Pages:
1
2
3
..
6 |
albqbrian
Hazard to Self
Posts: 73
Registered: 26-5-2011
Member Is Offline
Mood: Alternatingly paranoid or pi**ed
|
|
Oh yeah, no reason to be paranoid...
Here's a scary, scary article detailing the NSA's latest efforts to basically record, analyze, and decrypt pretty much everything
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/al...
One line in the article pretty well summed it up:
"We're about that far (fingers nearly touching) from a turnkey totalitarian society. This from the major source for the article; a former, long-term
NSA employee.
[Edited on 16-3-2012 by albqbrian]
|
|
Morgan
International Hazard
Posts: 1694
Registered: 28-12-2010
Member Is Offline
Mood: No Mood
|
|
According to Villasenor, “For the first time ever, it will become technologically and financially feasible for authoritarian governments to record
nearly everything that is said or done within their borders--every phone conversation, electronic message, social media interaction, the movements of
nearly every person and vehicle, and video from every street corner.”
http://www.fastcompany.com/1802688/pew-rising-cell-phone-wor...
|
|
entropy51
Gone, but not forgotten
Posts: 1612
Registered: 30-5-2009
Member Is Offline
Mood: Fissile
|
|
I hope no one is surprised by this. It has been going on for years. There have been court cases over the government's use of a splitter in the AT
& T San Francisco hub which captured all of the internet traffic passing through.
|
|
Rosco Bodine
Banned
Posts: 6370
Registered: 29-9-2004
Member Is Offline
Mood: analytical
|
|
Wonder what kind of bandwidth they have .......
(all of it)
|
|
Vogelzang
Banned
Posts: 662
Registered: 26-4-2008
Member Is Offline
Mood: No Mood
|
|
How reliable is the data storage?
http://www.rollingstone.com/music/news/file-not-found-the-re...
http://www.fredstates.com/
http://news.yahoo.com/blogs/sideshow/racist-don-t-nig-anti-o...
|
|
Magpie
lab constructor
Posts: 5939
Registered: 1-11-2003
Location: USA
Member Is Offline
Mood: Chemistry: the subtle science.
|
|
I find this statement particularly disturbing:
“They violated the Constitution setting it up,” he says bluntly. “But they didn’t care. They were going to do it anyway, and they were going
to crucify anyone who stood in the way.
[Edited on 16-3-2012 by Magpie]
The single most important condition for a successful synthesis is good mixing - Nicodem
|
|
AndersHoveland
Hazard to Other Members, due to repeated speculation and posting of untested highly dangerous procedures!
Posts: 1986
Registered: 2-3-2011
Member Is Offline
Mood: No Mood
|
|
2 Billion dollars to construct the building. How much are all the employees and armed guards going to cost? At a time when many
Americans are struggling to pay rent in overcrowded substandard apartments, the government is wasting huge quantities of resources. Is it even
feasible to actually carefully analyse all the information on the internet? This is just another big waste of money. I thought the US
Treasury already has an enormous debt burden.
|
|
anotheronebitesthedust
Hazard to Others
Posts: 189
Registered: 24-6-2007
Member Is Offline
Mood: No Mood
|
|
If you pay taxes to your government, you're a part of the problem.
|
|
Polverone
Now celebrating 21 years of madness
Posts: 3186
Registered: 19-5-2002
Location: The Sunny Pacific Northwest
Member Is Offline
Mood: Waiting for spring
|
|
The most surprising and least verifiable claim in the article is that the NSA made a major breakthrough in defeating common cryptosystems sometime in
the last several years. It is unclear if the claim is supposed to be about the public-key part, e.g. integer factorization for attacking RSA, or the
symmetric key algorithms like AES that are hybridized with public keys.
One thing you can be sure of: analyzing encrypted communication always takes more effort than analyzing unencrypted communication. If you want to
throw a little sand in the gears of the surveillance machine, use encrypted communications when available. Pick https://www.sciencemadness.org/whisper/ instead of http://www.sciencemadness.org/talk/. The EFF's HTTPS Everywhere project is a good addition to your privacy if you use Firefox or Chrome. This also increases your protection against more mundane
snooping, e.g. people spying on wifi traffic at hotels and airports.
PGP Key and corresponding e-mail address
|
|
Magpie
lab constructor
Posts: 5939
Registered: 1-11-2003
Location: USA
Member Is Offline
Mood: Chemistry: the subtle science.
|
|
I have the sickening feeling that this retarded parrot in the form of Bluffdale/Stellar Wind is going to cause a lot of misery to a lot of innocent
people.
The single most important condition for a successful synthesis is good mixing - Nicodem
|
|
gregxy
Hazard to Others
Posts: 421
Registered: 26-5-2006
Member Is Offline
Mood: No Mood
|
|
I'm more annoyed by the waste of money that this thing is.
The signal to noise ratio must be -120db. How would they
ever find anything useful in the data? Bin laden knew everything was tapped therefore he used a flash drive and
stuck it up a camels butt for safe keeping.
On the "positive side" at least they are looking for evidence. In a real police state they would just make you disappear if there was the slightest
suspicion.
|
|
bbartlog
International Hazard
Posts: 1139
Registered: 27-8-2009
Location: Unmoored in time
Member Is Offline
Mood: No Mood
|
|
Eventually I expect one-time pads to make a comeback (as encryption mechanism). I believe Deutsche Bank still uses them for transaction
authentication.
The less you bet, the more you lose when you win.
|
|
Magpie
lab constructor
Posts: 5939
Registered: 1-11-2003
Location: USA
Member Is Offline
Mood: Chemistry: the subtle science.
|
|
That's the problem. After spending billions on this boondoggle they will have to continually find bogeymen to justify their jobs. That is the
self-serving mission of all organizations - justify your job so you can put food on the table and send your kids to good colleges. Stalin's GRU/KGB
is a prime example. They arrested thousands if not millions of innocent people and sent them off to the Gulags just to meet quotas. These quotas
were driven by Stalin's paranoia about staying in power. (ref: Gulag Archipelago by Solzhenitsyn).
The single most important condition for a successful synthesis is good mixing - Nicodem
|
|
bfesser
Resident Wikipedian
Posts: 2114
Registered: 29-1-2008
Member Is Offline
Mood: No Mood
|
|
Sorry if this is a little off topic, but I was reviewing the Wikipedia article on <a href="http://en.wikipedia.org/wiki/One-time_pad"
target="_blank">one-time pads</a> <img src="../scipics/_wiki.png" />, and clicked into the article on <a
href="http://en.wikipedia.org/wiki/Data_remanence" target="_blank">data remanence</a> <img src="../scipics/_wiki.png" />. Correct me
if I'm wrong, but wouldn't a <a href="http://en.wikipedia.org/wiki/Quantum_computer" target="_blank">quantum computer</a> <img
src="../scipics/_wiki.png" /> be immune to this (data remanence)?
If so, I find it <a href="http://theoatmeal.com/comics/irony" target="_blank">ironic</a> <img src="../scipics/_ext.png" /> that one
of the major issues in computer security would be solved by the same technology that the government is (or soon will be) using to defeat other forms
computer security<a href="view-source:http://theoatmeal.com/comics/irony" target="_blank" title="Do you like pterodactyls?">.</a>
Even more off-topic:
Is anyone else but myself pissed off by the sudden introduction of this bullshit term, <a
href="http://en.wikipedia.org/wiki/Cloud_computing#History" target="_blank">the cloud</a> <img src="../scipics/_wiki.png" />, to the
<a href="http://en.wikipedia.org/wiki/Vernacular" target="_blank">vernacular</a> <img src="../scipics/_wiki.png" />?
[Edited on 7/9/13 by bfesser]
|
|
bbartlog
International Hazard
Posts: 1139
Registered: 27-8-2009
Location: Unmoored in time
Member Is Offline
Mood: No Mood
|
|
Inasfar as the quantum computer is more or less the processing unit whereas data remanence is an issue affecting the storage, I don't think a quantum
computer would be unaffected by remanence. There are (I guess) other, more esoteric kinds of remanence that can be used to retrieve data from the RAM
of a computer that has been turned off, and I guess no analogous attack would be possible on a quantum machine. But whereas remanence in hard drives
has definitely been exploited practically in the real world many times, I'm not aware of any RAM remanence exploits being performed except as lab
demonstrations or curios.
The less you bet, the more you lose when you win.
|
|
johansen
Harmless
Posts: 27
Registered: 25-6-2011
Location: United States
Member Is Offline
Mood: No Mood
|
|
Quote: Originally posted by Polverone | The most surprising and least verifiable claim in the article is that the NSA made a major breakthrough in defeating common cryptosystems sometime in
the last several years. It is unclear if the claim is supposed to be about the public-key part, e.g. integer factorization for attacking RSA, or the
symmetric key algorithms like AES that are hybridized with public keys. |
Considering the Feds use commercial off the shelf cryptography for the SIPR net, there is no conspiracy. the NSA can't factor your private key.
but if they have physical access to your computer, its game over. hope you've got a red button under the desk.
.. what i would like to know is how many hard drives and tape drives the government is buying. If they indeed are keeping a copy of every email ever
sent since the 90's (as implied by some of the things Thomas Drake said) then they are probably copying everything else too.. and that would require
as many hard drives as say, Google buys?
btw: all of my instant messages are encrypted with OTR. cross platform and works with several im clients.
|
|
watson.fawkes
International Hazard
Posts: 2793
Registered: 16-8-2008
Member Is Offline
Mood: No Mood
|
|
Quote: Originally posted by Polverone | The most surprising and least verifiable claim in the article is that the NSA made a major breakthrough in defeating common cryptosystems sometime in
the last several years. It is unclear if the claim is supposed to be about the public-key part, e.g. integer factorization for attacking RSA, or the
symmetric key algorithms like AES that are hybridized with public keys. | There was a recent publication about
a vulnerability in PGP key generation for RSA keys. Lots of common prime factors were found by applying Euclid's algorithm to the moduli found in a
public key directories.
It's likely the NSA has already found this particular vulnerability, because it's a problem with the key generation software. The algorithm to find
primes is (1) pick a random number and (2) search sequentially forward from that number and look for a prime. The problem is that the intervals
p<sub>i+1</sub> - p<sub>i</sub> are by no means evenly distributed. There are certain primes with quite large gaps from the
previous prime, and these will be found preferentially. Given the number of PhD number theorists at the NSA, I would be greatly surprised that they
had not already found this defect.
I have to imagine that there are a number of relatively subtle implementation problems in every major publicly-available cryptosystem, and that this
is the origin of the claim. I find this hypothesis entirely plausible.
|
|
albqbrian
Hazard to Self
Posts: 73
Registered: 26-5-2011
Member Is Offline
Mood: Alternatingly paranoid or pi**ed
|
|
Of course, the CIA doesn't want to be left out...
As we wander down the paranoid path, here's another way new technology makes spying on us sooo much easier. This just in.
http://www.dailymail.co.uk/sciencetech/article-2115871/The-C...
So let's see. we have:
1. The CIA spying via our electronics.
2. The NSA storing and analyzing basically anything done electronically.
3. We have the latest Defense Bill allowing secret, indefinite detention of US citizens. In the US.
4. We have the FAA working out the rules to let drones fly domestically.
Yeah, what is wrong with all this? I haven't done anything wrong, no one will bother with me.
Hmm, imagine this; entirely reasonable set of actions:
A Homeland Security (or CIA or NSA or DIA or ...) analyst, well, has to analyze something. The Boss just warned him about targeting Muslims as the
backlash of NYPD's targeted spying generates more adverse publicity, DOJ scrutiny, etc. Well dang, who's left? Oh yeah, we had that memo a while back
stating the great potential danger of former soldiers, militia's, and basic white, Christian domestic terrorists. All right! No one gives a shit about
protecting their rights. Where to begin? Well they are all survivalist nuts right? How about we check that Survival Blog site; it's the most popular.
Wow, look at all of these! Hey isn't there a website that talks all about explosives? Yeah, Science Madness right! Holy Shit! Look at this: high
explosives , blasting caps, formulas. Now where would they get materials? How about Ebay, yeah, let's cross reference that. And while we're there
let's see if they bought any books related to explosives, weapons; hell just get everything they bought. Might as well do the same with Amazon. Holy
f***ing shit!!! "Boss, Ive got several hundred suspects who've been spewing anti-government talk, studying how to make bombs, and buying the supplies
to do it!" Boss: "Wow! Great job." Let's kick this up the line and ask for full bore exams on them. Heck, computer time is nothing; let's put everyone
on that Survival site and that Science sight under a fine toothed comb. I see a couple of great Annual reviews coming here." Ok, and while we're at
it,...
Oh yeah, you've got nothing to worry about...
|
|
albqbrian
Hazard to Self
Posts: 73
Registered: 26-5-2011
Member Is Offline
Mood: Alternatingly paranoid or pi**ed
|
|
Quote: Originally posted by bbartlog | But whereas remanence in hard drives has definitely been exploited practically in the real world many times, I'm not aware of any RAM remanence
exploits being performed except as lab demonstrations or curios.
|
It has been found that data stays in RAM longer than anyone thought. And decay is a function of temperature. So if someone were to "bust down the
door", grab a PC, rip out the RAM, and quickly cool it; they could grab a good bit of data. I haven't heard of that being done, but given all the
computer grabbing governments around (sadly ours is one of the worst); I imagine it's only a matter of time.
|
|
bbartlog
International Hazard
Posts: 1139
Registered: 27-8-2009
Location: Unmoored in time
Member Is Offline
Mood: No Mood
|
|
Quote: | So if someone were to "bust down the door", grab a PC, rip out the RAM, and quickly cool it; |
To be sure, it's possible. The point is that this is really inconvenient and would require special training and equipment on the part of the LEOs, and
risk damage to the other components of the computer. You're talking about something that would only be useful in very rare circumstances (suspect is
running TrueCrypt or other FDE with hefty key size and we can't strongarm him into cooperating, or something). 98% of the time just grabbing the hard
drive will get them what they want. Which is why AFAIK it hasn't actually been done in real life.
The less you bet, the more you lose when you win.
|
|
GreenD
National Hazard
Posts: 623
Registered: 30-3-2011
Member Is Offline
Mood: Not really high anymore
|
|
If they have a quantum computer they can run through algorithms like nothing.
Any algorithm could be broken by brute force in a reasonable amount of time by a quantum computer.
No idea if they have one, but on the paranoid side of things, it sounds like maybe they do? Who knows. The government has some pretty crazy projects
going on.
So truecrypt & project tor are exactly what this base is set up to dismantle...
The signal to noise ratio, I'm willing to bet, is pretty large. If you psychoanalyze how people write, you can very easily sift through teenagers who
are angry and paranoid and that 27 year old manifesto-writing-prophesizing destructor.
I'm willing to bet this brings about some major convictions of people with some KNO3 in their basement or shit like that...
ʃ Ψ*Ψ
Keepin' it real.
Check out my new collaborated site: MNMLimpact.com
|
|
arsphenamine
Hazard to Others
Posts: 236
Registered: 12-8-2010
Location: I smell horses, Maryland, USA
Member Is Offline
Mood: No Mood
|
|
Quote: Originally posted by watson.fawkes | It's likely the NSA has already found this particular vulnerability, because it's a problem with the key generation software. The algorithm to find
primes is (1) pick a random number and (2) search sequentially forward from that number and look for a prime. The problem is that the intervals
p<sub>i+1</sub> - p<sub>i</sub> are by no means evenly distributed. There are certain primes with quite large gaps from the
previous prime, and these will be found preferentially. Given the number of PhD number theorists at the NSA, I would be greatly surprised that they
had not already found this defect. |
Okay, I'll play straight man.
A brute force attack on RSA keys would require superpolynomial subexponential runtime
(even if you tried them all, then it would take a lifetime).
However, you say a directed key search using most-likely groups of primes is practical.
I wonder how many keys NSA can crack in a day? Their energy budget is equal to the
nearby state capital, and doubtless powers a lot of silicon.
|
|
watson.fawkes
International Hazard
Posts: 2793
Registered: 16-8-2008
Member Is Offline
Mood: No Mood
|
|
Quote: Originally posted by arsphenamine | However, you say a directed key search using most-likely groups of primes is practical.
I wonder how many keys NSA can crack in a day? Their energy budget is equal to the nearby state capital, and doubtless powers a lot of silicon.
| To be fair, I didn't say anything about how the key generation vulnerability might lead to a practical
attack. First, it's certainly conceivable that I'm wrong about the prime gap theory. It's possible it's some flaw in the random number generator that
leads to a less-than-maximal set of initial seeds for the search.
In addition, I don't how the number theory falls out. The gaps between primes are not well understood, even though they've been extensively studied.
The twin prime conjecture is testament to that. Wikipedia has a page on prime gaps; as you can see, there are lots of open questions. There's not a known asymptotic approximation (although there is Cramer's conjecture), nor are there sharp upper or lower bounds available.
A 1024-bit prime for a 2048-bit RSA modulus is in the interval [2^1023, 2^1024). The number of primes between 2^1023 and 2^1024 is approximately
2^1024/(1024 ln 2) - 2^1023/(1023 ln 2) ~ .0014 * 2^1023. (See the prime number theorem.) Even though that's only 1.4 in a thousand, it still means there are about 2^1014.5 primes in that range. That's a lot.
Brute force attacks aren't likely to be very useful if you want to look at all of those.
If I were so motivated, I might do two kinds of experiments on this data set. The first is to replicate the original paper, find the common prime
factors, and the calculate the prime gap that preceded each one. This would provide a certain amount of evidence about the likelihood that it's a
number-theoretic problem. The second kind of experiment is simply to sample the prime gap in the stated interval and to create a histogram of the
different values. From these measurements you could get an empirical estimate of the likelihood of collisions in prime factors given a modulus size
and a population size. Such estimates could be used to inform the likelihood that it's a number theory problem.
|
|
neptunium
National Hazard
Posts: 989
Registered: 12-12-2011
Location: between Uranium and Plutonium
Member Is Offline
|
|
the head of the CIA has just announced today that they are either working on or already exist smart appliances to spy on people inside their homes!.
did he mispoke ? did he try to warned us? hard to say..
but the technology is there and smart fridge and microwave able to tell you how much calorie you are eating ARE a reality.
another thing slightly off topic, more and more laws are passed to make it harder and harder to start a business (taxi cab ,farmer, etc..) so lobbyist
can make money and some judges and lawyers can make a name for themselves. this may be a differente cause but combine the two and you have a gov. that
can spy on you or obtein mandat on frivolous pretexts.
what happen to "..for the people, by the people.." ?
[Edited on 19-3-2012 by neptunium]
|
|
Polverone
Now celebrating 21 years of madness
|
Thread Split 19-3-2012 at 14:34 |
GreenD
National Hazard
Posts: 623
Registered: 30-3-2011
Member Is Offline
Mood: Not really high anymore
|
|
I heard this too, they are putting extremely cheap chips that can access the internet somehow, and track everything you do. What channels you watch,
whether your toaster is up or down. When you open the fridge, etc. I don't know how exactly this works - since you'd need some kind of wi-fi in your
appliances, and then a network for them to hook up into?
This country is "...for the companies, by the companies"
ʃ Ψ*Ψ
Keepin' it real.
Check out my new collaborated site: MNMLimpact.com
|
|
Pages:
1
2
3
..
6 |