I've seen this a lot lately, and it's getting really annoying. It's the idea that intelligence agencies like the NSA have some form of "magical" capability to instantly crack every encryption scheme known to man because 'you don't know what they're capable of' Yes I do. I know quite well what they're capable of, and what they're capable of is nowhere near what you claim, simply because of how cryptography and computers work. Let's look at the cryptography side of things. Any textbook on information security will tell you that secrecy in the true nature of cryptographic algorithms doesn't work. However, wikipedia explains that the history of this goes farther back than one would think. In short, hiding any sort of meta-information about cryptography would be foolish. Cryptography is the ultimate open source, because it requires and benefits from the eyes of everyone. it also says with regards to modern computer encryption algorithms In short, no they didn't find some super secret special way to instabreak AES, SHA-512, RSA, or ECC. If you truly believe they did, show some damn evidence.
On the computer side, I think people overestimate the how powerful computers are in terms of password and general cryptography breaking, and even more so how powerful the NSA's computers are. Below is a link to an earlier version of the Kaspersky password checker that estimates how long it would take for different types of computers to crack a password, everything from a ZX Spectrum to the TOP500 supercomputer Tianhe-2. Obviously don't type in your real password, but play around with this. You'll find that if your password is even remotely competent and in keeping with industry best practices (20+ characters, atleast 1 lower, upper, number, special char), it would take good ole Tianhe way longer than the average human lifespan to crack it. web.archive.org/web/20170824104237/https://password.kaspersky.com/ To believe that the NSA can get it done as fast as you claim, you would have to believe that they have computers that would be TOP500-tier. I seriously doubt that.
The NSA hires a lot of crypto researchers, and they do not publish holes and attacks which reduce the search space for crypto algorithms. At the same time, the NSA doesn't want sensitive US communications to be easily intercepted by adversaries, so their work on improving encryption schemes (they were involved in helping tweak RSA) are not likely nefarious. As for "magic", it's more along the lines of interdicting shipments of computers to certain individuals, and botnetting their hardware.
Austin Roberts
You seriously doubt that a secretive agency with a bottomless wallet doesn't have access to the most powerful hardware on earth? You either glow or you are incredibly naive.
Not only will they have hardware which surpasses those computers, they'll have custom designed hardware to perform various specific tasks magnitudes of times faster than supercomputers.
Lucas Martin
The problem is not even cryptography. The problem is exploits and hardware backdoors. Best encryption algorithm isn't doing shit for you if the software encrypting has an unknown bug that can be exploited or if the hardware simply keylogs you entering the password or gives DMA access to the memory containing the unencrypted data. That is the big problem. There's ample evidence that three letter agencies influence the hardware industry big time. Look into Snowden and hardware backdoors in Cisco hardware for example.
They also probably have a lot of people figuring out exploits they don't publish and don't get found quickly because software has become so incredibly complex. Every critical new exploit in widely used software you hear of, you have to assume agencies like the NSA have known for months, if not for years. If they don't planted it there themselves by hired programmers working on opensource projects, that is. How safe or unsafe cryptography is does not even matter.
Bentley Ross
...
Logan Johnson
I'm surprised this answer took four replies to appear. Encryption is not the weak point of almost any system. Take the enigma code as an example: So then how did they break it? Don't attack the strong point. Attack things like: for example. Yes, NSA capabilities aren't infinite. However they are an advanced global persistent threat with unknown capability and (if Snowden and others are to be believed) known to have massive capabilities.
Noah Torres
There is an intelligence agency with dozens of billions of dollars to hire the most talented engineers in the world and fund projects with goals beyond the what most people can even imagine some guy on a Taiwanese basket weaving forum who knows how to install Gentoo.
There is clearly an enormous capability difference. I'd actually be surprised if they couldn't get into my system whenever they wanted to.
Daniel Murphy
Government agencies are highly capable but (mostly) low motivated. That doesn't mean they are magic though. If you are airgapped, they aren't getting in without visiting your house. If you are using simple obscure software (incl. firmware) and they have no physical access, they aren't getting in unless they focus on you and spend time finding a vuln and crafting an exploit. I would be surprised if they had a prepared exploit for Haiku. Who has time for that? If they need to get in one of those devices (eg. you are a legitimate powerful risk to them) they can with proper planning, effort and paperwork. Just don't be worth that effort and they aren't getting in.
Jordan Murphy
SUPER ADVANCED (((AI))) GOY (((NEURAL NETWORKS!))) not just auto generated if else statements
(checked) However not in a large amount and I don't live in the US.
Jackson Sanchez
By the time we have sufficient quantum computer, it will be similar situation as today with old crypto which we now can break by sheer brute force alone.
Julian Collins
glownigger or reddit retard /g/ancer Fuckoff nigger and don't come back. This board is for people who use knowledge not feels.
Tyler Peterson
Quantum computers can't break one time pads and are simple enough to implement that you don't even need a computer to use them to communicate securely. The real issue isn't a secure communications channel, it's literally every other part of the system and the practicality of it all.
To me the biggest problem is that people are trying to secure themselves without establishing a sane threat model. Most people's threat model shouldn't be a omniscient 3-letter agency. And focusing on preventing that instead of more basic shit is a bad idea. There are many ways of breaking into a system without literally breaking the encryption, since human's often fuck up. You should prioritize preventing those rather than something the NSA might be able to do. Most spying comes from people willingly giving their data away without caring where it goes. And companies frankly aren't going to prioritize chasing people who try to hide their data from them. Every normie I talk to about this shit always complains about how pointless it is and how big google's reach on their data is, when a simple adblocker/script blocker will reduce their digital footprint significantly.
Luis Carter
They hire professional psychics. Not the kind you see on late night infomercials either. They don't need magic algorithms. If they wanted you they would have already taken you.
OTPs are useless for most applications precisely because they do require a secure communication channel.
The sane reason to worry about security against glow-in-the-darks isn't some inane belief you'll be targeted, but the absolute certainty you and billions of others will be surveilled and datamined to construct a highly accurate panopticon model targeting genuinely important activists and dissidents, furthering totalitarian downfall of free society, both by actual government agents, and by spies/contractors from other colossal deep pocket entities infiltrating government.
why arent password generators using that if its so secure?
Jaxon Campbell
Because password generators don't care about whether or not you'll memorize it since you'll likely use a password manager, so they can aim for maximum entropy.
Brandon Rogers
You're going to be sitting there and throwing coins thousands upon thousands of times then? Since the plaintext is as long as the encrypted message...
Gabriel Martinez
...
Thomas Wright
it doesn't matter how strong your password and cryptography is, because your Intel CPU with Intel Management Engine and UEFI, will just log all your keystrokes and send it over network to Israel. it doesn't matter what OS you use (linux, openbsd) because Intel Management Engine and UEFI work on lower level than your OS
Intel processors are botnet, they are backdoored and they are privacy issue. Modern AMD processors also have similar backdoor called AMD PSP. Boycott both companies, do not buy modern CPU
Brandon Flores
Do you have proof of this?
Nathan Clark
Paul said so.
Nathaniel Richardson
Have noticed that too OP. They give them omniscient powers. I wonder if it's due to the decline in religion, and the need for some people to have something to worship. That, or astroturfing by the same agencies.
Blake Bennett
They are more than likely able to break almost everything, consumer technology is decades behind state of the art, and it's always been like that.
Good thing you're not important enough for them to come cracking through your hardware they nano backdoored or decrypting and analyzing your guttman wiped encrypted platter drive, what these paranoid kikes are interested is STATIC data collection, STATIC meaning they pick the low hanging fruit you basically give away for free to sell onward or store and it costs them nothing, through such methods as ISATAP, systemd, cookies, JS, your google searches, accessing your cache, SMS, texts calls, phone storage etc.
What they want besides static data collection is access basis, (((they))) will not neccessarily access anything. But they want the ability on demand to access any computer with an internet connection by any means, any log they can. And even the possibility collecting your every keystroke if you let them by running their nicely packaged malware. For the most part you have nothing to fear unless you're some big shot who's going to be the next big thing being attempted to extort and buy out, like most of our politicians. Your life is very safe untill the unforseeable future when (((they))) just might have established JewSSR v2 1984 system in place somewhere like the UK only then will we possibly see usage for this (((data))) to preemtively get rid of anyone who's even rumored to not agree with the diseased semitism and their sick policies, and in the UK they are already doing it, but only the old timers and uninformed who don't even know what a VPN is.
You are nothing untill you have defied them enough, as in a nation suddenly refuses to obey the demands of Jews and zionist puppets like the United states, anywhere important there is an www internet connection you are likely to see that power plant go down, and then you are likely to see the water pump, enrichment plant stop working or any vital infrastructure, because these places are all either running Intel or AMD, the key here is it has an internet connection, without it there is not a lot they can do without actively being on the "inside".
Keep in mind there's a also a very good chance they are holding the world hostage with these backdoors and this technology already forcing compliance. If the power and water mains goes down for 2 weeks people will die and who's to blame? The politicians or israel who rigged the CPU's behind the scenes?
Understand that It's worth being conscientious and opting out of it, but in the end unless you're the next super hero who did something they consider illegal or hate you enough they will not bother with you, yes they will collect but will they use anything against you now? No. Will they use it against you in the future? Who knows, that's why it's worth working towards destroying ZOG and not having to ever worry about their schizophrenic dreams of semitic revenge against whites and the other intelligent races. One thing is sure, even if you happen to be a duped mouth breathing leftist tranny degen even you do not want to live in their judeomarxist "utopia".
No, Mr. Zig Forums, the Israeli aliens in the Federal Reserve's underground Moloch worshipping Satanic cave temple of the 33rd degree Master Mason Illuminati can't spy on your webcam without turning its LED on or use your DAC-connected headphones as a mic to listen to you. If you went to college instead of shitposting on incel echo chambers, you'd have an ounce of critical thinking.
William Sanders
You will never have it. That's why it's called “the next nuclear weapon”.
Nathaniel Jackson
That isn't how encryption works, regardless of how much kikes wish it to be so.
Grover's quantum algorithm is still right now a theoritical attack, but once quantum computing gets powerful enough, AES is a goner.
Dominic Harris
Grover's algorithm halves the key size so yes, AES 128 will be a goner. AES 256 on the other hand, should be secure.
Sebastian Gutierrez
lol proof is everywhere at least amd had discussions on plebbit with respect to disabling the psp. (most and possibly all amd motherboards offer the option to "disable" it, but if it actually works or not is unclear).
Thomas Watson
i smell a (((kike))).
Henry James
Unfortunately, no. This is not like before, where increasing computing power brought brute-force cracking within reach, but that was offset by applying the same computing power to more difficult algorithms and longer key lengths.
Quantum computers would not simply be a leap forward in conventional cracking power, but would present a completely different paradigm that is absolutely devastating to all conventional cryptography algorithms, present and future - the ability to test every possible key simultaneously.
The saving grace is that it appears quantum cryptography is going to be easier to implement than quantum processors, and will probably be with us sooner.
This. Buy OpenPOWER if you can, or use older AMD hardware (FX-8350 is good), or liberate the older Intel generations where the ME has been defeated.
Do you have a search engine? The existence of ME and PSP are well documented facts.
Jaxon Sullivan
I don't smell any argument.
Give me an instance of someone having a router that logs everything and caught his Intel CPU sending his nudes to an Israeli server.
Tyler Miller
cool generic copy paste schlomo
Isaac Hill
That's not the point he was making. The argument is wether agencies have certain capabilities not wether they've used them, and Intel with all their secrets around the ME might be implicated in that.
Jacob Peterson
You cannot log that with routers because all routers are backdoored in factory and they hide certain packets from being visible in logs. Even if you use OpenWRT it won't matter as this backdoor is hardware one. Also, how would you detect Intel CPU sent it? The packet will be encrypted and it won't be sent to official Mossad server but some common amazon/cloudflare/facebook/microsoft server that won't look suspicious. Intel CPU might send their messages when there is a lot of other traffic to hide in it, or send it when you are sleeping.
Isaac Rivera
You are a faggot
You are a faggot because you can use an oscliscope to test for those packets with laughable ease
Landon Miller
What if it only works when the NSA sends it a special packet?
John Carter
You are talking about spending tens of thousands $$$ for an oscilloscope that can accurately measure packets fast enough for 1 Gbps ethernet. 10 Gbps or 40 Gbps an oscilloscope could approach millions of $$$.
Ian Robinson
Don't use a 1gb line you stupid fag, just get a line with low speeds instead.
Justin Peterson
Then can we use a cheapo USB wired network adapter to defeat AMT? I was hoping so. The problem of still running ME in the background remains, though.
>i smell a (((kike))). Imagine being so stupid you don't know what ((())) means
Asher Ortiz
Not trolling, genuinely interested.
Why do you Zig Forumsacks fallback to this blatant admit of defeat when you have no argument and are losing an argument so fucking hard? You could at least try to convince someone by actually trying the damage control card, but instead you do everything you can to lose even harder and after a few posts just claim you're not here to make a point but to make fun of people (PROTIP: you're actually the ones made fun of, and I don't know anyone, Jew or goy, who's remotely scared of you taking power because it'll never happen). When did you decide to adopt this apporach and unironically started thinking it would work?
Jose Fisher
Security Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets Bugs can be exploited to extract info, potentially insert rootkits By Thomas Claburn in San Francisco 20 Nov 2017 at 23:53
Bentley Campbell
Phew! Good thing they found these holes so they can patch them in future CPUs then.
If you believe this is how engineers maximize their income, you're utterly retarded. That exploits exist in processors is not a proof of conspiracy. I know you program in C and think you're the shit because you check (some of) your mallocs, but I also bet you make at least twice as many mistakes per line of code as they do. I also bet one of the reasons why you think CPU exploits can't be unintentional is because you've never heard of concurrency in your life, so you you think testing shit is easy. I also assume you've never had an actual job since you seem to think risking major fuckups of this kind when you have direct competition is profitable. It's only the case for Apple because it's a well-known fact their business model is based on sectarianism. In any case, you obviously have no argument and rely only on pooh pooh to make yourself sound cool, not even to prove anyone wrong. Like Zig Forumsacks.
I don't care what the NSA can do because I'm not a threat to the national security of an allied country and they don't share their illegal evidence with domestic law enforcement.
Jack Hernandez
Totally agree computers not magical. But they are, in the way that a performing magician is magical. There is what is call `magic` in computers that allows them to recognize what type of file a file is by its header. The first few bits signify the type of file so that the system can link the right compatibility.
great, the only products that both rely on it and have shitty laughable implementations are shitty little web servers on home routers, and similar crapware that wont be saved no matter how many best practices you proclaim on the internet wat why? they have money to build bluffdale and noone gave a shit if you give a fuck about security you're obviously already cascading ciphers.
Jason Gomez
magic is UNIX braindamage
William Sanchez
Nah, this still doesn't tell me why Zig Forumsacks think saying "lol ur a kike XD" means they're right.
Robert Butler
DoD and ABC's are already utilizing systems such as these for automation features for Facial Recog, Traffic Analysis, Pedestrian Pathfinding, WebCrawling, SIGINT. T. Wikileak Fag
Are you saying you're not a jew, or Intel isn't jewing everybody with backdoors?
Alexander Martinez
IIRC DWave's """"""""""quantum computer"""""""""" if you can call it that can only work on optimization problems You can also try to shoehorn some other problems in by trying to turn them into an optimization problems.
Easton Perry
...
Luke Davis
OHH! IS IT? WHERE IS THE PROOF? OH I SEE, U R A SCHIZO WHOSE MOTHER FAILED TO BREASTFEED.
Justin Rivera
His mom not only failed to breastfeed him but also has been fucked by him! And now he is sucking his mom's boobs because he couldn't it when he was a baby!
Kayden Gray
babby read an introduction to crypto book and is now spreading knowledge to the peasants
James Morales
He claimed the actual computer hardware to have special snooping capabilities.
That is not just a claim, but an admitted fact.
He did not claim this bugged hardware permanently sending packets towards TelAviv. Your claim that it is "trivial" to check hardware for hidden listening devices is factual false: en.wikipedia.org/wiki/The_Thing_(listening_device)
You can sit for years in "your Faraday cage" and cross-check your cheap home router with wire-shark, as long as the bugging-mode is not activated you wont find anything. Routers are bugged, not only Snowden claims this, but any observer of bug-checking list knows that Cisco hardware is riddled with backdoor passwords and modes since decades, that apear "solely coincidental and by random". Beside of simple backdoors in firmware, there are so many possibilities for side-chanel attacks.
Of course your cheap one-chip home router has no backdoors what so ever, promise me said Broadcom. If Intel didn't tell all the world about ME, sell it to administrators as VPro, you wouldn't and couldn't know about its capabilities.
/pol is allways right!
Jewish arogance and bragging was allways your undoing.
You think that, but NSA thinks that readers of the Linux Magazine are dangerous extremists and CIA make people disappear that wear a type of a cheap Casio watch.
Even if you are just some low level peon, Mossad might be interested in the keys to the building you are cleaning the floors of.
Elijah Cook
NSA is a government agency so they probably suck at what they do
Samuel Young
This is a good point. People often times feel powerless in the face of things that they don't understand.
To be clear the NSA and other intelligence agencies do some advantages in cracking cryptography.
Firstly most encryption types are based on prime numbers and sqaure roots or cubed roots of prime numbers.
If you know you are going to breaking an encryption that is based on prime triplets or something like that you just use a compute cluster to generate a lookup table of prime triplets or their factors or cubed roots. Precomputation saves a lot of FLOPs/IOPs. This shortcuts the process of cracking encryption tremendously. It's like cracking hashes with rainbow tables versus a regular dictionary attack.
Another thing they have is ASIC(application specific integrated circuit) devices. ASIC devices were originally created for graphics processing back in the day before GPUs were a thing. Most famously ASICshave been designed for cracking unsalted SHA256 hashes. Basically any function you can do on a computer you can create a hardware implementation that will do it more efficiently.
FPGA(field programmable gate array) is a programmable circuit. They are not as efficient as ASICs but they have the key advantage of being programmable. You can flash them for any purpose. Notably FPGAs have been set up for cracking WPA/WAP2. They can generate about 2 billion PMK/s. For reference an average laptop CPU can generate about 3,000 PMK/s.
Basically by breaking the encryption process into managable parts and using precomputation security agencies have an advantage in cracking encryption.
This being said, it still takes time to crack encryption. Using multiple layers of encryption make cracking take much longer. If it takes a month to crack the type of encryption you are using then it should take about 1,000 months to crack 1,000 layers. Using multiple types of encryption are a good idea.
If you want to troll the NSA. Copy and paste the 4th amendment into a text file then use 10k layers of encryption over it.
Also being aware that using heavy encryption is something that will flag you for monitoring by intelligence agencies. If you're using some heavy encryptians at work that can throw some security flags depending on the security level of the network you are using.
I'd be less concerned with encryption. I'm sure there are encryption solutions that the NSA can't crack. What I would be concerned with is Equation group 0days or custom hardware level hacks that the NSA likely has.
Shortly don't do shit that will make you a target of the NSA. Don't send money to middle eastern countries, etc.
Shortly if it's very sensitive information than you shouldn't be sending over a public network.
Pic unrelated. Trinity using NMAP and SSH in one of Matrix movies. Just want to point out that movies and media make out hacking to be something that it is not.
