Announcement

Collapse
No announcement yet.

Using copy protection dongles to distribute vpn encryption keys by mail?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Greyhatter
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Damn that's gloomy! And there must me something in between this and that:

    On the day the world ends
    A bee circles a clover,
    A Fisherman mends a glimmering net.
    Happy porpoises jump in the sea,
    By the rainspout young sparrows are playing
    And the snake is gold-skinned as it it should always be.

    On the day the world ends
    Women walk through fields under their umbrellas
    A drunkard grows sleepy at the edge of a lawn,
    Vegetable peddlers shout in the street
    And a yellow-sailed boat comes nearer the island,
    The voice of a violin lasts in the air
    And leads into a starry night.

    And those who expected lightning and thunder
    Are disappointed.
    And those who expected signs and archangels' trumps
    Do not believe it is happening now.
    As long as the sun and the moon are above,
    As long as the bumblebee visits a rose
    As long as rosy infants are born
    No one believes it is happening now.

    Only a white-haired old man, who would be a prophet,
    Yet is not a prophet, for he's much too busy,
    Repeats while he binds his tomatoes:
    No other end of the world there will be,
    No other end of the world there will be.

    Czeslaw Milosz

    Leave a comment:


  • streaker69
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by shrdlu View Post

    For those crazy folk who think the NSA/NRO/DIA/DISA/CIA/FBI/DHS/SMG etc etc etc *care* *at* *all* about what you are doing, you're wrong. They don't. You are just not that interesting. Is there anyone on this forum that those folk might be interested in? Sure, maybe. I could even hazard a guess as to who they were, and why (but I won't). For every conspiracy crazy out there that thinks the NSA is paying attention to them, there's someone in one of the TLA's that just doesn't care. Seriously.
    That was pretty much my thoughts as well. No TLA is interested in the general chatter of what goes on. But if you are one of those that they are interested in, I doubt there is much that could be done to prevent them from getting the information.

    As for the return swing of the pendulum, I don't think it's on it's way back. I have a feeling it's going to keep it's current direction, but we just won't hear about it.


    I see the clouds that move across the sky
    I see the wind that moves the clouds away
    It moves the clouds over by the building
    I pick the building that I want to live in

    I smell the pine trees and the peaches in the woods
    I see the pinecones that fall by the highway
    That's the highway that goes to the building
    I pick the building that I want to live in

    It's over there, it's over there
    My building has every convenience
    It's gonna make life easy for me
    It's gonna be easy to get things done
    I will relax alone with my loved ones

    Loved ones, loved ones visit the building,
    take the highway, park and come up and see me
    I'll be working, working but if you come visit
    I'll put down what I'm doing, my friends are important

    Don't you worry 'bout me
    I wouldn't worry about me
    Don't you worry 'bout me
    Don't you worry 'bout me

    I see the states, across this big nation
    I see the laws made in Washington, D.C.
    I think of the ones I consider my favorites
    I think of the people that are working for me

    Some civil servants are just like my loved ones
    They work so hard and they try to be strong
    I'm a lucky guy to live in my building
    They all need buildings to help them along

    It's over there, it's over there
    My building has every convenience
    It's gonna make life easy for me
    It's gonna be easy to get things done
    I will relax along with my loved ones

    Loved ones, loved ones visit the building
    Take the highway, park and come up and see me
    I'll be working, working but if you come visit
    I'll put down what I'm doing, my friends are important

    I wouldn't worry 'bout
    I wouldn't worry about me
    Don't you worry 'bout me
    Don't you worry 'bout ME..........
    Last edited by streaker69; November 29, 2008, 19:51.

    Leave a comment:


  • Greyhatter
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Your as safe and savvy as you want to be now, and as safe and savvy afterward when you realize you've done the right thing... wash, rinse, repeat.

    Leave a comment:


  • shrdlu
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    I can't take it. I tried duct tape on my fingers, I tried extra coffee (mmmm, coffee good). I give up. Seriously, if you're just looking for a secure enough, trustworthy enough, mechanism to send messages, there are plenty already out there. As our good friend Erehwon has already mentioned, reinventing the wheel is bad. Cryptography is *hard*. Seriously. If you think you have some magic answer, you don't know enough, and you haven't read enough.

    For those crazy folk who think the NSA/NRO/DIA/DISA/CIA/FBI/DHS/SMG etc etc etc *care* *at* *all* about what you are doing, you're wrong. They don't. You are just not that interesting. Is there anyone on this forum that those folk might be interested in? Sure, maybe. I could even hazard a guess as to who they were, and why (but I won't). For every conspiracy crazy out there that thinks the NSA is paying attention to them, there's someone in one of the TLA's that just doesn't care. Seriously.

    I'm certainly not saying that they (the FedGov) haven't far overstepped their bounds in the past few, but the pendulum is about to swing back (it's one of those danged physics things, pendulums). I'm just saying that you should all let common sense prevail. Smart people have worked on these problems, and there are good solutions out there, including PGP (my personal favorite), TOR, SILC (not common, but very nice), and so on.

    Remember what Barbie says: "Math is hard."

    I really need more coffee...

    Leave a comment:


  • The Dark Tangent
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Just a clarification, when you say "VPN encryption keys" do you mean the pre-shared secret keys, or do you mean the public key of the vpn device and the secret key of the user?

    The reason I ask is the pre-shared keys can be written down, told over the phone, the closing price of gold every day until the max key length is reached, etc. Also you can disable IKE/IKEv2 certificate and key management thus reducing your attack surface.

    Leave a comment:


  • Greyhatter
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Use two different encryption algorithims with two different keys and bit levels. Then figure out a small .exe that speeds up the process at both ends.

    Worried about NSA? Worry about your ISP and browser choices and settings first. What are you leaking locally? Your ISP is the first challenge, not the NSA who has your ISP by the balls anyway.

    Leave a comment:


  • erehwon
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by caleb View Post
    Some interesting points.

    To clarify, I am not so much "concerned" with the NSA as I am aggravated with the way they have taken their power to listen in on anyone and made a machine to listen in on everyone. My method of protest is to do my best to bypass their filters and obfuscate my communications as much as possible. I was thinking about starting a little tunnelling service for political dissidents, conspiracy theorists, investigative journalists and the generally paranoid.
    If you're aggravated with with the NSA, you should really be fuming over the whole worldwide signals intelligence community. The NSA has the biggest "Friends and Family" plans around, if NSA isn't listening in, there is always the Canadian CSE, United Kingdom's GCHQ, DSD from Australia, and New Zealand's GCSB. Not knowing where you're from, there's entirely a good chance that unless you personally coded your OS, that it might be leaking information about you to one of the above mentioned agencies.

    Know that NSA is the largest single employer of mathematicians in the U.S. (and very likely the world)

    Mind you since they only have so many analysts, its a mind boggling exercise to figure out the real signal from the all the noise.

    As far as starting a tunneling service from scratch, your best bet isn't to reinvent the wheel, but build on some existing technology, mess around with Tor, its the best example of what I like to call "Not ready for prime time" software, but doing a considerably better job than any of the other existing anonymity networks out there.


    Originally posted by caleb View Post
    "NSA black helicopter and van outside your place right now." -- Thanks for a good laugh. Just to let you know, I listen to The Alex Jones Show. The helicopters and vans have left long ago presumably due to boredom ;)
    Just because you can't see them, doesn't mean they aren't there, for all you know there might be a RC-12 loitering around your neighborhood on a joint training operation...

    Leave a comment:


  • DaKahuna
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    PKI is not subject to man in the middle attacks in the way I think you are looking at it. Yes, it uses public keys but even if I have your public key, I don't have your private key, as that SHOULD NEVER be transmitted over the network and the private key is used to encrypte and decrypt. So while I may have both user's public keys, encryption and decryption requires the private key as well. For example. You and I share public keys. I use my private key and your public key to encrypt and email and send to you. You use my public key and your private key to decryption. Public keys are just that, public. They are shared on public servers which any one can access but without the private keys to do the encryption and decryption they are essentially useless.

    Leave a comment:


  • caleb
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Some interesting points.

    To clarify, I am not so much "concerned" with the NSA as I am aggravated with the way they have taken their power to listen in on anyone and made a machine to listen in on everyone. My method of protest is to do my best to bypass their filters and obfuscate my communications as much as possible. I was thinking about starting a little tunnelling service for political dissidents, conspiracy theorists, investigative journalists and the generally paranoid.

    Why not use PKI? (my understinding is) PKI involves both ends sharing public keys, and depends on the cypher to secure data. When keys are shared in secret, there is no possibility for the cypher to be cracked because the man in the middle has no keys at all. It would be nicer to not have to worry about when some mathematician will make a formula to crack your encryption and all your old communications will be readable. I also have a "build it for the hundred year storm" mentality.

    I looked at Aladdin hasp. It's no good when the company has a chart of serial numbers matched with passwords. On Aladdin's website they said it was more secure because the keys which you write the passwords to, people can also read them out. Hmmmm.
    Then I got to wondering whether I could reburn the ROM so the serial number read 0000000. Then there would be nothing to look up. What would be the greatest would be some Aladdin dongles which haven't been programmed yet. No serial No password. I like the idea of taking big brother tools and using them for freedom.

    "NSA black helicopter and van outside your place right now." -- Thanks for a good laugh. Just to let you know, I listen to The Alex Jones Show. The helicopters and vans have left long ago presumably due to boredom ;)
    BTW: What do you guys think of The Alex Jones Show? You must have some good info, what's it all about, I still can't figure it out.

    Leave a comment:


  • Greyhatter
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by streaker69 View Post
    ...or handled a Penny, cause if you did, they have your DNA, that's the only reason they keep them in circulation.
    I'd protest this as a "tinfoil hat" post heading for dev/nul, but then I'm too paranoid to protest. Now what'd I do with those damn wheat pennies?
    Last edited by Greyhatter; November 24, 2008, 21:14. Reason: cleaning off my DNA

    Leave a comment:


  • streaker69
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by Greyhatter View Post
    Especially if you file a tax return, or have a mail box close by.
    ...or handled a Penny, cause if you did, they have your DNA, that's the only reason they keep them in circulation.

    Leave a comment:


  • Greyhatter
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by streaker69 View Post
    IMO, if you're concerned about the NSA, then you have bigger issues than what encryption to use.
    Especially if you file a tax return, or have a mail box close by.

    Leave a comment:


  • streaker69
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Originally posted by xor View Post

    If you are concerned about the NSA you need to do the following to exchange your first key:

    Meet in person, in a sound proof Faraday cage and exchange keys.

    xor
    IMO, if you're concerned about the NSA, then you have bigger issues than what encryption to use.

    Leave a comment:


  • xor
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    Or you could do it old school and either make up your own cipher, or use one of the traditional ciphers and send it via snail mail. Then you can communicate via electronic mail with your key.

    But honestly PGP seems secure enough to me.

    xor

    Leave a comment:


  • xor
    replied
    Re: Using copy protection dongles to distribute vpn encryption keys by mail?

    My only experience with dongles are of the parallel port variety used for anti-software piracy. Man those things were a pain in the butt.

    If you are concerned about the NSA you need to do the following to exchange your first key:

    Meet in person, in a sound proof Faraday cage and exchange keys.

    xor

    Leave a comment:

Working...
X