Slashdot Mirror


User: cold+fjord

cold+fjord's activity in the archive.

Stories
0
Comments
8,503
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,503

  1. Re:Another view on teh RSA / NSA thing... on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 0, Flamebait

    Now change that one word to from "known" to "unknown". Did they deny that?

    I can play that game too. Change that one word from "known" to "fried chicken recipe." Did they deny that?

  2. Re:YES! on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 0

    I had hoped that Slashdot had mainly passed beyond the "nutter" phase after the "truthers" have mainly cleared out. Apparently that was over optimistic.

  3. Re:How long until someone cracks the backdoor key? on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 2

    I suggest anyone interested in this controversy read the following:

    How a Crypto ‘Backdoor’ Pitted the Tech World Against the NSA

    Although this is in regard to GCHQ, it probably applies to NSA as well: ‘We Can Trust GCHQ On Encryption’

  4. Re:More interesting facts on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 2

    The DES case is well understood

    The DES case is well understood NOW. DES was at the subject of conspiracy theories, suspicion, and fear for nearly 20 years, just in the same way that this controversy is likely to go.

    The ironic thing about the DES controversy is that it was secretly stronger than many people knew, not weaker, and there are people that adopted other far weaker encryption schemes out of fear and suspicion rather than use DES. The secret techniques that DES was hardened against made cracking many of those other encryption much easier. I wonder how many secrets were lost because people went to those other encryption methods that were vulnerable to the secret cryptanalysis techniques that DES was immune to?

    Here is a though provoking piece for you: ‘We Can Trust GCHQ On Encryption’

  5. Re:More interesting facts on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 1, Interesting

    You exaggerate things, which is consistent with much of the discussion on this. I suggest reading the whole article at the link.

    How a Crypto ‘Backdoor’ Pitted the Tech World Against the NSA

    Jon Callas, the CTO of Silent Circle, whose company offers encrypted phone communication, delivered a different rump session talk at the Crypto conference in 2007 and saw the presentation by Shumow. He says he wasn’t alarmed by it at the time and still has doubts that what was exposed was actually a backdoor, in part because the algorithm is so badly done.

    “If [NSA] spent $250 million weakening the standard and this is the best that they could do, then we have nothing to fear from them,” he says. “Because this was really ham-fisted. When you put on your conspiratorial hat about what the NSA would be doing, you would expect something more devious, Machiavellian and this thing is just laughably bad. This is Boris and Natasha sort of stuff.”

    Indeed, the Microsoft presenters themselves — who declined to comment for this article — didn’t press the backdoor theory in their talk. They didn’t mention NSA at all, and went out of their way to avoid accusing NIST of anything. “WE ARE NOT SAYING: NIST intentionally put a back door in this PRNG,” read the last slide of their deck.

    The Microsoft manager who spoke with WIRED on condition of anonymity thinks the provocative title of the 2007 presentation overstates the issue with the algorithm and is being misinterpreted — that perhaps reporters at the Times read something in a classified document showing that the NSA worked on the algorithm and pushed it through the standards process, and quickly took it as proof that the title of the 2007 talk had been right to call the weakness in the standard and algorithm a backdoor.

  6. Re:Another view on teh RSA / NSA thing... on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 1, Interesting

    It short, your reading as a lawyer doesn't produce anything helpful in furthering the claim that they deliberately weakened RSA.

    The didn't make a "non-denial." It appears to be quite explicit. I suggest following the link and reading the original.

  7. Re:More interesting facts on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: -1, Flamebait

    In short, as is the case with many conspiracy theories all you have is a collection of things that are suggestive, not definitive. You basically concede that if you implement the amended standard the crypto is good. Nobody has found any proof that a backdoor actually exists, only that it may be possible. Even if it is possible, nothing shows that NSA actually has one. The things that you've collected could support many possible theories, including the possibility that NSA only paid RSA to promote what appeared to be a highly promising crypto technology. For all that anybody actually knows the NSA could have chosen the form of the curve with the perceived potential backdoor as a spoof to entice Russia or China to waste a large compute farm trying to find the backdoor when it doesn't exist, and it could otherwise be working on something productive. There isn't any way of knowing, and Bruce Schneier has said that Snowden's leaks don't show that NSA has weakened crypto. Snowden himself said that protecting your data with cryptography still works. Somehow I doubt any of that will make it in with your "updates" to Wikipedia.

    By the way, did you hear that NSA "fiddled" with the DES standard? They made mysterious changes to the proposed S-boxes to the standard. Any idea what happened there?

  8. Re:Another view on teh RSA / NSA thing... on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 0

    Doesn't really look like a "qasi-denial."

    RSA Response to Media Claims Regarding NSA Relationship

    Recent press coverage has asserted that RSA entered into a “secret contract” with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation.

    We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security. .....

    RSA, as a security company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.

  9. Re:Amish on Dual_EC_DRBG Backdoor: a Proof of Concept · · Score: 5, Interesting

    shun anything electronic, or electric for that matter. Substinance farm and read dead-tree books for leasure.

    Spooked by NSA, Russia reverts to paper documents
    Kremlin returns to typewriters to avoid computer leaks

    Only one of the many "benefits" from the leaks, not to mention:

    Snowden revelations lead Russia to push for more spying on its own people

  10. Re:So sad .... on No Question: Snowden Was 2013's Most Influential Tech Figure · · Score: 1

    Same comment applies.

  11. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1

    Your snark is probably pretty close, except I wouldn't assume "there was no way of getting caught."

  12. Re:Bible Thumping Christians on New Study Shows One-Third of Americans Don't Believe In Evolution · · Score: 1

    If that is what you think then you apparently have no understanding Judaism or Christianity.

  13. Re:cold_fjord on UK Introduces Warrantless Detention · · Score: 1

    Public protests are fine. Lawlessness generally isn't. Can you grasp the difference?

    I find it interesting that you demand the right to protest, the right to have different opinions, for everyone but me, apparently. Do you sense how conflicted you are? Are you quite sure that you truly support democracy and democratic values? It doesn't seem clear that you do.

  14. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1

    1 in 40,000 per year, for an unacceptable but nonetheless relatively minor (in another sense) offense. Do you have any populations in mind that would have 0 misconduct?

  15. Re:More people have died on 53% More Book Banning Incidents In US Schools This Year · · Score: 2

    More people have been persecuted, hounded, ruined, tortured, burned, murdered, and just exterminated en-masse because of a book called the Bible than any other document in human history including Mein Kampf and Das Capital put together.

    Just sayin' .

    As long as your meaning is, "They were persecuted for believing in Judaism or Christianity," or for owning a Torah or Bible, very possibly.

    Beginnings of Christian Martyrdom

    In their very deaths they were made the subjects of sport: for they were covered with the hides of wild beasts, and worried to death by dogs, or nailed to crosses, or set fire to, and when the day waned, burned to serve for the evening lights. Nero offered his own garden players for the spectacle, and exhibited a Circensian game, indiscriminately mingling with the common people in the dress of a charioteer, or else standing in his chariot. For this cause a feeling of compassion arose towards the sufferers, though guilty and deserving of exemplary capital punishment, because they seemed not to be cut off for the public good, but were victims of the ferocity of one man."

    WHEN EUROPEANS WERE SLAVES

    A new study suggests that a million or more European Christians were enslaved by Muslims in North Africa between 1530 and 1780 – a far greater number than had ever been estimated before.

    League of Militant Atheists
    North Korea Ranked No. 1 for Christian Persecution
    Persecuted and forgotten: Egypt's Christians
    A Global Slaughter of Christians, but America’s Churches Stay Silent
    Christian Persecution in China Despite Supposed Religious 'Freedom'
    The Case Against the Nazis; How Hitler's Forces Planned To Destroy German Christianity

    UNDERSTANDING ANTI-SEMITISM AND ITS HISTORY

    The list is obviously much longer.

    Since someone is practically certain to object along two lines, lets dispose of them now.

    Yes, the Spanish Inquisition was terrible, it was also limited in scope.
    The Crusades were a long delayed response to Muslim invasion of the Holy Land.

  16. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1

    It's not murder, and if it's being reported it isn't a cover up. I would think the person being disciplined would be at least as interested in keeping it quiet.

  17. Re:Evolution disbelievers + book banning correlati on 53% More Book Banning Incidents In US Schools This Year · · Score: 1

    Coincidence? Not if you factor in progressive political correctness.

  18. Re:So sad .... on No Question: Snowden Was 2013's Most Influential Tech Figure · · Score: 1

    I'm sorry you feel this way. Very few people here feel that way, in fact, the only people here that feel that way you do usually work for the NSA.

    That is intellectually dishonest demagoguery.

  19. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1

    NSA offers details on 'LOVEINT' (that's spying on lovers, exes)

    In 5 of the 12 cases, the employee resigned before being disciplined. In 1 instance, the employee retired before being disciplined, and in another the worker retired before the investigation had been finalized. Half the cases were referred to the US Department of Justice (1 of those was declined by the DOJ), and in 2 other instances, records were insufficient to determine if the case had been passed on to the Justice Department. None of the workers were prosecuted.

    Being fired from a job like that has a significant permanent affect on one's career opportunities. No more security clearances, for example.

  20. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1

    Is there proof of abuse by the NSA as an institution? Even a division, or team? Rendering 39,000/40,000 as "a majority" doesn't really capture the truth of the matter, does it? I don't think the line of argument you are pursuing is a useful analysis of the situation.

  21. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 1
  22. Re:The key word is... on Former Head of NSA Calls For Obama To Reject NSA Commission Recommendations · · Score: 2

    "LOVEINT" isn't an abuse of power so much as it is an abuse of privilege by approximately 1 person of 40,000 per year. It isn't an institutional problem but rather a personal problem for a miniscule portion of the NSA's employees ~ 1 per year. That 1 person is then disciplined or fired. It has no official sanction, it is against policy and the rules, people that do it get fired.

    If you want to use that as a justification for dismantling the NSA then shall we dismantle every large city police force? I'm pretty sure most of them have at least one policeman that engages in some form of abuse on at least one occasion. That would be an interesting standard to apply to government, don't you think? One mistake by a peon in a far away state and you lose your job? Any thoughts on how that would work out in practice?

  23. Re:confusion? on UK Introduces Warrantless Detention · · Score: 1

    I think we could agree that everybody would benefit by the arrest of a few 'posh' protesters, including the 'posh' protesters.

  24. Re:Slash!dot Beta on The Biggest Tech Mishap of 2013? · · Score: 2

    taco must be turning in his grave

    Bring out your beta! Bring out your beta! Bring out your beta! Bring out your beta!
    Here's one
    9 pence
    I'm not dead!
    What?
    Nothing, here's your 9 pence.
    I'm not dead!
    'ere, he says he's not dead.
    Yes he is.
    I'm not!
    He isn't?
    Well, he will be soon, he's very ill.
    I'm getting better!

  25. Re:confusion? on UK Introduces Warrantless Detention · · Score: 1

    Were. They seem to be changing. ;)