It was a foolish attempt, every true British citizen has a well stocked and reliable wank bank anyway, isolated from the internet. The fools.The Wykydtron said:
All Gmail Traffic Now Encrypted to Thwart NSA
- Thread starter Steven Bogos
- Start date
Knowing how an encryption system works doesn't make it all that much easier to hack. There's basically only two ways to hack encrypted software that don't involve tricking people into giving you access: brute force using computers to test every possible encryption key until you find the right one, or blind stupid luck that gets you the right one right off the bat. The latter is so unlikely as to approach being impossible. The former is so time consuming for present day hardware that the odds are you and the person you're trying to hack will be dead before you break it. Hell, your children and grandchildren might be dead before you find it.Strazdas said:
So outright trying to crack this stuff is too time consuming to ever be of use until people figure out quantum computing. Hacking via social engineering is much easier because getting past the human element of software security is a trivial matter in comparison.
But like I said, if we ever figure out quantum computing, we're going to need much better security in the IT sector. In theory quantum computers can crack encryption that would take your typical computers hundreds of years to crack in a matter of seconds.
At current computing power it will take you from now until the sun dies to crack one encrypted anything.Strazdas said:
https://www.schneier.com/blog/archives/2013/10/nsa_harvesting.htmlBke said:
The biggest lesson of the leaks is that if the NSA wants your data they will get it, no matter how much effort it takes. But if you want to prevent general snooping, SSL seems to still do a pretty good job.
I'm curious if Google is doing anything to help encrypt traffic going between them and other email providers; the email standard is inherently unsecure, and everything is sent in plaintext by default (this is why you should never send passwords by email). If they were to work out a deal with Yahoo to encrypt all mail traveling between the two companies, that would have a significant impact.
And it's also why more sites should allow SSL connections [https://www.eff.org/https-everywhere]. Escapist, please add support for SSL! :-D
Pic just about sums it up. Do they seriously expect us to believe that the NSA can't crack their encryption? Or forget that the courts can order them to release access to files? Honestly, I would rather have the NSA snooping in my files than Google. At least the NSA doesn't sell my information to third party companies...
actually yes they can't crack it, or atleast in any time that it would be useful.Sarge034 said:
It would require them knowing 2 very large prime numbers for each email session(basically every time you hit f5 the keys change). Something computers absolutely suck at trying to figure out in any reasonable amount of time.
There is also a third option - knowing the encryption key used. and that can be hacked of google servers now cant it? after all, they have to use the key constnatly to show you the messages, heck, its probably even decrypted on your end or else they would be sending you unprotected info, which defeats the purpose to begin with.Vivi22 said:
Now i dont know complexity of HTTPS encryption, but some encryptions were bruteforced, so it depends on the complexity i guess.
Yeah quantum computing will be... chaos inducing. i would however love to see such computing power to be available to everyone.
depends on encryption and type of cracking doesnt it? bruteforcing a good encrpytion with no knowledge - sure. bruteforcing a poor encryption knowing the key and salt used, heck, its been done. social engineering or outright law requests - no problem at all. besides, who says they cant get thier hands on the decryption key?direkiller said:
well they would need both keys, and the problem is(atleast for them) our ability to use large data keys has far outstriped our ability to compute them.Strazdas said:
Brute forcing is simply not an option for keys this large. It works well for 8-10 digit passwords but not 128-264 digit keys.
law requests is the only practical option in this case.
direkiller said:
I'm so glad you're a part of the NAS and can accurately tell me what the NSA's capabilities are. There are rumors that the keys are already compromised and, disregarding that, this is the NSA. Their job is to look at things people don't want them to see so it's not like they would just be starting to crack this encryption type. And then there is also the option for the NSA to get a classified court order and just have free access to certain accounts.
So... Thanks for trying to sound smart, but I'm going to laugh at your statement now. AHAHAHAHAHAHAHAHAHAH!!!!
Limitations of every computer ever built is something the NSA can get around, good to know.Sarge034 said:
"It's not like the world just started to crack this encryption type"
actually yes it is, it's something that has only been possible in the past 10 years or so. Im not saying there is not a way around this, it involves going to there servers, or interacting with the receiving computer in some way both are much more risky or involve courts.
I am simply saying that fishing an email and reading it(Like they are doing now) is not possible.