[Chugalug] Is time for crypto for non-techies class?

Stephen Kraus ub3ratl4sf00 at gmail.com
Tue Jun 11 21:47:53 UTC 2013


Also:the I think its pretty foolish to assume that every encryption crack
was simply a matter of brute forcing a password or using rainbow tables.
The encryption on a system does not suddenly turn it into a one-time pad,
if someone like the government decides its work breaking your encryption
they are going to break it.

Not to mention I know things like open source encryption has been highly
examined by the NSA, after all they need to know what systems their
adversaries might use and what systems might also be useful to them.

By the way, tinfoil hats ECHELON was a real system. Not some massive
government controlled AI (sorry conspiracy theorists) but it was real none
the less.

Am I saying you shouldn't encrypt? Of course not, especially as the courts
have determined encryption is protected by the Fifth Amendment, but just be
aware its safe to assume its already compromised somehow
On Jun 11, 2013 4:39 PM, "Stephen Kraus" <ub3ratl4sf00 at gmail.com> wrote:

> Network engineer who was arrested for child porn, refused to de-encrypt
> his hard disk. They finally broke the encryption enough to show he DOES
> have child porn
> On Jun 11, 2013 3:27 PM, "Stephen Haywood" <
> stephen at averagesecurityguy.info> wrote:
>
>> Who's encrypted hard drive was cracked? Bruteforcing a password is not
>> the same as cracking encryption.
>>
>> --
>> Stephen Haywood
>> Owner, ASG Consulting
>> CISSP, GSEC, OSCP
>> T: @averagesecguy
>> W: averagesecurityguy.info
>>
>> _______________________________________________
>> Chugalug mailing list
>> Chugalug at chugalug.org
>> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://chugalug.org/pipermail/chugalug/attachments/20130611/4bd038da/attachment.html>


More information about the Chugalug mailing list