Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Pæs

Pages: 1 [2] 3 4 5 ... 162
16
While we're at it, you also misunderstand prefacing.

It just so happens the government uses AES a lot, so I would use that with [as random as you can make them] salts and seeds, as well as making sure the key is as random as you can make it, while also making it long enough for a hash cracker to be useless. As far as I know, if you can get ahold of a hash of a small enough key, you can just bruteforce the hash and get the key easily. But, because the size of any hash is cut off, only part of the key could even be recovered if you got ahold of a hash for a very long key. Or, it would be a useless chain of characters, depending on whether length had anything to do with the hash encryption algorithm. I forget exactly how that works.

17
Fortunately he's already demonstrated that he's woefully underprepared for getting away with crime, so we don't have that to worry about.

18
It just so happens the government uses AES a lot, so I would use that with [as random as you can make them] salts and seeds, as well as making sure the key is as random as you can make it, while also making it long enough for a hash cracker to be useless. As far as I know, if you can get ahold of a hash of a small enough key, you can just bruteforce the hash and get the key easily. But, because the size of any hash is cut off, only part of the key could even be recovered if you got ahold of a hash for a very long key. Or, it would be a useless chain of characters, depending on whether length had anything to do with the hash encryption algorithm. I forget exactly how that works.

I'm not sure what you're trying to communicate here. You seem to be conflating hashing and encryption and misunderstanding both.

19
I was trying to determine whether he genuinely doesn't care about others or whether it's part of a schtick he's adopted, bundled with the logic fetish Demo Squid mentions.

Then I realised that through text over the internet he's going to be functionally the same to deal with.

20
I'm not qualified to diagnose antisocial personality disorders but even if I was I imagine you'd find a way to rationalise away any such criticism.

21
The dude called himself The Dread Pirate Roberts.

He may as well have called himself Lupine McLoneWolfmaster, his chances of not being a self-aggrandizing dickbag were so perishingly low.
:lulz: Exactly this.

22
Also don't keep a detailed journal of your criminal exploits. Honestly, Ulbricht was a bit of a fool who benefited from a black swan in his terrible marketplace gaining notoriety. He got all wrapped up in the theatre of being a mastermind, totally failing to actually cover his ass and they caught him with his laptop open, logged into Silk Road admin panel. You couldn't own yourself any harder.

23
I'm with Paes and would like to add you're a dick and fuck you.
Oh good. I'm understating how appalling I find the situation illustrated in that post because I've been reading r/relationships and am primed to see toxicity everywhere but that sounds super unhealthy to me.

24
Okay. I maintain that "She is stupid if she listened to me all her problems would be solved" is still worth examining as a potential problem even if you don't think you explicitly share that perspective.

25
And if you want your online marketplace to facilitate illegal transactions, don't roll your own custom shit in PHP and throw it on top of an experimental anonymous network with an increasing number of design weaknesses being identified then call that a day.

26
The Richard Nixon school of ballet and the arts / BITCOIN MUGGING
« on: June 05, 2015, 11:42:37 pm »
http://www.theregister.co.uk/2015/06/05/bitcoin_theft/?mt=1433547708657

Quote
A New York man was robbed at gunpoint of $1,110 worth of Bitcoin.

According to CNBC, on the morning of May 27, the 28 year-old man was lured into a car in the Crown Heights section of Brooklyn to sell Bitcoin to a buyer he met on Craigslist.

Once inside the car with the two robbers, the man was reportedly forced at gunpoint to transfer $1,100 in Bitcoin (around 4.9 Bitcoins, based on current prices) from his account to another account controlled by the robbers.

The man, who was not named, then had his phone stolen and was told to exit the car before the two robbers drove away.

This is not the first Bitcoin robbery to be reported in New York. In February, a New York City man reportedly was robbed at gunpoint after meeting up with a buyer for his Bitcoin, and there's no telling however many other cases might have gone unreported.

It goes without saying that you should always be wary when making arrangements online to buy or sell goods, and getting into a stranger's car is never a good idea. Police in some cities have offered to let people carry out their Craigslist deals outside of police stations to help discourage robberies.

This latest crime, meanwhile, is only the latest in Bitcoin's long, shadowy history. Criminals have demanded to be paid in the digital currency in ransomware attacks, for example. And convicted Silk Road founder Ross Ulbricht amassed a small fortune in Bitcoin from his online drug sales operation and had an estimated $33.6m worth of the digital currency confiscated by police at the time of his arrest.

27
There's a whole bunch of stuff to respond to in this thread, but the thing I hit reply for was to say that AES is still considered viable by most people. It's at least considered as secure as it was pre-Snowden. For context, I've been working in security for telcos, financial institutions and government agencies for the last ten months (consulting and offensive testing, part of the reason why I haven't had many updates on what I'm doing) and frequently use AES-256. That's not to say that it's impossible that data encrypted using AES-256 to be read by an actor with the resources of a nation-state, but that I think they would be exploiting as-yet-undetected errors in implementation, rather than deliberate weaknesses in the algorithm.

AES and PGP are typically used for different purposes. AES is a symmetric-key algorithm, which means that the encryption and decryption functions use the same key. If you want to share AES-encrypted data, you need to provide the recipient your key. Anyone in possession of this key can read and write to the conversation between you and this other party.

PGP is slower but uses asymmetric-key crypto as well as symmetric. The result of which is that someone can encrypt a message using one key (your public key) and even if everyone else knows this key as well, they cannot use it to decrypt the message. Only your private key can do that. Because of this, it's often better for communications as it ensures that only the intended recipient can read the message and lends itself better to being used to verify the identity of a party in the conversation.

PGP requires both parties to have generated keys and while not super technical, this is not a user-friendly process, resulting in it not being very well adopted by non-tech-folk. To communicate securely with people who do not have a PGP key, I would tend to encrypt it using AES and provide them with the single-use key out-of-band, preferably in person or over the phone/SMS if you're willing to add those networks to the risk register.

28
HAHAHAHA EVERYBODY'S LIVED EXPERIENCE IS UNDERSTOOD AND DEFINED VIA CONCEPTS AND WORDS AND SOUNDS THEY MAKE WITH THEIR FACES THAT DON'T, REMOVED FROM THEIR SOCIAL CONTEXT, ACTUALLY MEAN ANYTHING.

IT'S ALL JUST WORDS, YOU DELUDED FOOLS. HAHAHAHA.
Hey, sometimes the only way out of a hole is to keep digging until you hit sillyness. The sillyness explodes and launches you back to the surface.
Commonly known as appeal to absurdity when done to another, I'm not sure what it is called when I do it to myself.
The ridicule there was directed at PDS, rather than at your post  :)

29
HAHAHAHA EVERYBODY'S LIVED EXPERIENCE IS UNDERSTOOD AND DEFINED VIA CONCEPTS AND WORDS AND SOUNDS THEY MAKE WITH THEIR FACES THAT DON'T, REMOVED FROM THEIR SOCIAL CONTEXT, ACTUALLY MEAN ANYTHING.

IT'S ALL JUST WORDS, YOU DELUDED FOOLS. HAHAHAHA.

30
It's just a control mechanism that her parents are using on her. If she listened to everything I said, the problem would be fixed in a week. But she doesn't have enough self-control to react with reason. She's so emotional and vulnerable to manipulation.

she's too stupid to use that to her advantage. And she won't take any of my advice.

You sound like a terrible fucking partner here. The lack of respect you have for her sounds really atrocious. If someone told me their boyfriend felt the things you say you feel here, I would be telling them to leave. Quickly.

Pages: 1 [2] 3 4 5 ... 162