General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsGreenwald interview: NSA cannot break the code on Miranda's thumb drives.
JF: [ed. note: Miranda was apparently carrying large amounts of encrypted documents and communications when stopped in Heathrow.] Why are you so confidant the worlds best code breakers cant break the encryption in [Mirandas] seized computers?GG: Because I have read the documents of the worlds best code breakers, and they have talked about their inability to crack certain types of encryption.
JF: How do you think history will remember this whole affair? It is still unfolding but nonetheless, a lot has already gone down. What is Glenn Greenwalds prediction on the historic legacy of all this?
GG: I think this will be the time the world realizes that the US and its closest allies are trying to build a surveillance system that has as its primary objective the elimination of privacy globally, by which I mean that everyones communications electronically will be collected, stored, analyzed and monitored by the US government.
I think it will be seen as the moment that the United States showed its true face to the world in terms of attacks on journalism and their desire to punish anyone who brings transparency.
JF: What precautions would you give to the average internet user vis-a-vis encryption?
GG: I think encryption is vital; I hope that people will use encryption in every way possible. It helps prevent intervening in their private communications, and they should definitely start using encryption.
http://truth-out.org/news/item/18402-i-wont-be-kept-out-of-my-country-for-doing-journalism-exclusive-glenn-greenwald-truthout-interview
riqster
(13,986 posts)Dream on, Greenwald.
formercia
(18,479 posts)it will take Time and Assets to do so, thus the NSA will have to focus on important targets, rather than wasting Time with Bulk Collection.
riqster
(13,986 posts)Now, had he said "It will take them a long time to break....", he'd not have been talking out of a suboptimal orifice.
But he said what he said.
pnwmom
(108,976 posts)Recursion
(56,582 posts)I mean, just forcing your way through the keyspace isn't really "breaking" the cipher (for one thing, you never really "know" you've done it if that's all you're doing); breaking it is about finding bit correlations, which (thanks to the NSA, ironically enough) we have ciphers that are impervious to.
formercia
(18,479 posts)I think most people get the point. Sometimes it's better not to be so smart.
Shivering Jemmy
(900 posts)And there is reason to think the NSA has some hardware that can do this.
Aerows
(39,961 posts)They have had three tries to get out in front of it, but instead, failed miserably by being shown as telling untruths to the American people.
EOTE
(13,409 posts)Considering that there is no possibility it could be cracked in his lifetime or even his great-great-great-great-great-great-grandson's life, it's a pretty safe bet that GG said it "can't" be broken, rather than for it to take a very long time to break.
VanillaRhapsody
(21,115 posts)in my lifetime computers have gone from room size to palm size...
Just sayin'
Paulie
(8,462 posts)The Sun will go nova before that happens.
VanillaRhapsody
(21,115 posts)processing speeds have dramatically increased in the years (since the mid 80's) that I have been on computers and the Internet. You cannot even fathom what even 20 yrs of technology will bring.
EOTE
(13,409 posts)That means that we'll have another 13 or so periods where potential processing power will double (240 months/18 months). That means that potential processing power will be about 8192 times greater than it is today. All that means is that AES 256 could potentially be cracked within a few millenia rather than a few million years using some of the best technology of the day. Using conventional computing methods, we are extremely far away from breaking AES 256. Now, if we see some breakthroughs in Quantum Computing in the next few decades, machines like that might come quite a bit closer.
VanillaRhapsody
(21,115 posts)you cannot even grok what it will be and Moore's Law is no judge. Just ask the folks that sold the framework for Windows to Bill Gates. Who could have guessed?
EOTE
(13,409 posts)Moore's Law has recently been proven to be too optimistic, processors haven't been keeping pace. Again, barring some massive quantum leap in processing power (such as large scale quantum computing), AES 256 won't be crackable for a very long time. As it stands, no one needs to worry about the NSA accessing their documents if they're encrypted using AES 256.
VanillaRhapsody
(21,115 posts)Remember I told you so!
Aerows
(39,961 posts)I doubt any of us will be on this message board when it happens.
VanillaRhapsody
(21,115 posts)so ...you never know...
Aerows
(39,961 posts)It will be here long after I am not. I was here when I got an upgrade for my 2400 baud modem to a 14400 and thought I was godlike.
Logical
(22,457 posts)was in heaven.
Aerows
(39,961 posts)when Katrina blew in and destroyed all the infrastructure for months, it was a wake up call. I have a back up for back ups, these days.
Logical
(22,457 posts)Aerows
(39,961 posts)in every way possible about how horrible it was, but it taught me some things.
And I *still* wouldn't want to go through it despite what it taught me because it sucked ass for weeks on end. I was thrilled when I got my first taste of Taco Bell 5 months after the storm hit, and I still had to go 30 miles to get it. That's how bad it sucked.
When you realize how damn much you love milk, can't get it except in tiny quantities, that's pretty much when you know how bad it sucked.
When you celebrate that you can finally flush a toilet? It's like Christmas and you run around flushing all of them just because YOU CAN. That's how you know it sucked.
Logical
(22,457 posts)and have never lost it. I can imagine how eye opening it must be.
Aerows
(39,961 posts)and flushing a toilet for granted -ever- again.
But I'm also steel-spined enough to actually ride out a disaster, all that comes with it and rebuild, while bitching about it incessantly.
VanillaRhapsody
(21,115 posts)900 baud in fact...I was one of damn few females with the hobby back then....
could we even think then that such powerful computer processors would be in the very pockets of most people as they are now?
Logical
(22,457 posts)Logical
(22,457 posts)does that mean?
Aerows
(39,961 posts)I didn't take too much time trying to figure it out, but if you get an answer that is intelligible, let me know LOL.
Aerows
(39,961 posts)Gravitycollapse
(8,155 posts)http://en.wikipedia.org/wiki/Brute-force_attack#Theoretical_limits
Aerows
(39,961 posts)Would definitely take many more times that amount, because it doesn't take into account necessary maintenance of the machine, downtime due to excessive heat, and backup to store the keys that were non-functional while the machine was down for necessary maintenance.
I love efficient hardware probably more than is healthy, but even in the best case scenario, you have to always add at least 5% downtime/suboptimal functionality to any box on the planet at BEST. That's provided that there never is a hardware failure or a power interruption. Or that you need to move it somewhere in it's 20 year life span. Or that it's rack needs to be re adjusted. Or that it's switching interface died. Or that it got too cold one day in the server room, or too hot.
All of that shit happens.
Aerows
(39,961 posts)There are some things that it takes about 10 people to explain so that people GET IT. Particularly when they are invested in not understanding and not getting it as a function of their profession.
EOTE
(13,409 posts)AES-192 and AES-256 will remain pretty much crack proof for a rather long time to come. 2^256 is an almost incomprehensibly large number.
Recursion
(56,582 posts)And you still are talking about maybe 1/3rd of the keyspace
EOTE
(13,409 posts)Recursion
(56,582 posts)That would be cool, though.
Egnever
(21,506 posts)We don't even know how big the universe is let alone how many atoms in it.
" target="_blank">
Aerows
(39,961 posts)that we occupy a tiny place in the heavens."
Recursion
(56,582 posts)riqster
(13,986 posts)It's just a matter of time.
EOTE
(13,409 posts)All of the worlds computers could be working in concert and it would STILL take thousands of years to crack AES-256. So, for all intents and purposes, it IS uncrackable.
Aerows
(39,961 posts)is rather relative. If there is no back door to AES-256 encryption, which is highly unlikely but could be possible as a very long shot, breaking it even with GPU's, which far eclipse CPU's in parallel processing necessary to brute force a key, you are looking at maybe your children's children getting it. And that's with intelligent algorithms and Moore's law on GPU's.
longship
(40,416 posts)The mathematics is well known and actually kind of simple.
It depends on mathematical functions that are one way, lacking an analytical solution to the inverse function except for exhaustive search.
If the key space is large enough there is not enough computer resources on the planet to crack the code in any reasonable amount of time.
Since the mathematics is fairly simple, usually depending on the product of very large prime numbers -- finding prime factors is not analytically solvable, the algorithms are fairly simple as well. The security is inherent because the functions are designed to be one way trap doors.
Many encryption programs are released in open source which cannot credibly be claimed has back doors. If there were the hundreds of programmers all over the world working on these programs would be aware of it. If you believe there are back doors, get the source code yourself and point it out.
And No! Strong encryption -- available on any home computer -- is not crackable either. So, it's secure.
Aerows
(39,961 posts)has searched for one, and as I said, it's a very long shot. I should have said to the nearest black hole long shot.
I've inspected and compiled the source, and like you, I know there isn't. I always leave the door open for the possible, no matter how out of this world improbable it is.
Practically speaking, though, I agree.
longship
(40,416 posts)It would be easier to find security holes in the protocols than sneak in a back door. But as you point out, CS majors and such are ever tightening up those protocols and eliminating those holes.
In short, I am pretty damned sure that strong encryption is fairly impervious to systematic attacks. The math isn't that complex; it's number theory after all. (Integer arithmetic, for those who don't know.) It works because things like factoring very large numbers has no analytic solution.
Aerows
(39,961 posts)If it could have been done, it would have been done long ago, and protocol exploits to get to the machine data storehouse that has the clear data is far easier than cracking it once it gets anywhere.
DanTex
(20,709 posts)It's true that there is currently no efficient factoring algorithm, and it is probably true that there will never be one, at least until quantum computers become workable.
However, there is no proof that factoring can't be solved efficiently. The only "proof" is that people have been trying to find an algorithm for ages and haven't been able to. Then again, people have also been trying for ages to prove that factoring can't be solved efficiently, and they haven't been able to do that either.
Still, I agree with you. For practical purposes, public key encryption is unbreakable.
longship
(40,416 posts)But as you point out, there's no reason to expect that such a reverse solution exists. And that's exactly why these particular algorithms are chosen for implementing the trap door.
But I stand corrected. You are of course correct.
I grovel at your feet and beg forgiveness.
DanTex
(20,709 posts)longship
(40,416 posts)But as a former math teacher I understand people's resistance. I dumb things down a bit to make it easier while still getting the point across.
But sometimes pedantry is called for. It certainly isn't objectionable.
Aerows
(39,961 posts)Response to DanTex (Reply #123)
Aerows This message was self-deleted by its author.
Aerows
(39,961 posts)The!quick@brown#fox$jumps%over^the&lazy*dog(
Easiest sentence in the world to remember, as are the spacers. You just have to know what those spacers are and that sentence is.
greiner3
(5,214 posts)" 1. The Phaistos Disk is considered the most important example of hieroglyphic inscription from Crete. Discovered in 1903, both sides of the clay disc are covered with hieroglyphs arranged in a spiral zone, impressed on the clay when it was damp. Forty five different types of signs have been distinguished, of which a few can be identified with the hieroglyphs in use in the Proto- palatial period.
2. Linear A is one of two linear scripts used in ancient Crete discovered and named by Arthur Evans. Linear B was deciphered in 1952 by Michael Ventris and was used to write Mycenaean Greek. Linear A is partially understood but parts of it produce works unrelated to any known language.
3. Kryptos is a sculpture by the American artist James Sanborn, located on the grounds of the Central Intelligence Agency in Langley, Virginia. Since its dedication in 1990, there has been much speculation about the meaning of the encrypted messages it bears.
4. Chinese Gold Bar Cipher. In 1933, seven gold bars allegedly issued to a General Wang in Shanghai, China. These gold bars, which contain pictures, Chinese writing, some form of script writing, and cryptograms in Latin letters, appear to represent metal certificates related to a bank deposit with a U.S. Bank and the Chinese writing has been translated, and discusses a transaction in excess of $300,000,000."
http://www.telegraph.co.uk/news/newstopics/howaboutthat/8293375/Top-10-uncracked-codes.html
Alan Turing allegedly built the first computer in order to break the German's code used in WWII recently made famous in the movie U-571.
If the Germans had not been so methodical, the code may never have been broken, but hooray for our side, there was this one lapse of anal retentiveness.
Logical
(22,457 posts)Recursion
(56,582 posts)Some people think it's just complete gibberish written by a quack to impress his patients.
Aerows
(39,961 posts)in history. But typically, when people go to extremes to ensure data, it usually has high-value.
At this point, anyone claiming that Snowden does not possess high-value data is an idiot, naive, or both.
Xithras
(16,191 posts)A dictionary attack using all known words in common languages, including all possible spelling variations (including l33t), word combinations, capitalization variations, injected numbers, potential reversals, etc., etc., will break 95% of encrypted documents using a key count in the tens of billions. That still sounds like an incredibly large number, but the NSA has the equipment to crack that relatively quickly.
256-bit AES is only "uncrackable" if your password looks like this:
6D4;502e44412e33694@3a445d752G53225c2^7e3821274a4E5d5e7d70+
A typical password, created by a user trying to come up with something "complicated, will look like this:
"E$t@c0ntRa$eñA3smVyD|fí<il"
("this password is very hard", in a foreign language, using random casing and character replacement).
Most people want passwords that they can remember, which typically means words, names, or numbers that have meaning to them. This narrows the keyspace to a more manageable subset of possible keys. That first password could take a hundred million years to crack. I'd be shocked if it took the NSA two days to crack the second.
The weakness in AES isn't the technology, but the humans who use it.
Aerows
(39,961 posts)make things easier, but there are ways of making it a hell of a lot harder. Just one salt can make a difference. Distributing the salt throughout the pw with a pattern only known to a few can make it worse - it becomes easy to know the password, but without the correct salt, hard to break. It seems naive that Snowden and company wouldn't know this.
Xithras
(16,191 posts)IF the user bothers to actually use it and generate a useful salt. In my experience, most don't.
Most security problems can be directly attributed to user laziness. Encryption is no different.
And even when the user is paying attention, there's always the rubber hose method.
Aerows
(39,961 posts)We are talking about people that probably gave a great deal of thought to it, considering who they work for. And then left for Russia so they can't be rubber hosed.
EOTE
(13,409 posts)But let's assume he chose a 256 bit encryption key that's solely comprised of commonly used words and phrases. Well then, maybe all of the world's computers working in concert would be able to find the encryption key within a hundred or so years instead of millions.
Aerows
(39,961 posts)in that you distribute, say, a number within a few characters of the password on an ultra-long. You not only have to know the password, you have a salt, too. That's about as easy to remember as tying your shoes if it is something like a birthday distributed, say, over every 3 characters of a bunch of easy words to remember to separate them.
Johnny1Likes2granny3smith4apples5to6go7with8his9pancakes
Hard to remember? Not really. Hard to brute-force? Incredibly.
Leopolds Ghost
(12,875 posts)Recursion
(56,582 posts)with no indication of success or failure except whether or not the final decryption makes sense. So you're (conceivably) shrinking the keyspace at the cost of greatly increasing the time per trial.
Though this gets somewhat into the weeds of what particular system he's using.
Aerows
(39,961 posts)but really what is the reality of what strong encryption is about. You can decrypt, and still have gibberish because there are layers of encryption. It's like the old Russian eggs with an egg holding a smaller egg, holding yet another smaller egg until you get to the real thing.
And it's not really in the weeds. It's causing more time to be used to decrypt. Reverse engineering to rebuild data blocks would be so ugly that it is more time consuming than pure decrypting, but then decrypting becomes worse than just finding the person, beating the hell out of them and getting the keys.
It's truly no surprise why Snowden fled and why they want to get their hands on him personally.
Recursion
(56,582 posts)With a good block cypher and a long enough key we're talking "more combinations than there are atoms in the universe" kind of stuff.
riqster
(13,986 posts)Indeed, the chances of getting anywhere near the theoretical maximum before cracking the cipher are remote.
The theory says it'll take forever. But redo life is different.
Recursion
(56,582 posts)At 1,000,000 attempts per second, each having 2^-256 p of success, my cocktail napkin calculation tells me E(t) for hitting the correct key is several trillion years.
Aerows
(39,961 posts)and rainbow tables. Even with those you are looking at 100 years.
Erose999
(5,624 posts)EOTE
(13,409 posts)Your chances are a good deal better of winning Powerball a good 30 or so times in a row, but it could happen.
hueymahl
(2,495 posts)It's hard for most folks (myself included), to comprehend numbers this large. One of the reasons lotteries make so much money, but I digress.
Your examples are spot on. Thanks.
EOTE
(13,409 posts)I have a very hard time comprehending numbers of that size as well. I just know that numbers like that are several orders of magnitude beyond the point where my head begins to spin. There are really no practical applications for numbers of that size unless you are speaking of encryption keys or in terms of the total number of particles in the universe.
creeksneakers2
(7,473 posts)if they know what they are looking for? They could use common terms from the documents. Maybe some of them even have letterhead.
Aerows
(39,961 posts)to use passwords found in the documents. No one with any sense would. They would just do a long string sentence broken up with symbols and numbers so that it is easy to remember, but hard to crack.
Recursion
(56,582 posts)There's no partial decryption of a modern block cipher; every part of the document is mixed in with every other part.
Aerows
(39,961 posts)it's a pretty impossible task.
railsback
(1,881 posts)Yet people STILL believe him.
Aerows
(39,961 posts)he is dealing with encryption at amateur levels, I suggest that you are probably not as aware of how encryption works as many are. It's nice to try to play him as an idiot, though. It helps everyone sort out them very easily. .
railsback
(1,881 posts)Ever see the size of a D-Wave and the amount of space it needs to keep cool?
Yes, certainly is amateur hour.
Aerows
(39,961 posts)... really amateur hour. Railsback, you are playing in the wrong schoolyard if you think that is going to convince and sway.
Truly, hon. Try harder, though.
It is entertaining.
railsback
(1,881 posts)Why not just say so instead of looking ridiculous?
Aerows
(39,961 posts)I have done so many times over. But I think you have failed, and are grasping on every single shred of illusion to keep from drowning in ridicule.
Nothing will save you from yourself, after all, since you realize you don't really know what you are claiming you know. That's where it starts and where it ends.
Once you get over that, you put on the big boy/girl pants and start being a real IT professional.
railsback
(1,881 posts)Tom Brady is a professional quarterback. So is Tim Tebow. One is brilliant, one sucks bad but both are professional quarterbacks. I deal with corporate 'pro' graphic designers who don't even know how to use channels in PS. They, too, toot their own horns. Believe me, its a common problem.
Aerows
(39,961 posts)Aerows
(39,961 posts)oh wait. He sucks so bad as a quarterback, they would use a high school student. Why doesn't he just play tight end, a position he would be good at? Oh wait. Egotistical to the point of detriment of his team by not playing in a position that he would be good at.
Spider Jerusalem
(21,786 posts)or rather, they can't do it in any kind of reasonable time.
http://en.wikipedia.org/wiki/Brute-force_attack#Theoretical_limits
Recursion
(56,582 posts)(Those are what I use, personally)
formercia
(18,479 posts)Thinkingabout
(30,058 posts)Able to break the code. It has probably furnished the key information from what the data was to what it is now, it would be easy to break the code. Again GG tried to play with the big boys and again he has been played. Someone needs,to put up the money for him and his gang to go to basic spy school, maybe then he will not be caught making dumb statements like this one. Mark another untruth up to GG, integrity down even more.
Recursion
(56,582 posts)It's good stuff, that.
Aerows
(39,961 posts)for encryption done before the acquisition of the documents. After the fact, it's not in the hands of the NSA anymore.
Thinkingabout
(30,058 posts)Know the files he stole, they will break the code using both the encrypted and the files and then they will have the code they need for future reference.
Aerows
(39,961 posts)Then I realized that they have no clue, because getting in front of this story didn't work. Now they are doing a disinformation campaign (hiring Cass Sunstein) and having the UK try to pass information off to the Independent in hope that they report erroneous things to shield the GCHQ. They can shout - Bad data! must be wrong!
Truth is, the trust has been shattered, and trying to generate more false information is going to end with all agencies involved look like liars and untrustworthy mouthpieces to the government than they already do. It's going to harm the newspapers. How long before they get tired of not making a profit because they are no longer credible due to being force fed erroneous information?
Oh, I'm sorry, my friend, but this genie is very much out of the lamp, and shoving toothpaste back in the tube has never worked very well.
Thinkingabout
(30,058 posts)It does not surprise me we are not seeing frequent news articles written. They are in the security business and nit the news reporting business. I don't know why it is important to put the toothpaste back in the tube which came out in 2005. The NSA should just sit back and let GG and his cronies do whatever they choose and continue to do the work needed by the NSA. All the reporting has not convinced me there is a problem except for some to make a mountain out of an ant hill.
Aerows
(39,961 posts)The three news conferences by the President, and all the other ones attempting to placate the American public that they aren't being spied upon.
Each time, their talking points have been decimated as blatant untruths. That's why I know they really don't know.
Funny you should mention a mountain and an ant hill, when it is usually a mountain and a mole hill.
This really is a Mountain of an fire-ant hill, and a lot of people have tried sitting on it to make it stop.
Thinkingabout
(30,058 posts)Than a mole hill, just to put a more proper perspective on this situation.
Aerows
(39,961 posts)smaller, but one hell of a lot worse. You must not be from the US.
Thinkingabout
(30,058 posts)Smaller?
Aerows
(39,961 posts)Not the US.
Thinkingabout
(30,058 posts)Fire ant hills are large and go very deep.
Aerows
(39,961 posts)Thinkingabout
(30,058 posts)Aerows
(39,961 posts)Thinkingabout
(30,058 posts)Aerows
(39,961 posts)We could be neighbors and friends.
Jamastiene
(38,187 posts)Red imported fire ant hills aren't very tall on the surface, but go deep into the ground.
Also, I would advise anyone not to try to sit on one, or even stand on one. I stood near one for too long and learned I can strip nekked in the yard and put an ice cube directly on my skin and still feel like I was on fire with the fires of hell, lol.
Red imported fire ants don't play. They mean business when they bite and sting, which is what they do. They bite first to hold on, then sting and hang on so they can continue to pump venom as long as it takes to make you know you got to close to their colony. They are vicious little shits. I have zillions of them in the yard.
P.S. Thank you for this informative sub-thread. I have learned a lot reading it. There is still a lot I don't know, but wow, this thread was great reading.
Aerows
(39,961 posts)Where are you, my dear? Refresh my memory... I'm sorry, I knew where you live, but I can't remember.
Jamastiene
(38,187 posts)Our red imported fire ant hills aren't quite that tall. Of course, we do have a local, native fire ant, plus the red imported fire ants here. I've seen pictures of them that are different out west though, more like in your picture. They seem to be a bit more entrenched out west and their mound structures are different too.
Aerows
(39,961 posts)where they just form up in balls and float to sting you if there is a flood.
Jamastiene
(38,187 posts)I've seen videos of how they will form little rafts with their bodies to keep their queen and young safe during floods. They are amazing little ants, if you can find a way to observe them without pissing them off at you. You'll catch hell from them if you get too close and they sense you staring too long.
I'm in that little strip of NC that has what they call ultisols, aka red clay. That stuff is sloshy and icky red when it is wet and turns really really hard almost like concrete when it is dry.
https://en.wikipedia.org/wiki/Ultisols
I'm surprised the fire ants can manage to build anything in that stuff, but parts of the Deep South has a lot of ultisols too, doesn't it?
Aerows
(39,961 posts)You don't really have much clay here. Jacksonville, FL had more clay than we do. It's a very odd geological situation where I am. We are on high ground, but less than a mile from the Gulf.
Jamastiene
(38,187 posts)I hope you are well outside of the flood plain, but y'all have the worst hurricanes too. Our hurricanes in NC have been sparse the last few years. Most of them have headed to the Gulf. The flood from just rain has been higher than usual in NC this year. I live near a deep pond, but I am on high ground, outside of the flood plain. Still, when it rains, my front yard looks a little like this:
It is not quite that bad now, because I have been working with it, trying to get centipede grass there to cut down on the slushy mess and erosion. It's much better now than it was, but still a slushy mess when it rains.
That could be one reason the fire ants here build lower to the ground. Another reason is that bedrock is only a few inches down, according to one guy who does work for me here. He knows about that stuff and says he hit pure bedrock very close to the surface. The fire ants have the clay and that to deal with.
I tried to plant an azalea here and it bent my spade. I was so proud. I had oiled the handle of that spade and used it for more than 20 years with no problems. I had grown up with crappy gardening tools that had been left outside and not treated. So, it was my first spade that my own. It was just my size, a little shorter than the usual length spade.
P.S. That picture is from the Wiki page on ultisols (red clay), not my actual front yard. It's just an example of how that stuff looks when it rains. I wanted to make that a little clearer. This is the page I got it from:
https://en.wikipedia.org/wiki/Ultisols
Aerows
(39,961 posts)But we pretty much were without electricity, huddled together in bathtubs with our cats and thankful to be alive.
I'm serious. It was that bad. I don't ever want to be in the bathtub with my cat, hearing the walls BREATHE like they would implode, praying we would survive.
The eye passed over my geographic location. I was scared shitless, and I am unashamed to say so. Have a hurricane of that magnitude pass over your house, while you have your pets huddled in the safest place in your home while you feel the walls contract and expand and see if it isn't nearly a religious experience.
I survived no electricity for a month, and no water for 6 weeks. And I was thankful that I was alive and so were my family members and pets.
Aerows
(39,961 posts)Snowden, *her* husband? Uh, what? Surely you didn't mean to slur Snowden in such a homophobic manner with this post. *Her* Husband?
Greenwald is a male. Snowden is a male. Greenwald's husband is a male. Who in the hell are you talking about/what are you talking about?
Thinkingabout
(30,058 posts)Unintended error, it happens.
Aerows
(39,961 posts)I see "he" "her" but not "her husband".
Thinkingabout
(30,058 posts)Tierra_y_Libertad
(50,414 posts)Thinkingabout
(30,058 posts)hootinholler
(26,449 posts)Tierra_y_Libertad
(50,414 posts)I guess it would be embarrassing to let people see grammatical errors and bad punctuation on Ultra Top Secret Eyes Only files.
Aerows
(39,961 posts)and the true panic is the fact that they have no idea what he has. That way, they can't get out in front of the story, which is what has repeatedly messed them up during this. That's also why slow release has been so effective - authorities say one thing, a week later he proves that they've lied.
I'd make CERTAIN to wad up extraneous data in the middle of it, just to keep them guessing and to make sure reverse engineering isn't possible. Kind of like wrapping individual balls of items as you ship them so that they don't get broken, and it's impossible to know where the actual item starts and the padding ends.
Leopolds Ghost
(12,875 posts)For "greymail" purposes.
Aerows
(39,961 posts)easy to understand.
Leopolds Ghost
(12,875 posts)But there are ways of doing video conferencing over secure encrypted connection which means that he could just send each other the files over the same protocol, e.g. xmpp. Based on what has been reported in the paper, Snowden's worry is "man in the middle" (MITM) attacks. However having a trusted go-between eliminates those attacks if they already share an unhacked key that they can encode the key signatures in.
I only learned about this stuff recently because I've always been concerned about the issue since an activist group I'm familiar with IRL has been fighting this sort of thing tooth and nail. Well, that and I was one of the lone nuts harping about the issue on DU years ago...
...aaand... now I'm probably on a watchlist.
NYC_SKP
(68,644 posts)Leopolds Ghost
(12,875 posts)Aerows
(39,961 posts)I would have made sure to put extraneous data within the encrypted file to obscure file sizes. That also makes reverse engineering attacks impossible if the extraneous data is peppered widely enough through the "meat" of the data.
Tierra_y_Libertad
(50,414 posts)Aerows
(39,961 posts)you can do it twenty different ways with the same encryption key, and no matter how it is released, without the key it is useless because you don't know what is real data, what isn't and there is no way to do a comparison with data even if you knew to the letter what he took.
Which I was thinking they did, but now? I'm pretty sure they have no idea if he covered his tracks well enough. Hell, a single backup tape duplicated, then placed right back would be enough to throw a monkey wrench into assessments of what he has in his possession.
Aerows
(39,961 posts)so they can get in front of the story and have a plausible explanation. So far, every time they have told a lie, it has been countered.
We haven't seen much, because I think they have figured out that they don't know what he has, and now they are trying to plant stories. See the one by the Independent, and Snowden swiftly stated they had nothing from him.
hootinholler
(26,449 posts)and then sank like a rock?
Yeah.
Personally I think I'm going to start carrying a thumb with a tarball of lolcat images encrypted.
Maybe I'll hire a server in Oz to send encrypted copies of 4chan images flying around the intertubes bouncing them off of other servers.
It's like we need the opposite of a DDOS attack and more like a clog the pipe with encrypted lolcats attack.
Aerows
(39,961 posts)And I think that is what they are doing.
Vanje
(9,766 posts)Luminous Animal
(27,310 posts)Warren Stupidity
(48,181 posts)Blue Owl
(50,349 posts)n/t
Rex
(65,616 posts)Unless the govt has a time machine.
Rstrstx
(1,399 posts)They're probably trying to find that instead of figuring it out themselves. Whether on someone's computer or written on a sheet of paper or in a vault it's out there
And it sure sounds like he just admitted that Miranda was indeed transporting something more serious than video games or vacation pictures
Rex
(65,616 posts)True you have a billion in one chance of finding the key, as compared to a trillion in one of ever breaking the code.
Rstrstx
(1,399 posts)Cracking the code by brute force is wayyyyy smaller, more like one in a Brazilian. But finding the key, well they probably have some idea of where to start looking. Still long odds, but I'm not sure they are willing to waste the time given that they already have anything that would ever be on those drives
Aerows
(39,961 posts)Rubber Hose Cryptanalysis.
http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
Rex
(65,616 posts)then that helps. The way they were doing such a shitty job in outsourcing, makes me wonder if they maybe don't know the full extent of what is stolen. The hair on fire response of firing 90% of their sysadmins doesn't sound very encouraging that they do. The fact that they are right back with dealing with Booz Allen makes me think they don't really care. Guess they will get some kind of TARP deal from Obama.
and the shitty job they did THREE times proves it.
Ohio Joe
(21,752 posts)Ignorance, arrogance or stupidity?
Edit - I kant speel.
tridim
(45,358 posts)Your scam is over Glenn.
Aerows
(39,961 posts)I'd be worried about a backup job that failed ostensibly, then was restarted. Job failures do happen, it's the nature of the beast. That's where I would find a goldmine that didn't get traced to me, personally, only the backup operator.
That's why I would have them hanging wondering what in the hell I had ( and more importantly, how I got it), because sometimes it isn't easy to determine what failed, why, and how much you can recover, if any. You can't get out in front of a story if you don't know the ammo that another entity has. You can go on TV and declare "I didn't sleep with that woman" and out pops a dress with your semen on it. You can declare that you aren't spying on Americans, out pops documents that prove it covers at the least 75% of all domestic communications. Out pops a warrant signed by a court that ostensibly states that you can legally dump everyone on Verizon's business communication networks traffic.
It proves that the government is full of bullshit, and that they can't be trusted. Once their credibility is eroded, you release the big ol' bomb.
That is the danger the NSA feels is facing them, and I wouldn't doubt it. It could also be detrimental to the US, but only because policy put in place has been detrimental. Unfortunately, shit rolls down hill, and the 99% are the ones that usually face the shit.
backscatter712
(26,355 posts)Using modern algorithms, on basic open source software, you can encrypt your data so that all the supercomputers in Fort Meade can't crack them.
I have a bachelor's in computer science, and I've seen the math personally, so I can vouch for the strength of modern crypto.
Puzzledtraveller
(5,937 posts)I wish I knew more about that sort of thing. My interest was piqued oddly enough reading about the Zodiac killer and his unsolved ciphers, particularly z340. I know I'm butchering this but it was said that it would many computers hundreds of years constantly operating to crack it. I recently grabbed some books on codes and code breaking but not in the computer age. I can only imagine just how complex and unsolvable some encryption can be these days.
Aerows
(39,961 posts)backscatter712
(26,355 posts)Dustlawyer
(10,495 posts)Are they NSA guys trying to influence us? Why would they attack the leaking of such important information letting us know our government has been spying on us? Is it b/c Greenwald is a lawyer, a reporter? This story is so much bigger than these 2 men responsible for letting us know our government has been lying and spying on us in violation of our Constitution! It's like they cannot wait for these guys to be arrested and stand for their "show trial!" Crazy!
Thanks Snowden and Greenwald! I for one don't care about the BS being floated about them personally. I want what they revealed to stop, but now I cannot EVER be sure it did. The info is too valuable for them to ever stop spying, regardless of what they say!
truth2power
(8,219 posts)and everyone he's ever known?
Authoritarian mindset, maybe. Or...NSA guys.
Vanje
(9,766 posts)Their posts, argument style, use of facts, evidence and prose, don't seem like the product of very clever minds.
Most all of them seem to be playing the part of Dim-wits.
NealK
(1,864 posts)Well there's one spewing nonsense that seems to be proud to play the part of a Dim-wit, so much so that the first syllable of the word Dimwit is part of their DU name:
http://www.democraticunderground.com/10023536344#post33
truth2power
(8,219 posts)Don't let the bastards get you down. Glenn!
AngryAmish
(25,704 posts)DisgustipatedinCA
(12,530 posts)Leopolds Ghost
(12,875 posts)War Horse
(931 posts)"the US and its closest allies are trying to build a surveillance system that has as its primary objective the elimination of privacy globally"
Such hyperbole is going to turn away lots of people who may otherwise have been more than willing to listen.
madrchsod
(58,162 posts)because greenwald is in it for the fame and fortune.
he has to stay in the picture otherwise he`ll be forgotten just like snowden is.
War Horse
(931 posts)That's debatable.
But you make a good point. Leaking in parts to stay relevant.
Aerows
(39,961 posts)I think some of you guys just freak out because you don't understand technology, and you pretty much think nobody else does either.
You are free to rant from your corner of insecurity, but I assure you that there are many that DO understand and how it will impact you. We illustrate how your rights can be destroyed or confiscated, and we stand up for that with regard to information rights.
We don't even need you to thank us. We do it because it is the right thing to do.
deurbano
(2,894 posts)and monitored by the US government."
If you read the whole statement, I don't think it's sounds particularly hyperbolic, given what we already know.
That doesn't mean someone will actually be reading, watching or listening to all of it (which wouldn't be possible). And it doesn't mean the communications will be stored forever, either (I assume).
Full quote:
"I think this will be the time the world realizes that the US and its closest allies are trying to build a surveillance system that has as its primary objective the elimination of privacy globally, by which I mean that everyones communications electronically will be collected, stored, analyzed and monitored by the US government. "
Whisp
(24,096 posts)and Glenn knows that, the gulls, not so much.
nadinbrzezinski
(154,021 posts)That people know this is confirmation over what has been suspected around the world.
I am sorry you can't conceive of it
madrchsod
(58,162 posts)i guess greenwald has to say something shocking to stay in the news.
by the way ...when is he coming back to the usa?
saidsimplesimon
(7,888 posts)luminous, what's with the script that appears below your link to truth out?
"I won't rest until there is a L(l)ibertarian boogyman under every DUer's bed."
I've dumped all things Microsoft, Google, and Facebook. If Verizon, or ATT were my provider, they would receive my cancellation notice. Who wants to pay any company to collect and share personal information?
saidsimplesimon
(7,888 posts)luminous, what's with the script that appears below your link to truth out?
"I won't rest until there is a L(l)ibertarian boogyman under every DUer's bed."
I've dumped all things Microsoft, Google, and Facebook. If Verizon, or ATT were my provider, they would receive my cancellation notice. Who wants to pay any company to collect and share personal information?
arcane1
(38,613 posts)That's the one most confusing thing about this whole saga.
Aerows
(39,961 posts)to know what they have. If the various ones did, they would go on television and lie. In fact, they have. But since they have no idea what Snowden has, each time they have gone on television and lied, they have been called out as liars. That erodes the credibility of the spy agencies, and any public official speaking on behalf of them, as well it should.
That's what has them in knots. They don't know what they can lie about and can't, because the second they lie, he releases something. Which, they kind of deserve for lying to the very people that work to elect them.
arcane1
(38,613 posts)It made sense when documents and slides were being released and published, but I don't see the point of keeping the rest of it a secret.
Aerows
(39,961 posts)so that no one is put in danger. And otherwise, they get their kicks on watching politicians and the agencies squirm.
I don't begrudge them that at all, since politicians and government officials have told so many lies to the American public and discredited so many whistleblowers that told the truth.
arcane1
(38,613 posts)Recursion
(56,582 posts)Sounds kind of immature and sadistic to me, personally.
Aerows
(39,961 posts)I have proof that they lied to me, even though I just suspected they lied to me before, yes, I get a kick knowing that I have confirmation that I'm not an idiot for thinking my government lied to me. I KNOW they did.
I have CONFIRMATION that they did.
Now, ask yourself why that might be important information for a citizen in a Democratic society.
Recursion
(56,582 posts)Aerows
(39,961 posts)Recursion
(56,582 posts)Some people's job is to lie, some of the time, so I'm definitely sure there have been lies told.
Aerows
(39,961 posts)Luminous Animal
(27,310 posts)their reporting.
There is more to come.
Aerows
(39,961 posts)and they aren't going to give government a way to get out in front of the story so that they can create plausible lies.
I look forward to the next revelation, because it is going to show yet another pack of lies we have been told. The American people are strong, resilient and robust - but we hate lies and being lied to. That's what the agencies know, and why they are tied up in knots with these revelations.
Recursion
(56,582 posts)Awesome.
saidsimplesimon
(7,888 posts)luminous, what's with the script that appears below your link to truth out?
"I won't rest until there is a L(l)ibertarian boogyman under every DUer's bed."
I've dumped all things Microsoft, Google, and Facebook. If Verizon, or ATT were my provider, they would receive my cancellation notice. Who wants to pay any company to collect and share personal information?
Aerows
(39,961 posts)But when the government does it, and they can imprison you for life, it's entirely different.
In case you couldn't differentiate between the two.
blackspade
(10,056 posts)I hope they end up watching episodes of My Little Pony.
It would serve the NSA right if they wasted all their time for a kids cartoon.
Response to Luminous Animal (Original post)
DevonRex This message was self-deleted by its author.
Zorra
(27,670 posts)Ed Snowden says hi!
Have a nice day, thank you for playing.
Aerows
(39,961 posts)I'd use it to make the data untraceable by size and content.
That's just me, though.
Leopolds Ghost
(12,875 posts)I mean, that would make sense if both parties in question were not already known...? From a spy-vs-spy perspective, that is.
If both parties are not worried about calling attention to their location and the fact that they are in communication with each other, why not just use the same strong encryption to send each other the data directly? Using a non-web protocol? In my limited understanding, but the go-between only has to exchange public key signatures, which they should be able to pass on by other means.
jmowreader
(50,553 posts)Eventually Greenwald is going to give the key to someone. On the internet, nothing remains secret long; eventually someone will put the key on his Facebook page, and someone who is sick of Greenwald's shit will e-mail it to the NSA.
Leopolds Ghost
(12,875 posts)Aerows
(39,961 posts)Rubber hose is far easier than cracking a key of this nature.
You can state, confidently, that they know, but it is clearer than crystal to everyone that is familiar with this technology why and that they don't. That's why he's in Russia. That's why they are desperate to get him back in the US.
Aerows
(39,961 posts)Physical access to the data stands up to no security measure. Physical access to people knowing the keys only stands up as long as they are tortured.
Why do you think they want their hands on Snowden so badly? He had physical access. Help me other DUers that know about server rooms and securing information to explain this.
I'm trying to think up an analogy, but I have things to do today and haven't arrived at one, yet.
Puzzledtraveller
(5,937 posts)SidDithers
(44,228 posts)don't need any code-breaking, when you carry the encryption key on a piece of paper.
Sid
Andy823
(11,495 posts)dkf
(37,305 posts)@ggreenwald: @MichaelKelleyBI Good encryption requires multiple passwords, not just one. That pw allows no access to documents, period.