Mail Watch

bhsup · Sep 8, 2013

Yes, I do. Come on, it's up against some stupid game about killing hookers from stolen cars.

Zelig · Sep 8, 2013

VRWCAgent said:
I really couldn't care less about the laws of those other countries. Spying has always broken those laws. Big whoopy.

So stop complaining about Chinese hacking being an act of war?

Zelig · Sep 8, 2013

And some more reputable journalism, rather than baseless speculation:

http://arstechnica.com/security/2013/09/the-nsas-work-to-make-crypto-worse-and-better/

In the 1990s, a new technique of analyzing and attacking encryption algorithms, called differential cryptanalysis, was developed. It turns out that DES' susceptibility to cryptanalysis depends on the mappings defined by the S-boxes. The S-boxes that the government had specified in DES turned out to be resistant to this kind of attack. It was later revealed that IBM's researchers had discovered differential cryptanalysis and told the NSA about it. Rather than undermining the algorithm, the NSA had used the technique to shore up DES to improve its security, then kept it secret.

As such, it all seems to be a bit pointless. Unlike the NSA's secretive work on DESwhich made the algorithm betterthe secretive work presumed to have taken place on SP 800-90 has probably made it a little bit worse. Money well spent? Not really.

http://arstechnica.com/security/2013/09/spooks-break-most-internet-crypto-but-how/

"Encryption works. Properly implemented strong crypto systems are one of the few things you can rely on." How is it, then, that agents from the NSA and its British counterpart known as the Government Communications Headquarters (GCHQ) are reportedly able to bypass the crypto protections provided by Internet companies including Google, Facebook, Microsoft, and Yahoo?

The short answer is almost certainly by compromising the software or hardware that implements the encryption or by attacking or influencing the people who hold the shared secrets that form one of the linchpins of any secure cryptographic system.

"Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around" encryption.

http://arstechnica.com/security/201...k-crypto-anyone-can-the-question-is-how-much/

SP 800-57 was last revised in 2012, and academic researchers have been saying that 1024-bit RSA is vulnerable since at least 2007.

As such, if NSA can crack this level of encryption, it's not a big surprise and it's not a big revelation. It's rather what we would expect to see. It's also a capability that's easy to defeat. Switching to 2048 bit keys is a minor reconfiguration, and it would render the ability to crack 1024 bit keys irrelevant.

Is it possible that the NSA can go far beyond the state of the art, breaking even encryption believed to be secure? Sure. It can't be ruled out. But it's not the only interpretation of the information that's been leaked so farand if experts remain confident that the basics of cryptography are all still sound (a belief that appears to be shared by Snowden himself), it's arguably not even the most likely one.

bhsup · Sep 8, 2013

No, because it is. If others want to declare war on us for spying, they're welcome to.

Zelig · Sep 8, 2013

VRWCAgent said:
No, because it is. If others want to declare war on us for spying, they're welcome to.

We'd rather support China.

Mail Watch

bhsup

Deity

Zelig

Beep Boop

Zelig

Beep Boop

bhsup

Deity

Zelig

Beep Boop

Similar threads