Announcement

Collapse
No announcement yet.

General Paranoia

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • General Paranoia

    I know this has been discussed somewhat pre-dc10... but this puts an interesting twist on it, imo. What forms of encryption do you tend to stick with blackwave? others? How much faith are you willing to put into PGP?
    if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

  • #2
    Originally posted by c0nv3r9
    I know this has been discussed somewhat pre-dc10... but this puts an interesting twist on it, imo. What forms of encryption do you tend to stick with blackwave? others? How much faith are you willing to put into PGP?
    Encryption? I use the same as Winn!! ;)
    http://www.attrition.org/errata/www/winn.001.html
    perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

    Comment


    • #3
      Originally posted by c0nv3r9
      I know this has been discussed somewhat pre-dc10... but this puts an interesting twist on it, imo. What forms of encryption do you tend to stick with blackwave? others? How much faith are you willing to put into PGP?
      It really depends on what I am using the crypto for.
      I use crypto on my:
      external drives (pgpdisk over ntfs/efs (with offloaded keys))
      usb keys (using pgpi pgpdisk)
      email (pgpi/hushpgp)(s/smime)
      communications (ssh)

      ... the thing about crypto is that most people don't have the time or the requirement to go over the implementation of the algos or the algos themselves... but soley rely on the advice of acclaimed cryptographers/cryptologists/cryptanalysts...
      check out www.cryptome.org and subscribe to counterpane'scryptogram.
      PGPi can be found here: http://www.pgpi.org/
      I have not used PGP 8 from http://pgp.com/

      I use hushmail (http://www.hushmail.com/) they have a nice antispam feature (that at least works for now)... you can block all non crypto-email... now i am just waiting for crypto-wrapping spam bots... <looking around nervously>

      ... here is a fun site: http://www.spammimic.com/

      regarding Winn's example, it takes two to tango in using communications crypto since if one of the entities drop the ball, it doesn't matter who dropped it... it has been dropped. :)

      ... in the end remember two things:

      Crypto is not meant to STOP anyone from knowing the data... just slow them down until the data invalidates, no longer becomes important.

      Crypto is usually exploited not through the algos, but the implementations of the algos and various bad programming techniques and security practices.

      I think crypto is a nice burden to use.

      Comment


      • #4
        Originally posted by blackwave

        PGPi can be found here: http://www.pgpi.org/
        I have not used PGP 8 from http://pgp.com/
        I have not used PGP 8 either, I use PGP 7.0.3. I have heard that there are some compatibility issues with the Keys in 8. DUnno from experience though.
        perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

        Comment


        • #5
          Even Blackwave's hair is encrypted. :D As for the birds in the sky, yes they are there, but the birds that possess bird droppings are the ones I am scared of!

          Comment


          • #6
            Hmmm, this *has* reminded me to upgrade my version.

            Al
            "Are my pants...threatening you?"

            Comment


            • #7
              Originally posted by blackwave
              two words:
              Use Crypto
              Three words:

              It's already broken.

              Comment


              • #8
                Originally posted by skroo
                Three words:

                It's already broken.
                thought this is a factual conversation. can you back up your words?
                -- jedi

                Comment


                • #9
                  Originally posted by J3di
                  thought this is a factual conversation. can you back up your words?
                  I see the sarcasm is lacking in this one. The inference (which is so old and taken for granted as to not even be mentioned) is that regardless of encryption, the minute so much as a single byte crosses a wire you lose control over what happens to it before it reaches its destination. Can you assure me that there is no method of removing or circumventing any cryptographic methods we currently consider to be 'strong'?

                  Comment


                  • #10
                    Originally posted by skroo
                    I see the sarcasm is lacking in this one. The inference (which is so old and taken for granted as to not even be mentioned) is that regardless of encryption, the minute so much as a single byte crosses a wire you lose control over what happens to it before it reaches its destination. Can you assure me that there is no method of removing or circumventing any cryptographic methods we currently consider to be 'strong'?
                    yes, there is a lack of sarcasm. But I'm not trolling or looking to offend. I'm looking for the facts.

                    no, there are no assurances in this life/existance/discihpline. but what I'm asking is for facts on the subject. theory and pratical application are 2 different things and what I'm asking for is pratical application. paranoia to be paranoid is bad practice.

                    and no, I take nothing for granted. but you generalize when talking about circumventing cryptographic methods in communication. be specific. talk in details. WEP is a good example.
                    -- jedi

                    Comment


                    • #11
                      Originally posted by skroo
                      Can you assure me that there is no method of removing or circumventing any cryptographic methods we currently consider to be 'strong'?
                      Yes!! Each and every email I send out is pure gibberish...completely indecipherable even to the intended recipient.;)
                      perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

                      Comment


                      • #12
                        Originally posted by J3di
                        yes, there is a lack of sarcasm. But I'm not trolling or looking to offend. I'm looking for the facts.
                        Which begs the question: if you're looking for facts, why are you doing it on a messageboard? Yes, you will get some hard-and-fast answers here, but by no means will you be anywhere near a complete understanding of the topic. Go read up on the subject from a set text.

                        paranoia to be paranoid is bad practice.
                        Granted, but a small dose of it is healthy.

                        and no, I take nothing for granted. but you generalize when talking about circumventing cryptographic methods in communication.
                        You are absolutely correct. I *did* generalise. Hint: this is because I am not a cryptographer, nor do I wish to give the impression that I am. All that I did was to throw another idea into the mix of a (very non-technical) discussion. Deal.

                        be specific. talk in details. WEP is a good example.
                        Son, don't tell me what to do. If it's that important to you, how about you go do some research and see what you come up with instead of sitting in front of the keyboard all day hoping that the magic conversation pops up that is to your liking?

                        Comment


                        • #13
                          No More Secrets

                          Originally posted by Chris
                          Yes!! Each and every email I send out is pure gibberish...completely indecipherable even to the intended recipient.;)
                          Heh, screw factoring abnormally huge prime numbers... We'll just use the Jack Daniel's method from now on ;)

                          Comment


                          • #14
                            Originally posted by skroo
                            Which begs the question: if you're looking for facts, why are you doing it on a messageboard? Yes, you will get some hard-and-fast answers here, but by no means will you be anywhere near a complete understanding of the topic. Go read up on the subject from a set text.
                            I'm on this message board because there are alot of technical like-minded folk who happen to have a wide exposure to the many fields that interest me. Hard and fast answers require detail, which blackwave was able to produce (indicating that this had become a technical discussion).

                            And yes, I have read up on the subject, keeping up with current discussions among different technical groups and publications, including books discussing analysis and attack methods. I am by no means an expert nor do I consider myself compentent, thus my question towards you about the facts.


                            Granted, but a small dose of it is healthy.
                            Yes, and the boogie man is out there in the dark to get you. Let's come back to reality here.


                            You are absolutely correct. I *did* generalise. Hint: this is because I am not a cryptographer, nor do I wish to give the impression that I am. All that I did was to throw another idea into the mix of a (very non-technical) discussion. Deal.
                            And I asked you to back up your idea. I already pointed out why I felt this was a technical discussion. besides, don't take the question about facts personally, like questioning your manhood or something. it was a question of facts and I was hoping someone could chime for the details. Cool?


                            Son, don't tell me what to do. If it's that important to you, how about you go do some research and see what you come up with instead of sitting in front of the keyboard all day hoping that the magic conversation pops up that is to your liking?
                            listen 'dad', it was a request. i'm not telling you what to do. I'm asking for answers to fill in blanks, which is what I thought a technical discussion among like-minded folk. again, I have done the research and am always looking for more data.

                            now, please stop the diatribe. this is a discussion about encryption and the possibility that there is no relevent use for it these days. Can you dig that?
                            -- jedi

                            Comment


                            • #15
                              Originally posted by blackwave
                              I use crypto for everything from email to surfing the net to irc.
                              Do you have any good links you would like to share for free or pay SSL web proxies & IRC servers? I know of Anonymizer
                              and Church of the Swimming Elephant , but does anyone have any suggestions for other good ones from a personal use standpoint?
                              Happiness is a belt-fed weapon.

                              Comment

                              Working...
                              X