Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Pæs

Pages: 1 ... 52 53 54 [55] 56 57 58 ... 167
811
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 13, 2014, 08:11:26 pm »
Doesn't that make hashapass.com a single point of failure?  The security there must be airtight.

They're not storing anything, just hosting javascript which securely hashes your password, using the parameter like "facebook" as a salt to influence the result. You can take their code and read it, host it yourself, make a command line tool which will always give the same results, if you like.

EDIT: This is the code for the bookmarklet http://pastebin.com/gwWstQka
Most of that is formatting a little UI for usability. I just have an offline version saved on my phone and because I'm becoming decreasingly paranoid, I have the master password weakly encrypted so I don't have to type my 50 char password every time. Just open the app, type "facebook", login. Makes my phone a point of failure for all of my logins, if people figure out what that button does, but if I lose the phone I disable it remotely anyway.

812
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 13, 2014, 07:42:58 pm »
It's not for everyone, but I use hashapass.com which will take a word like "facebook" and master password I use everywhere like "horsebatterystaple" and give me a password with a combination of numbers, symbols and different cases. If I forget that password, I go to hashapass and enter "facebook", "horsebatterystaple" and it uses the same math to crunch those together and give me "dL;t8sDG" again.

If the service I'm using sucks at security, and HAXORS get my password, it only works for facebook and there is no way for them to turn it back into "horsebatterystaple" and figure out my password anywhere else.

814
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 11:33:51 pm »
Most importantly. How many words are in this string? More than one? How are spaces handled?

815
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 11:12:56 pm »
But I remain confident that on a 256 key scale the brute force method would be ineffective.
What does this mean to you and how does it apply to what you've made here?

It sounds as though you've got a substitution cipher and I can't tell where the complex math comes in. Did you use a complex process to decide which letter turned into which symbol, because that complexity isn't going to translate forward into the complexity of cracking, it's still a matter of rotating the meaning of each character until readable text is produced.

Are you willing to discuss the process of encipherment so it can be examined in more depth? If that explanation breaks the encryption, I'm afraid you'll have trouble profiting from the scheme.

816
Aneristic Illusions / Re: Occupy
« on: February 12, 2014, 10:50:35 pm »
Missed opportunity in changing the rhyme on "Theirs not to reason why, theirs but to occupy".

817
Aneristic Illusions / Re: Occupy
« on: February 12, 2014, 10:39:01 pm »
"The charge of the light brigade" is just begging for a modern re-write really.

Half a block, half a block
half a block onward,
All in the valley of cops,
Rode the 200
Forward the hipsters!
Charge for the cuffs he said
Into the valley of cops
Rode the 200

'Forward, the hipsters!'
With audience unmoved.
For each among them knew
  That all was spectacle:
Theirs not to battle lethal,
Theirs not to wake the sheeple,
Their purpose was more deceitful:
Into the valley of cops
  Rode the Forgettable

Cannon to right of them,
Cannon to left of them,
Cannon in front of them
  Police line impregnable;
Backed by only Tweeps and bloggers,
Rode ignorant cannon fodder,
Into the jaws of Death,
Against the fatcat robbers,
  Rode the Forgettable

Rais'd their fists into the sky
Rais'd all their slogans high,
Flailing at the coppers there,
Charging an army with
  All the world skeptical:
Plunged in the teary-smoke
Thro' the line they finally broke;
Hipster and Stoner
Reel'd from the baton-stroke
Captur'd and regrettable.
The occupation intact, but not
Not the Forgettable

818
Aneristic Illusions / Re: Occupy
« on: February 12, 2014, 10:14:33 pm »
Surely "rode the 99 percent"?

819
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 09:32:55 pm »
Here's some stuff on what I was saying earlier, about security by obscurity and secret encryption processes not being reliable or desirable.

http://www.networkcomputing.com/data-protection/just-say-no-to-proprietary-cryptographic/229502394
https://www.schneier.com/essay-028.html
https://www.owasp.org/index.php/Guide_to_Cryptography#How_to_determine_if_you_are_vulnerable

Mathematically sound cryptography remains secure even if the process is known, so long as the key is not.

820
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 09:19:11 pm »
Is it going to say "this is the plaintext" or similar? Because I can make assumptions about which characters are chaff and make it say "to be carried" or "you will not" or similar.

821
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 09:15:18 pm »
Paes, remember that this was originally meant for a password, not a message.

In which case, it's irrelevant if a hacker can guess the original password, they just need to find out the sequence of characters.

If they're brute forcing it by trying every possible character, but if you could reverse engineer any of the rules you could make minor modifications to existing dictionary attacks to speed up the process.

It seems to me, JBookup, like you may be underestimating how quickly a computer can try all permutations of the string which keep the order intact and systematically remove groups of characters, then see if any words fit into the pattern presented.

Do you know if, while attempting to decipher this, the answer will be obvious?

822
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 09:00:46 pm »
So the random chaff you've thrown in doesn't have legitimate uses in the legend? If ^ is a random symbol, it never corresponds to a letter?

823
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 08:29:23 pm »
Though it would be still set in stone, but with multiple letters having the same encrypted counterpart.

Whaaaa?

Is there a method by which the decrypter knows which of the many encrypted counterparts you are using?

824
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 08:23:48 pm »
It could be numbers, symbols, or letters that need to be skipped. This is for encrypting passwords and what not to make it impossible for them to decrypt. Now if me and someone were exchanging encrypted messages. Obviously that other person would have the key and would be able to figure out what doesn't belong. Also these are not programs, I know nothing of those sort of things, though very soon will be trying for I have an ingenious idea. But for the time being these are written out on paper and calculated in my head.

So the key explains which numbers and letters need to be skipped? Rather than being more like a password to unlock the string, as a 'key' often is in cryptography, this is more of a series of instructions? Or would the other person decrypt the string, even with the random noise added, then remove the random symbols simply by taking out the stuff that doesn't make sense?

When you say "impossible to decrypt" do you mean "impossible to decrypt without the key" or is this a one way function from which the original text cannot be retrieved?

825
Techmology and Scientism / Re: Hacks, Kludges & Other Such Tomfoolery
« on: February 12, 2014, 09:21:10 am »
Yeah, if the relationship worked in reverse, but the inclusion of numbers in the ciphertext suggests that there isn't a two-way relationship here. Does he have the encryption program? I thought his buddy just gave him the ciphertext?

Pages: 1 ... 52 53 54 [55] 56 57 58 ... 167