| reply to PToN
Re: Wasting more $$$ The sad part of this is software that cost $0 dollars can bypass this entire government organization.
»www.truecrypt.org/ |
|
 LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | said by DataRiker:The sad part of this is software that cost $0 dollars can bypass this entire government organization.
»www.truecrypt.org/
Ever hear of traffic analysis? Don't believe that use of true crypt makes you invisible to gov't monitoring. |
|
 vpokoPremium
join:2003-07-03
Boston, MA | Traffic analysis can tell them who you're communicating with, not the content of your communication. It's like a pen register vs. a full wiretap. |
|
| reply to Linklist
said by Linklist:said by DataRiker:The sad part of this is software that cost $0 dollars can bypass this entire government organization.
»www.truecrypt.org/
Ever hear of traffic analysis? Don't believe that use of true crypt makes you invisible to gov't monitoring. Care to explain?
Do the government employees know some fundamental flaw in the very nature of logic that the best mathematicians in the world missed?
It would take more hardware than the mass of the Earth to get real time decryption. Never going to happen. Ever. |
|
|
|
CXM_SplicerLooking at the bigger picturePremium
join:2011-08-11
NYC
kudos:1 Reviews:
 ·Verizon FiOS
| He is saying they don't have to actually decrypt the data to know that 2 people are communicating. The contents of the message may be hidden but there is plenty of information in who you communicate with, when, how, file sizes, etc. If someone monitors an SSL connection you make to your bank, they may not be able to decrypt the session BUT they will know who you bank with.
The biggest problem I see with this is that most of the information they will get this way will be strictly 'investigative' and too circumstantial to be able to be used in court. They are putting way too much effort/money into this to be using it just to build circumstantial evidence against people. IMO, this is COINTELPRO on steroids... it is to target dissidents and anti-establishment people to protect the 'status quo'.
Remember, even with the NSA monitoring, the government supposedly had no idea that terrorists were going to fly planes into buildings (personally, I think they knew exactly what was going to happen but that is a different discussion). So we have to ask: Is this really to make US safer somehow? If not, then whom does it serve? |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5
2 edits | reply to DataRiker
said by DataRiker:said by Linklist:Ever hear of traffic analysis? Don't believe that use of true crypt makes you invisible to gov't monitoring.
Care to explain? As CXM_SPLICER said:
»en.wikipedia.org/wiki/Signals_in···analysis
»en.wikipedia.org/wiki/Traffic_an···security |
|
 MaxoYour tax dollars at work.Premium,VIP
join:2002-11-04
Tallahassee, FL | reply to CXM_Splicer
said by CXM_Splicer:They are putting way too much effort/money into this to be using it just to build circumstantial evidence against people. IMO, this is COINTELPRO on steroids... it is to target dissidents and anti-establishment people to protect the 'status quo'. This is actually a very real problem them intelligence experts are talking about.
The government is collecting lots of data, but has no way to sort through it. There's too much noise and very little bandwidth to actually process. We need to start being more intelligent with targeted data collection.
When our government is doing crap like monitoring the like of MLK and various other pacifists (like the occupy movement) the citizens do not benefit.
Now we are taking it even a step further and just haphazardly monitoring anything and everything hoping to find ... something ... somehwere ... but with no way of actually getting through it all.
And when something is actually found, the cost-benefit of the find hardly justifies the effort.
Meanwhile kids wonder how they are going to pay for college, people are finding their houses forclosed on, and China and India continue to take steps to out-innovate us.
--
"Padre, nobody said war was fun now bowl!" - Sherman T Potter
»maxolasersquad.com/
»maxolasersquad.blogspot.com
»www.facebook.com/maxolasersquad |
|
CXM_SplicerLooking at the bigger picturePremium
join:2011-08-11
NYC
kudos:1 Reviews:
·Verizon FiOS
| There was a great interview this morning on Democracy Now with James Bamford, the author of the Wired article. Immediately following that piece, was an interview with Thomas Drake who worked for the NSA and was prosecuted (but acquitted) of being a whistle blower. Drake talks about several different programs, one of them called Thin Thread, which were designed to sift through the massive amounts of data and only save that deemed important. The government opted to reject those programs in favor of trying to analyze everything.
»www.democracynow.org/2012/3/21/e···gest_and
»www.democracynow.org/2012/3/21/i···down_nsa |
|
4 edits | reply to Linklist
This does not break encryption in any way shape or form.
Simply put the government can't break the laws of Mathematics.
Personally I couldn't care less if they track WHO i communicate with, but If i was overly concerned I can almost promise you this system is easy to fool with a few well thought out repackages ( think hidden volumes ) and both directional and time relays on external boxes out "in space".
Without prior knowledge no system in the world could track that. |
|
 japPremium
join:2003-08-10
038xx | reply to CXM_Splicer
Thanks for the news links, Splicer. Goodman's voice intonations drive me nuts but I'm going to tolerate it for this coverage. DM often does supply good analysis. |
|
japPremium
join:2003-08-10
038xx | reply to DataRiker
said by DataRiker:...this system is easy to fool with a few well thought out repackages ( think hidden volumes ) and both directional and time relays on external boxes out "in space" Quick! Disseminate comprehension of, skill set, and impel 140 million people to adopt same! Then you won't stand out (as much).
The point of mass behavioral logging is to define norms and assign meaning to deviations. Taking unusual measures to conceal contents of data will shunt the myriad factoids of your profile through this-vs-that or first-that-then-this algorithm seeking patterns against similar myriad factoids elsewhere. A value will be assigned reflecting your data concealment behavior balanced by other elements of your profile as they relate to an ever expanding set of norms and tools to interpret them. Point is you're proposed behavior is of valuable to the NSA.
The NSA knows today's clusterfuck data dump is tomorrow's treasure trove of powers. Who it benefits and in what ways is unknowable but worthy of focused discussion. Personally I'm of the conviction that any large amount of power concentrated in one place is a bad thing. |
|
vpokoPremium
join:2003-07-03
Boston, MA | reply to DataRiker
said by DataRiker:Simply put the government can't break the laws of Mathematics. I'm curious why you say that. The type of encryption actually used on the internet (so excluding the one time pad), both symmetric and asymmetric, is in no way mathematically proven to be secure. |
|
2 edits | I say that because the government can't break the laws of Mathematics.
As for your reference to "insecure" methods I can't speak to that.
I was obviously referring to using True Crypt, and is what I use for secure communications on the internet. I send encrypted volumes for sensitive info. |
|
1 edit | reply to jap
said by jap:said by DataRiker:...this system is easy to fool with a few well thought out repackages ( think hidden volumes ) and both directional and time relays on external boxes out "in space" Quick! Disseminate comprehension of, skill set, and impel 140 million people to adopt same! Then you won't stand out (as much). I take it you didn't realize hidden volumes are undetectable since by definition they are stored inside a container volume.
One can easily put an undetectable message into a JPG or AVI file.
Stop watching CSI and read some books. |
|
vpokoPremium
join:2003-07-03
Boston, MA
1 edit | reply to DataRiker
said by DataRiker:I say that because the government can't break the laws of Mathematics, namely the steps taken to factor a number is much greater than the steps to multiply its primes. The difficulty of factoring is not a mathematical theorem. At the very least, it's known to be easy with a quantum computer using Shor's algorithm. Now, I doubt that the government has a working, scalable quantum computer being that no one else does, but given that we don't even know whether P=NP, it's not out of the realm of possibility that a classical factoring algorithm exists, either. Factoring is known to be in NP (as well as in BQP) so if it turns out that P=NP, then factoring is easy for a classical computer. If you can prove otherwise you can claim the Clay million dollar prize (»en.wikipedia.org/wiki/P_versus_NP_problem). Even if P does not equal NP, since factoring is not complete for NP there could be fast factoring algorithms.
said by DataRiker:Secondly several solutions have existed for a long time that are uncrackable, namely a short cipher ( given the key is longer than the message ) What you're describing is called a one time pad, which I mentioned, not a short cipher. The requirement that the key be at least as long as the message, along with the requirement that the key not be reused, along with the fact that they key is symmetric, means that it's not used on the internet. It is the only known form of encryption which is provably secure.
said by DataRiker:Also, sending files in a True crypt container is 100% secure given a randomized and long password.
The contents of TrueCrypt are only as secure as the ciphers used, which are not *mathematically proven to be secure*. In addition, there could be side-channel attacks (for example, grabbing a copy of the plaintext while the intended user is decrypting the file). Of course, TrueCrypt's ciphers are also symmetric, so it doesn't help with the internet's need for asymmetric encryption where no key is pre-shared.
Sorry, you talked out of your ass on the mathematically secure part. While it would be great to have provably secure encryption, that's not how it is at present. |
|
| Short Cipher = one time pad with shorter message than the key.
Necessary since codes were sent frequently with them and it was thought keeping message lengths secret were insurance against spying. |
|
