How to decipher everything

Discussion in 'The Pub (Off topic discussion)' started by GIANT_CRAB, Sep 5, 2013.


    GIANT_CRAB New Member

    May 21, 2013
  2. drmike

    drmike 100% Tier-1 Gogent

    May 13, 2013
    Just when you thought it couldn't get any worse, well it did.

    No mention about SSH and other "open" standards.

    Bet you ass everything from Microsloth, Gaggle and Crapple are compromised from top to bottom.

    I wonder how much more dirty ops money this trio and others are receiving annually from spook agencies?  Could it me that a very big chunk of their incomes is directly from government?  Possibly.
    Last edited by a moderator: Sep 5, 2013
    GIANT_CRAB likes this.
  3. jarland

    jarland The ocean is digital

    Apr 4, 2013
    NSA needs a powerful database leak, that's all. Dump everything, expose every single one of them and every single one of us. It's worth it. I'll donate money to that cause. I'd gladly have my private life zipped on media fire for anyone to download if they fall with me. I don't care about my privacy all that much, I care about my right to care about my privacy.
    Last edited by a moderator: Sep 5, 2013
    drmike likes this.
  4. KuJoe

    KuJoe Well-Known Member Verified Provider

    May 17, 2013
    Wow, the NSA continues to impress me more and more. If I knew about this kind of stuff in high school my life would be completely different right now.
  5. wdq

    wdq Quade

    May 11, 2013
    This really isn't too surprising, it's just something that I always hoped wouldn't be true. If you think about it, sending a letter to someone physically may be more secure than sending someone an encrypted email. 
    titanicsaled likes this.
  6. wlanboy

    wlanboy Content Contributer

    May 16, 2013
    Every problem based on math just needs time - so we all knew that encryption can break. But having backdoor all around ... wow.

    No, all physically sent letters are automatically scanned.

    If they pick one address - all mail is forwarded to a special basket. Even in the EU - so guaranteed in the US.
  7. Shados

    Shados Professional Snake Miner

    May 15, 2013
    Yeah, this is pretty much just reading as "encryption on closed-source or hosted solutions has government backdoors", but honestly that's to be expected. What competent spook agency wouldn't leverage large companies into covertly sabotaging their encryption methodologies? And NIST deliberately pushing weak standards also shouldn't be a surprise, given they are ultimately a government agency - you cannot expect them to be independent.

    TL;DR: Rely on open-source, internationally recognized encryption technology.
  8. drmike

    drmike 100% Tier-1 Gogent

    May 13, 2013
    Well, that's not true to some extent in the US.

    For a decade or better the US Postal service has been scanning every parcel and piece of mail.  All those images have been indexed and intelligence made of them. Has been used to mine for all sorts of clues about people.

    No, they don't open the envelope and scan it, but still, depending on package might be some revealing info you wouldn't want correlated to you personally.
  9. stim

    stim New Member

    Jun 22, 2013
    Unsurprising but still a wake-up call. It's bound to trigger innovation in more secure systems, which surely is a good thing.

    I suspect that further revelations will show how corporate espionage on this scale is being used to manipulate the markets. In the end, this only damages business trust, and economic repercussions are guaranteed.

    To suggest that these programs are only targeted at catching 'terrorists 'is truly laughable. NSA operatives have been caught spying on ex-lovers and family members - to the extent that there is an official term for such behaviour - LOVEINT. Hundreds of thousands of people have ghost access to these tools. There seems to be no oversight whatsoever.

    It would appear that the Legislators are either technically ignorant, or willfully tramping on our Human Rights.
    Last edited by a moderator: Sep 6, 2013
    drmike likes this.
  10. peterw

    peterw New Member

    Jun 14, 2013
    So don't use TrueCrypt.
  11. drmike

    drmike 100% Tier-1 Gogent

    May 13, 2013
    TrueCrypt is a wildcard since the developer(s) have been uber secretive.

    Unsure if it is a honeypot or not.
  12. kaniini

    kaniini Beware the bunny-rabbit! Verified Provider

    Jun 18, 2013
    Actually, the malarkey with Dual_EC_PRNG was forced through NIST process by the NSA.  NIST was given the reigns of standardization of crypto after the DES stuff was found to be intentionally weak, and the AES process was well-executed.

    Beyond that, NIST does not recommend use of Dual_EC_PRNG, they just publish the specification because they were strongarmed by NSA into doing it.

    NIST really isn't the problem here...
  13. patz

    patz New Member

    Jun 4, 2013
    According to this,

    I wonder if these and other statements in the article are true.


    GIANT_CRAB New Member

    May 21, 2013
  15. KuJoe

    KuJoe Well-Known Member Verified Provider

    May 17, 2013