tmsr - Search: " T"

504800+ entries in 0.33s

mircea_popescu: decimation makes door lock the weak point again is all.

decimation: all these kinds of security gizmos are quite useless if there's not ability to summon a human to inspect what is going on

asciilifeform: and wouldn't it be in a sense counterproductive? as in, burglars will often themselves glue film to windows before breaking them, to silence the sound

decimation: not the snatch n' grab job

mircea_popescu: best way really is torch

decimation: possibly, but it would take quite a bit of doing

mircea_popescu: if he's willing to, yes. shitty job tho.

asciilifeform: so he break & then cuts with knife ?

mircea_popescu: http://solutions.3m.com/3MContentRetrievalAPI/BlobServlet?lmd=1290196235000&locale=en_WW&assetType=MMM_Image&assetId=1273657601352&blobAttribute=ImageFile << typical impact

decimation: if it's a 'random burglar' it might be enough to convince him to go elsewhere

mircea_popescu: asciilifeform it's not policarbonate replacement for glass in window. it's a very highly adhesive foil, which you stick on the window

mircea_popescu: not THAT expensive

decimation: yes, they make laminate for window reinforcement

mircea_popescu: it's actually transparent

asciilifeform: no, brick in the widow

mircea_popescu: it'll hold a brick too.

mircea_popescu: get that foil thing

mircea_popescu: trivial to make windows bulletproof tho, these days.

decimation: asciilifeform: I'm toying with the idea of buying slightly better deadbolts

asciilifeform read the mit guide and did the exercises like everybody else

Chillum: I try to, but am not very good

asciilifeform: decimation: did, at times

Chillum: with 128 bits to a bitcoin key you do have some keyspace to play with

Chillum: depending on the price

Chillum: If I could hook up a little device to the usb or serial that gave me numbers I would be more confident in then I would do that

mircea_popescu: Chillum this was actuallyt discussed in logs

asciilifeform: Chillum: this has been known to the public for months, to me for years, and to #b-a for at least a year and a half.

asciilifeform: this can be used to narrow key class.

Chillum: it is possible to infect a hard drive with malware. Not the data, the firmware

asciilifeform: but because of the known relationship between bit N and N+k

asciilifeform: incidentally, i will use this occasion to point out that prng is not deadly because enemy can somehow get the exact bits again

Chillum: I doubt there is a modern computer out there that does not have some black box software or firmware

asciilifeform: nubbins`: the number 3 is very random by same token.

Chillum: though most entropy from PRNGs come from hard drive timings, which run black box firmware

asciilifeform: for all we can tell.

asciilifeform: could be avalanche. could also be marsaglia seeded with phase of the moon.

asciilifeform: means that one understands

asciilifeform: and manufacturer has one of the worst histories of stonewalling and fraudulently 'open' source of any.

asciilifeform: Chillum: it is not know for a fact to be anything other than prng

mircea_popescu: Chillum we don't trust it because very suspicious corp / closed turd.

Chillum: the hwrng on the pi is better than the prng most computers use

asciilifeform: but other than that - sure

mircea_popescu: first time ppl that wander in here and a) aren't going to spaceghost the bitcoin ; b) aren't retarded.

asciilifeform: only trouble spot is the rng

Chillum: one time pads are cool

Chillum: no swap, use that runs vanitygen has read only access to drive and does everything in ram

Chillum: so I reimaged the sd with a base raspbian and wrote some python code to get addresses from vanitygen and print them

asciilifeform: (go delete that.)

Chillum: It was a kit meant to print twitter feeds

asciilifeform: happen to own one myself.

Adlai: not that it helps anyone

asciilifeform: i like thermal printers.

Chillum: and a thermal receipt printer

asciilifeform: Chillum: what is in the box ?

Chillum: tty thermal printer has no memory

assbot: The conference, third edition pe Trilema - Un blog de Mircea Popescu. ... ( http://bit.ly/1Gy87tF )

asciilifeform: classical gambit - fuck a goat, folks will forget that you also fuck babies and guinea pigs

Chillum: The problem with the mycelium key is the same printers that accept USB sticks also have internal memory

danielpbarron: these days there isn't that much to verify that a shipment hasn't been tampered with; a shipping container is "sealed" with a metal peg coated in plastic and stamped with some numbers

asciilifeform: i meant, not merely the seal, but the trivially bent box (as shown in film linked earlier)

assbot: Proof That Mycelium Knows How To Make A Better RNG For Its Entropy Dongle. And Isn't. | Contravex: A blog by Pete Dushenski ... ( http://bit.ly/1y61MkH )

asciilifeform: mircea_popescu et al : i would almost dare to suggest that the idiot seal was a deliberate smoke grenade to distract from the idiocy of the 'mycelium' produce itself

Adlai: danielpbarron: ie, the entire container is a seal?

asciilifeform: mass produced seals, sold commercially, are approximately as useful as the lock on a typical home door

danielpbarron: Adlai, not if the seal and container are made of the same clay

Chillum: he shows how to remove and return the seals used on shipping containers

Chillum: short story, they are not very good

assbot: DEFCON 19: Introduction to Tamper Evident Devices (w speaker) - YouTube ... ( http://bit.ly/1Gy7Fvd )

Chillum: This is a really good talk page the effectiveness(or lack there of) of tamper evident devices: https://www.youtube.com/watch?v=SIQml3MBJoE

danielpbarron: I don't like humor in professional communication. Not in code comments, not in technical manuals, not in user interfaces. << from the reddit thing on the mushroom thing

asciilifeform: note also the 'pouch' quite large enough for a passenger car

decimation: note the couriers watching the pouch cargo personally

asciilifeform: this includes customs inspectors (who are supposes to stay the fuck away)

asciilifeform: (set off the thermite)

asciilifeform: if threatened

asciilifeform: su diplo couriers would also hit the Big Red Button (TM) on the crate

asciilifeform: and shoot to kill

Adlai: danielpbarron: you don't have to touch the seal if the packaging itself is easier to replicate

asciilifeform: by vienna convention (1815 iirc) diplo couriers are permitted to treat any attack upon their cargo or person as an act of war

danielpbarron: Rejoining the breached container lid, knot, or latch and replacing the broken seal with a new, identical seal would have been, short of stealing the original unique seal carving, impossible to hide from the inspector.

Adlai: "Miss Bianca, after all, is a poet too, and in any case she is due to travel any day now by diplomatic pouch to Norway."

asciilifeform: diplomatic mail has carried items as large as entire tanks

Adlai: maybe the launch codes. but the nuke itself doesn't fit in an envelope

asciilifeform: are known for a fact to have traveled in diplopouch

Adlai: or is gpg too complex for lizards?

asciilifeform: it is not difficult to dissolve and bond paper.

Chillum: old school method that still works today. If you can defeat it then you should sell the method to our fav government

Chillum: wax absored into the paper

mircea_popescu: maybe you can't detach the seal.

asciilifeform: (after having cut the original crate open on the end opposite)

asciilifeform: Chillum: unless the seal encloses the entire package, all you need to do is recreate the box and reattach the seal.

asciilifeform: in the linked example, no one had to even build a second box - original opened and closed undamaged.

Chillum: permeable paper, the wax absorbs into the paper which is a solid seamless envelope

Chillum: under the assumption that you could not produce identical scratches

asciilifeform: Chillum: very hard to reproduce the identical swirls << l0l. you don't need to reproduce the seal. only the box.

Chillum: in nuclear regulatory systems they seal with a metal button and then scratch it up with a pin and photograph the scratches

Chillum: very hard to reproduce the identical swirls

decimation: yes, it was the honorable route

Adlai almost starts to feel respect for truecrypt devs, who at least admitted, behind their veil of anonimity, that they have nfc what they're doing

asciilifeform: make them secret << the only tamper-evident concept worth anything is the kind only evident to the intended recipient.