged and leak the cipher somehow

    You mean leak the encryption -key-? Certainly it can. But that can really only happen if you are already comprised, in which case your security is already zero to begin with. There are very few scenarios in which you have -only- loss of confidentiality due to a bug, and not a full intrusion opportunity.

    Maounique said: nobody can really keep checking every new version of code and you have to stay updated

    That's true ... but you're starting from the assumption that you have malicious code on your system, which is a no-win situation. Layering different softwares won't buy much.

  • singsing said: You mean leak the encryption -key-? Certainly it can. But that can really only happen if you are already comprised, in which case your security is already zero to begin with. There are very few scenarios in which you have -only- loss of confidentiality due to a bug, and not a full intrusion opportunity.

    Encryption can sometimes be easily broken, I think that's what he meant. So yes it might be a good idea to use "double encryption", if you are somehow a very important target, no matter if encryption for storage or encryption for your connection.

    (e.g. PPTP VPNs can be easil cracked, but if you used PPTP and connected to SSH through it, you are probably safe..)

  • Have you submitted a FIOA request on yourself via https://www.nsa.gov/public_info/foia/submit_foia_request/

    (or am I doing this to trigger the tin foil folks?)

  • MaouniqueMaounique Host Rep, Veteran

    I meant the implementation can have a bug, we saw some last year, also, i think double encryption is not enough, you need three layers, because one can have an issue and one can later be broken, but you still have one in reserve, breaking it becomes impractical and it is way easier to directly torture you to speak out. Since you know you will be tortured and killed anyway, saying something will not help you at all, therefore you need to have means to kill yourself fast, if you are important target member of the resistance or something like that.

  • Maounique said:I meant the implementation can have a bug, we saw some last year, also, i think double encryption is not enough, you need three layers, because one can have an issue and one can later be broken, but you still have one in reserve, breaking it becomes impractical and it is way easier to directly torture you to speak out. Since you know you will be tortured and killed anyway, saying something will not help you at all, therefore you need to have means to kill yourself fast

    That escalated quickly.

    Thanked by 1linuxthefish
  • MaouniqueMaounique Host Rep, Veteran

    Nekki said: That escalated quickly.

    Disclaimer: Hey, this is the paranoid thread, get out before you catch the bug!

  • 4n0nx said: PPTP VPNs can be easil cracked

    RC4 was always regarded as a risk. If you are still using RC4 in 2015 (except as an additional layer of obfuscation on top of real crypto), security can't be your top priority.

  • MaouniqueMaounique Host Rep, Veteran

    singsing said: obfuscation

    Hey, that might be a good idea not to raise flags, like, ha this guy uses a VPN but we can break it whenever we want, hence, not a priority.

  • singsingsingsing Member
    edited September 2015

    Maounique said: Hey, that might be a good idea not to raise flags, like, ha this guy uses a VPN but we can break it whenever we want, hence, not a priority.

  • 0xdragon said: And a Batchelor in Computer Security.

    Then you'd know that nobody has the resources to use a trillion guesses per second against any cryptography algorithm. Maybe against a top tenner, but not against an average citizen.

    Such a gross violation of civil liberties will come. I'd be willing to bet my life on such a statement. However, WHEN it comes is not something I'm willing to gamble on. The capacity to do such is not here yet. And it won't come without some well-publicized advancement in computer sciences in the realms of scalability.

  • Rallias said: And it won't come without some well-publicized advancement in computer sciences in the realms of scalability.

    Or the invention of a real quantum computer with a bunch more qubits than the current top 1 (6 entangled, University of Innsbruck) - The stuff Dwave produces is merely an expensive helium cooler considering it has no full mesh entanglement (so 126 useless qubits)...

  • adxnadxn Member, Host Rep

    Thanked by 4netomx jar 4n0nx Fusl
  • William said: Or the invention of a real quantum computer

    Last time I checked, quantum computers don't even do much against symmetric encryption. Basically a sqrt reduction that you can easily work around by doubling the key length. Not that that would even be necessary given how expensive real QC is going to be in the first few decades.

  • Yes, they can't be easily broken:

    http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901595

    In theory you can of course "brute" it with enough capacity (keep in mind we do not really know (yet) how a real, working (aka all major problems like interconnects solved and full entanglement) quantum computer would scale, so adding just a bunch of qubits can increase the capacity exponentially) but that would probably bring it "Only" back into the realm that a current supercomputer/cluster would need for RSA and alike - So likely not an issue.

  • netomxnetomx Moderator, Veteran

    @William said:
    Yes, they can't be easily broken:

    http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901595

    In theory you can of course "brute" it with enough capacity (keep in mind we do not really know (yet) how a real, working (aka all major problems like interconnects solved and full entanglement) quantum computer would scale, so adding just a bunch of qubits can increase the capacity exponentially) but that would probably bring it "Only" back into the realm that a current supercomputer/cluster would need for RSA and alike - So likely not an issue.

    Or just point a gun to the guy, it's cheaper :P

    Thanked by 1Maounique
  • MaouniqueMaounique Host Rep, Veteran

    netomx said: Or just point a gun to the guy, it's cheaper

    Even cheaper is to pull his fingernails out or boil his hands in cooking oil.

    Thanked by 1netomx
  • @Maounique said:

    Just get a hammer. Cheaper.

    Thanked by 1netomx
  • MaouniqueMaounique Host Rep, Veteran
    edited September 2015

    @0xdragon said:

    A rock will do also. netomx should know better, he is mexican.

    Thanked by 1netomx
  • @Maounique said:

    True that.

Sign In or Register to comment.