topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday October 3, 2024, 1:00 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Kiss Encryption Goodbye... :*  (Read 23746 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #25 on: September 11, 2013, 08:44 AM »
^^ Just got through the comments. Found this:

http://www.blacklist...724/0/38/38/Y/M.html

You guessed it. More bad news.

Originals and more here:

http://www.boilingfr...mega-donors-funding/
http://www.boilingfr...oses-itself-further/
http://www.boilingfr...all-street-salaries/
http://www.boilingfr...ream-media-advisors/

EDIT: I read through those. It's so much worse. Just so much worse... I don't even want to try to explain or even think about it. Mind-bogglingly worse...
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,504
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #26 on: September 11, 2013, 09:07 AM »
The interesting part of the encryption thingy is that it affects Linux users too.  :P

GnuPG should be safe, unlike "online" encryption, right?

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,858
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #27 on: September 11, 2013, 09:11 AM »
Matthew Green is a cryptography researcher at Johns Hopkins University. His blog post On the NSA was taken down by the university, then restored, with only an image of the official NSA logo deleted, after the initial removal caused an uproar in some circles.

Green provides a useful perspective on the NSA's activities in subverting encryption, from someone who really does understand the topic, about what MAY (remember - that information is classified) have happened and what it would mean if it in fact HAS happened.



Seems like the story of The Great Wall of China all over again. All that vision, planning and effort spent bringing something into being - only to see it so easily and totally undone by a simple act of human treachery.

Hmm...Maybe Sauron really wasn't destroyed after all. Maybe he just came here and took a government job?

(With a CV like his, he'd be a shoe-in for an NSA billet.)
 :(
« Last Edit: September 11, 2013, 09:17 AM by 40hz »

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #28 on: September 12, 2013, 02:19 PM »
47 minute audio interview (Fresh Air on NPR) with Washington Post's Barton Gellman on Snowden NSA leaks.
http://www.npr.org/2...-were-the-real-thing

(found on BoingBoing)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,858
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #29 on: September 12, 2013, 03:34 PM »
^That Fresh Air interview of Gellman is definitely worth listening to in its entirety.  :Thmbsup:

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #30 on: September 12, 2013, 07:04 PM »
47 minute audio interview (Fresh Air on NPR) with Washington Post's Barton Gellman on Snowden NSA leaks.
http://www.npr.org/2...-were-the-real-thing

I listen to enough NPR on the radio in the car, and it's rarely anything other than what it is - state funded news. The highlights all seem to aim at damage control.

I do wish there were a video interview.

^That Fresh Air interview of Gellman is definitely worth listening to in its entirety.  :Thmbsup:

Hmmm... Curiouser and curiouser...
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,858
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #31 on: September 13, 2013, 04:40 AM »
47 minute audio interview (Fresh Air on NPR) with Washington Post's Barton Gellman on Snowden NSA leaks.
http://www.npr.org/2...-were-the-real-thing

I listen to enough NPR on the radio in the car, and it's rarely anything other than what it is - state funded news. The highlights all seem to aim at damage control.


That's rather funny since that's pretty much what the arch conservatives, the religious right-wingers, the political lunatic fringe and their ilk invariably say about NPR whenever it doesn't cover or tell a news story the way they think it should.
 ;D :P

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #32 on: September 13, 2013, 09:27 AM »
That's rather funny since that's pretty much what the arch conservatives, the religious right-wingers, the political lunatic fringe and their ilk invariably say about NPR whenever it doesn't cover or tell a news story the way they think it should.
 ;D :P

Hahaha!  :Thmbsup:

Well, I'm certainly not an "arch conservative".

I'm pretty darn far from being a "religious right-winger". It would be difficult to be less of that.

POLITICAL LUNATIC FRINGE! You've nailed it! YES! That's me!  8)

Let it soak in...

A bit longer...

Soaked yet? ;)

Yep. I'm not kidding. If I had my way, there would be no coercive state. I am that "political lunatic fringe" that, well, I'll skip that. (Would make for a really fun discussion though! ;D )

That being said, when I listen to NPR, I'm hyper critical.

The other thing is that the state shouldn't be covering the news. Any way they cover it is wrong, because they shouldn't be covering it at all. Even when I like a story, and even if I agree with what's being said, I can't help but wonder why are they telling people this? (I'll drop that there as it's another topic.)

But if you look at the highlights, I wasn't wrong. They're skewed. They sound like:

What they sound like to me
"But you weren't burned with cigarettes or cut with a knife and no bones were broken during the rape?"
"No, but..."
"Nothing further, your Honour. Move to dismiss."



I've not finished listening to the interview yet though. FWIW, he seems reasonable on a lot of things, and I did really like some of the things he has said so far. (I'll finish it later.)
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,858
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #33 on: September 13, 2013, 01:52 PM »
^Dunno. I thought Gellman did an admirable job of sticking to the truth as he knows it. And I'd also credit the interviewer for simply handing him a concise group of questions at one point that neatly summarized most of the nonsensical chatter that's been floating around in order to give him the opportunity to refute them from the perspective of an actual insider in the Snowden story.

I also admired Gellman as much for what he refused to say - and the NPR interviewer for graciously accepting that refusal and not pushing it like many of the mainstream news channel interviewers would have.

None of that sounds like state sponsored propaganda to me.

If it were, the interviewer would have attempted to make Gellman look like a ring-tailed baboon with rapid-fire leading questions and inference tossing like the neo-con talk show hosts so love to do.

At the end of this interview I think Snowden emerges in a much better light than many would have given him credit for. And the same goes for Gellman who also got to show how (contrary to the administration and intelligence community's allegations and unsupported assertions) the Washington Post displayed a huge degree of discretion and restraint in what they did publish when presenting the Snowden story to the American public.

As Gellman pointed out, Snowden (or the three news sources he shared his data with) could have easily done a raw data dump to Wikileaks or a mirroring network at any time. And there would have been very little that 'the powers that be' could have done to prevent it.

The fact that the Washington Post did speak and consult with the government to minimize release of certain technical and operational details - details which would have done little to advance the story - shows good judgment IMHO. Especially since the big picture that has emerged is damning enough - and more than sufficient to establish just how extensive and serious a problem we have right now.

Which supports the Washington Post's argument that they published with no intention other than to inform the general public of what was going on - and set a debate in motion.

Which it did.

All in all, I think it was handled rather well on NPR and the WP's part. 8)



« Last Edit: September 13, 2013, 02:04 PM by 40hz »

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #34 on: September 13, 2013, 09:04 PM »
Finished the interview there. It was very good.

Gellman's take on the criminality of the leaks and reporting was interesting. I also liked his take on being paranoid.  :Thmbsup:

Off-topic about media
None of that sounds like state sponsored propaganda to me.

We're unlikely to agree on some things there. Have you ever skimmed though "Manufacturing Consent" or "The Engineering of Consent"? (Chomsky and Bernays, respectively.) (I've already blithered on about my skepticism of the media in general. I'm only slightly more skeptical of NPR reporting. More blathering to follow below. ;) )

The neutral tone of NPR is a refreshing departure from the utter drivel and gnashing of teeth that you get in the MSM, but it's still state run media. The content of any particular discussion on NPR is generally irrelevant - that they are framing the discussion is the important part. Demographics make a big difference here. Your average "beer, football & reality TV" zombie doesn't listen to (or watch) NPR. NPRs audience, well, nuff said.

If it were, the interviewer would have attempted to make Gellman look like a ring-tailed baboon with rapid-fire leading questions and inference tossing like the neo-con talk show hosts so love to do.

I don't know why people always go on about the "neo-con talk show hosts" being douches. Sure, Rush Limbaugh has a solid douchebaggery score. So do other right-aligned commentators. But why does nobody ever point out the douchebaggery of the left-aligned commentators? Well, except for a few. It's consistent through a lot of media, and even in "right" media like Fox sometimes.

Here are a few examples of leftist commentators that really just go way the heck off into Lala-land.

MSNBC - Melissa Harris-Perry (wants to kidnap children). Alex Wagner (can't not ask a leading question to save her life).
ABC - Whoopi Goldberg (exercising rights is "terrorism" - I'm not making that up).
CNN - Piers Morgan (oh god... makes Alex Wagner look tame).

We could go on and on. They're extremely dishonest, if not delusionally insane.

It's not left/right media that's dishonest - it's all of them.

Now, to NPR's credit, there is pretty much none of the crap that you get with Limbaugh, Morgan, or the rest of the MSM. This makes NPR much less entertaining. e.g. It's pretty hard to top the insane drivel that comes out of Melissa Harris-Perry's mouth, which makes for a good laugh if you don't end up vomiting and bashing your head against the wall.

Neo-con or neo-liberal - which flavour of turd would you like?

In general, I think it's good to get a solid balance of turds in your diet. One pollutes your pallet with a different set of pathogens so you don't get bored of always having crappy meals. :P

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,858
    • View Profile
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #35 on: September 14, 2013, 01:45 PM »
The neutral tone of NPR is a refreshing departure from the utter drivel and gnashing of teeth that you get in the MSM, but it's still state run media.

It's not. You really need to spend a little more time in the USA to understand how things actually work here, as opposed to 'just knowing' how they do. :-\ :P

I don't know why people always go on about the "neo-con talk show hosts" being douches. Sure, Rush Limbaugh has a solid douchebaggery score. So do other right-aligned commentators. But why does nobody ever point out the douchebaggery of the left-aligned commentators?

That's probably because nobody really ever listens to the left-wing pundits. They are "bombinating in a vacuum" to borrow a phrase of James Thurber's. Even the diehard leftists generally ignore them. Possibly because the right-wing likes to have their arguments and "talking points" provided to them, whereas the left-leaning crowd tends to resist any attempt to hand them pre-canned anything. As one old saying from the 60s used to go: The Left needs to stand apart with each other on this issue.
;)


Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #36 on: September 14, 2013, 11:48 PM »
The neutral tone of NPR is a refreshing departure from the utter drivel and gnashing of teeth that you get in the MSM, but it's still state run media.

It's not. You really need to spend a little more time in the USA to understand how things actually work here, as opposed to 'just knowing' how they do. :-\ :P

http://www.npr.org/a...ublic-radio-finances

Other than that 39% there, my bet is that we can call those "state". If there's actually a difference anymore, I don't see it. ;) ;D
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Kiss Encryption Goodbye... :*
« Reply #37 on: September 15, 2013, 12:23 AM »
I'm not sure if Rick Falkvinge is a full on crypto-anarchist, but he sure seems like it sometimes.

http://falkvinge.net...-from-the-ground-up/

The NSA has forged web security certificates. What’s worse, we knew that they could, and we still trusted certificate-based web security. Web security as we know it is dead and worthless – worse than worthless, even – and must be rebuilt from the ground up.

When you are going to a website that bills itself as secure, it uses a so-called “security certificate”. Such certificates on the web serve two purposes. One, they encrypt the session between your computer and the web server, so nobody else can listen in, and two, they identify the web server you are talking to and tell you whose web server it is. When you log onto your bank, you will see a little padlock next to the bank’s name in the address bar. The NSA and their ilk have effectively negated both of these security mechanisms.

This makes today’s Web security worse than worthless. It is not just worthless, as in not providing the claimed security whatsoever; it is worse than worthless, as it provides people at large with a thoroughly false sense of security. It’s like if all the front door locks in the world were dead easy to open for somebody who knew the magic word. Unless this lack of security is well understood – and being a technical issue, it won’t – people will keep thinking they’re secure. That’s horrible, frankly.

...

Many certificate suppliers are based in the USA. This, combined with the infamous National Security Letters (NSLs) that the U.S. Congress has created, is a death knell. There is nothing stopping the NSA from issuing such a letter compelling Verisign or any other U.S.-based certificate authority to issue a forged certificate to the NSA, and be forced by law to not tell anybody about it.

The mere possibility of this happening is enough to declare certificate-based web security stone dead as a technology – but we know now that the NSA has already used forged certificates to impersonate Google. That’s extra damning. Let’s take that again: the NSA forced web traffic intended for Google’s servers to take a route through the NSA’s servers, where the NSA presented themselves as Google and were able to wiretap traffic intended for Google’s servers, negating both functions of certificate-based security.

And from a link in there:

http://www.techdirt....oogles-servers.shtml

FLYING PIG: The NSA Is Running Man In The Middle Attacks Imitating Google's Servers


Glyn mentioned this in his post yesterday about the NSA leaks showing direct economic espionage, but with so many other important points in that story, it got a little buried. One of the key revelations was about a program called "FLYING PIG" which is the first time I can recall it being clearly stated that the NSA has been running man-in-the-middle attacks on internet services like Google. This slide makes it quite clear that the NSA impersonates Google servers:

More at those links.

SSL is dead.

Kleptography:

http://datatracker.i...-req/?include_text=1

3.4. Kleptography

   Kleptography is persuading the party to be intercepted to use a form
   of cryptography that the attacker knows they can break. Real life
   examples of kleptography include the British government encouraging
   the continued use of Enigma type cryptography machines by British
   colonies after World War II and the requirement that early export
   versions of Netscape Navigator and Internet Explorer use 40 bit
   symmetric keys.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker