headers
Alec Muffett | 7 Mar 2012 09:34
Picon
Gravatar

Re: Break-Open One-Shot Password Stores


On 29 Feb 2012, at 10:59, Michael Simpson wrote:

> If you don't need to seal too many items and it is for your personal use then how about using Victorian
sealing wax. You could design your own seal and there are mailable waxes now. You can also use methods to
adhere the seal to plastic or metal for more tamper proof envelopes. 

It comes down to the envelope, then.

I used to read my school report cards sealed in their envelopes by dosing the envelope with butane from my
fathers lighter-refill; would render the envelope paper transparent for about 10 seconds, and vanish
completely without warping the paper.

	-a
Permalink | Reply | 0 comments |
headers
Brian Morrison | 16 Mar 2012 18:31
Picon

Interesting article about NSA facility and capabilities

Have a look here:

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1

I wonder if the claims made about it's capabilities are accurate?

--

-- 

Brian Morrison
Permalink | Reply | 23 comments |
headers
Brian L Johnson | 22 Mar 2012 18:24
Picon
Favicon

Re: Interesting article about NSA facility and capabilities

Brian Morrison <bdm@...>,:

> Have a look here:
>
> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
>
> I wonder if the claims made about it's capabilities are accurate?

Oh, they're completely inaccurate. Totally false. The NSA says so.

See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/

--

-- 
brianlj
Permalink | Reply | 2 comments |
headers
Tony Naggs | 23 Mar 2012 01:14

Re: Interesting article about NSA facility and capabilities

On 16 March 2012 17:31, Brian Morrison <bdm-o5T6nCHPYcDe9xe1eoZjHA@public.gmane.org> wrote:

Have a look here:

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1

I wonder if the claims made about it's capabilities are accurate?

I think there is only one writer with the contacts and reputation for reporting reasonably accurately on the NSA, its capabilities & intentions:
http://www.amazon.com/James-Bamford/e/B000APPIUM/ref=ntt_athr_dp_pel_1

And according to the NY Times: U.S. Moves to Ease Limits on Data Use in Terror Analysis
http://www.nytimes.com/2012/03/23/us/politics/us-moves-to-relax-some-restrictions-for-counterterrorism-analysis.html?_r=1&pagewanted=all?src=tp

Which seems to support Bamford's hypothesis ... or perhaps it is all a great disinformation campaign?


tttfn,
Tony

Permalink | Reply | 0 comments |
headers
Charles Lindsey | 26 Mar 2012 18:42
Picon
Picon

Re: Interesting article about NSA facility and capabilities

On Thu, 22 Mar 2012 17:24:09 -0000, Brian L Johnson  
<brian@...> wrote:

> Brian Morrison <bdm@...>,:
>
>> Have a look here:
>>
>> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
>>
>> I wonder if the claims made about it's capabilities are accurate?
>
> Oh, they're completely inaccurate. Totally false. The NSA says so.
>
> See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/

Well today's ACM Technews quotes that artilce as if they believed it.

--

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl@...      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
Permalink | Reply | 0 comments |
headers
Peter Fairbrother | 27 Mar 2012 01:46
Picon
Favicon

Re: Interesting article about NSA facility and capabilities

Brian Morrison wrote:
> Have a look here:
> 
> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
> 
> I wonder if the claims made about it's capabilities are accurate?
> 

"According to another top official also involved with the program, the 
NSA made an enormous breakthrough several years ago in its ability to 
cryptanalyze, or break, unfathomably complex encryption systems employed 
by not only governments around the world but also many average computer 
users "

Hmmm - a breakthrough in factorisation? quantum computing? something 
new? disinformation?

-- Peter Fairbrother
Permalink | Reply | 18 comments |
headers
Peter Fairbrother | 27 Mar 2012 01:47
Picon
Favicon

Re: Interesting article about NSA facility and capabilities

Brian L Johnson wrote:
> Brian Morrison <bdm@...>,:
> 
>> Have a look here:
>>
>> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
>>
>> I wonder if the claims made about it's capabilities are accurate?
> 
> Oh, they're completely inaccurate. Totally false. The NSA says so.
> 
> See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/
> 

Should have asked Larry Page or the head of a backbone internet company 
instead, if they wanted a true answer.

-- Peter Fairbrother
Permalink | Reply | 0 comments |
headers
Brian Morrison | 27 Mar 2012 11:36
Picon

Re: Interesting article about NSA facility and capabilities

On Tue, 27 Mar 2012 00:46:15 +0100
Peter Fairbrother <zenadsl6186@...> wrote:

> Brian Morrison wrote:
> > Have a look here:
> > 
> > http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
> > 
> > I wonder if the claims made about it's capabilities are accurate?
> > 
> 
> "According to another top official also involved with the program,
> the NSA made an enormous breakthrough several years ago in its
> ability to cryptanalyze, or break, unfathomably complex encryption
> systems employed by not only governments around the world but also
> many average computer users "

Well they're not going to shout it from the rooftops if this is true.

> 
> Hmmm - a breakthrough in factorisation? quantum computing? something 
> new? disinformation?

I wondered if this might be an attempt to discourage the use of
encryption for email in particular, after all they're not going to be
able to discourage it for online commerce.

--

-- 

Brian Morrison
Permalink | Reply | 17 comments |
headers
Roland Perry | 27 Mar 2012 12:16

Re: Interesting article about NSA facility and capabilities

In article <20120327103630.00004833@...>, Brian 
Morrison <bdm@...> writes
>I wondered if this might be an attempt to discourage the use of
>encryption for email in particular, after all they're not going to be
>able to discourage it for online commerce.

Does anyone encrypt email, SMTP email that is, rather than picking up 
from https://mail.google.com

I'm very much in the "it shows you have something to hide" camp on that.
--

-- 
Roland Perry
Permalink | Reply | 13 comments |
headers
Ian Batten | 27 Mar 2012 12:21

Re: Interesting article about NSA facility and capabilities


On 27 Mar 2012, at 10:36, Brian Morrison wrote:

> 
> I wondered if this might be an attempt to discourage the use of
> encryption for email in particular, after all they're not going to be
> able to discourage it for online commerce.

Given http://goo.gl/Yeuvx it seems that encouraging people to believe AES is broken might have some benefits.

My own view is that you can trust AES for as long as it's accredited for IL5 and above information.   So long AES
is in NSA Suite B, and NSA Suite B is accredited for TOP SECRET, it would be extraordinary were it to turn out
that the NSA had an effective attack on AES.  That would imply the deliberate use of known-broken
algorithms in the hope that the opponents don't know those weaknesses and won't find them until the data
ciphered with that broken algorithm is no longer sensitive.  The life-span of TS could be decades, and a
gamble on "the state of Chinese/Russian/etc cryptanalysis between now and 2060" seems one few
bookmakers would quote odds on.  

The public policy benefit (you might be able to decrypt some data from bad guys without "practical"
side-channel attacks, which almost certainly exist unless the bad guys have a sophisticated IA
capability) seems pretty weak compared to the public policy disbenefit (the bad guys might be able to
decrypt all TS traffic, with no way for you to know it's happening).

ian
Permalink | Reply | 2 comments |

Gmane