News:

PD.com: More merciless than a statue of Ming.

Main Menu

The Advent of Netwar

Started by Cain, February 06, 2008, 02:29:06 PM

Previous topic - Next topic

Cain

My copy of this finally arrived.  Stand by for transcripts and useful concepts sometime in the near future.

TheLastLump

The only problem I see with Netwar (which is, really, the only reason Hierarchies have worked this long) is that even a single spy in the group gets ALL the information. Where everyone is, what they're doing, and what colour underwear they all have on. Is there a way to address this?
"It's a dog-eat-dog world, Jesus, please holla back..." -The Game

doughboy359: Don't be angry cause you're a heretical pagan, we'll still accept you if you convert. Doughboy, on being a Catholic.

Cain

Two-layered networks.  An outer layer who are only informed on a "need to know" basis until they can be trusted, then another level, made up of all the nodes and hubs who are in on it all.  It makes the network less flat, to a degree, but not entirely since once they are in on it, it flattens out again.  A common reference and code system, adopted among the group can help too, though thats more interception than infiltration.

Al-Qaeda adopted a 4 ring model along similar lines, where only the top two rings really act as networks, then the organization is hierarchical in its dealings with the bottom two rings.

TheLastLump

Interesting. I've got some skill in encryption and counter-espionage tactics so I could set up a vignere cypher if you want.
"It's a dog-eat-dog world, Jesus, please holla back..." -The Game

doughboy359: Don't be angry cause you're a heretical pagan, we'll still accept you if you convert. Doughboy, on being a Catholic.

Cain

It could be useful.

The only problem I see is trying to get people outside this site to use it.  It might be best until we have a working network before introducing it.

But I for one would be very interested in anything cryptographical that could help us.  I've been playing around with TrueCrypt and only finished The Cryptocomnicon the other week...so my interest in that particular area is piqued, you could say.

I should really start transcribing notes on this book too.  And find someone who knows how to play go.

Triple Zero

LHX plays Go. I think Net also plays Go.

I play a littlebit of Go, i've probably played 3 games in my life, on smaller boards. An interesting learning experience. It seems progress in the game comes automatically with Zen-type lessons, which is really cool.

why the interest in Go?

also, about encryption. i have some experience with it, too. the question you need to ask yourself first is "what do i want to achieve [with this encryption]?", in order to avoid the mistake peregrineBF made, "let's just slap https on top of it!".

questions like, who do you want to hide from?

- the cops coming in your house claiming your computer?
- someone sniffing/listening on your internet connection?
- to distribute documents on a need-to-know basis?

for the last option, you don't need encryption at all. just passwords. unless you're dealing with hackers.

another thing is, you can't just say "i wanna be 100% secure", there will at the very least always be this huge black swan looming in the shadows that you just didn't notice until it was too late.
you can however say "i wanna be 99.999999% secure from attacks X, Y and Q".
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Bebek Sincap Ratatosk

I just finished up a two year multi-million dollar encryption project here, so I have some experience there as well.

For communication purposes, sharing data 'one way', anonymous options etc... I think a Asymmetric Key solution would be best, like PGP. In this situation, you have two keys, a private key and a public key. The public key can be passed out to anyone. They can encrypt anything with it and it can only be decrypted by someone with the matching private key.

So

Cain posts his public key. I want to communicate with Cain, anonymously. I take his public key, encrypt some text and post it here (using proxies to hide my path). Everyone can see the encrypted text, everyone can have Cain's Public Key, but ONLY Cain can decrypt the message.

If we replace Cain with HIMEOBS or GASM-COMMAND, the same thing applies. Better yet, the private key for HIMEOBS or GASM-COMMAND can be held by multiple TRUSTED people. The Anyone can encrypt but ONLY those with the private key can decrypt.


*PGP or GPG if you want the open source version
- I don't see race. I just see cars going around in a circle.

"Back in my day, crazy meant something. Now everyone is crazy" - Charlie Manson

Bebek Sincap Ratatosk

Quote from: triple zero on February 08, 2008, 07:34:33 PM
LHX plays Go. I think Net also plays Go.

I play a littlebit of Go, i've probably played 3 games in my life, on smaller boards. An interesting learning experience. It seems progress in the game comes automatically with Zen-type lessons, which is really cool.

why the interest in Go?

also, about encryption. i have some experience with it, too. the question you need to ask yourself first is "what do i want to achieve [with this encryption]?", in order to avoid the mistake peregrineBF made, "let's just slap https on top of it!".

questions like, who do you want to hide from?

- the cops coming in your house claiming your computer?
- someone sniffing/listening on your internet connection?
- to distribute documents on a need-to-know basis?

for the last option, you don't need encryption at all. just passwords. unless you're dealing with hackers.

another thing is, you can't just say "i wanna be 100% secure", there will at the very least always be this huge black swan looming in the shadows that you just didn't notice until it was too late.
you can however say "i wanna be 99.999999% secure from attacks X, Y and Q".

I would say that passwords aren't secure... even from a casual attack. I think our current password cracking tools take out several hundred network password in about two hours. If the password contained letters, numbers and ASCII... then we'd have to attack the lock rather than the password, but we have successfully broken Word and Excel in the past. I agree entirely about your black swan comment though :)
- I don't see race. I just see cars going around in a circle.

"Back in my day, crazy meant something. Now everyone is crazy" - Charlie Manson

ñͤͣ̄ͦ̌̑͗͊͛͂͗ ̸̨̨̣̺̼̣̜͙͈͕̮̊̈́̈͂͛̽͊ͭ̓͆ͅé ̰̓̓́ͯ́́͞

Hey! I didn't know you played Go, 000. We should meet up on Kisiedo sometime.

I play Go at about the 5 kyu level, which is mediocre amateur. It roughly corresponds to a blue belt in Tae Kwon Do, if black belt is 1st dan.

I also have a pretty good grasp on the nomenclature if you have questions, Cain.

P E R   A S P E R A   A D   A S T R A

Cain

I need to look into it more, before I can ask any sensible questions.

I also need to finish the damn book and start making notes.  I'll do that after enrolling today.

TheLastLump

XD My experience with encryption is along different lines than the ones you're discussing..... I'm more skilled in straight text-to-text translation like in the olde days. I can name and use several ciphers, and the one I was talking about- the Vignere cipher- is neigh uncrackable. It took Ben Franklin to figure out how to break it, and the answer was a painful one: Logic. You have to feel around the code and work at it for weeks and weeks before you can even come close to having enough information to attempt to advance, so if the information is only relevent for a short period of time, by the time anyone's solved the damned thing it's no longer important- and you could've already changed the keyword, so they'd have to start all over again for the next message!

If you needed to encode something you were mailing, or wished to hide things on this site so that only a few people could read them, I'm your man.
"It's a dog-eat-dog world, Jesus, please holla back..." -The Game

doughboy359: Don't be angry cause you're a heretical pagan, we'll still accept you if you convert. Doughboy, on being a Catholic.

Triple Zero

says here it's breakable.

http://en.wikipedia.org/wiki/Vigenère_cipher#Cryptanalysis

and from its description, it doesn't seem that hard either, doing it by hand, yeah i believe that, but add a bit of computing power and you're set.

there's another cipher that you can encrypt and decrypt by hand, where the key is a shuffled deck of playing cards:

http://www.schneier.com/solitaire.html

it's mentioned in cryptonomicon (which i still need to read) and it is in fact strong security (because of the vastness of the key size).
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Cain

000, you want an e-book copy of the Cryptonomicon?

I can direct you to a download, if you want...

Triple Zero

Quote from: Cain on May 08, 2008, 08:41:42 PM
000, you want an e-book copy of the Cryptonomicon?

I can direct you to a download, if you want...

thanks, but i've seen it in the shops (unfortunately it was the dutch translation), it's rather big, no way i'm going to read that off the screen.

i'm barely halfway through AoM :)
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Bebek Sincap Ratatosk

Quote from: triple zero on May 08, 2008, 08:40:01 PM
says here it's breakable.

http://en.wikipedia.org/wiki/Vigenère_cipher#Cryptanalysis

and from its description, it doesn't seem that hard either, doing it by hand, yeah i believe that, but add a bit of computing power and you're set.

there's another cipher that you can encrypt and decrypt by hand, where the key is a shuffled deck of playing cards:

http://www.schneier.com/solitaire.html

it's mentioned in cryptonomicon (which i still need to read) and it is in fact strong security (because of the vastness of the key size).

This is the correct cryptocycle. Polyalphabetic substitution is not a secure way of encrypting anything anymore. Either one time pads (which includes the deck of cards method), symmetric encryption of at least 128 bits or asymmetric encryption of at least 1024 bits is necessary to defeat common cryptanalysis. For NSA level analysis, well, who knows...
- I don't see race. I just see cars going around in a circle.

"Back in my day, crazy meant something. Now everyone is crazy" - Charlie Manson