132 entries in 0.116s
maqp: But like I said, all the best. It's 3am I'm off. Night everyone!
maqp: The site uses nsa.gov as a source. If you can disprove their claims, it should make quite a scandal
maqp: http://www.theregister.co.uk/2001/01/10/nsa_runs_best_fab/
maqp: you understand the size of required logic and NSA running best fab in the world? ;) ☟︎
maqp: unless you have the clearance
maqp: so if you're emplyed by US gov it's illegal to view it
maqp: Oh, that picture is classified Top Secret
maqp: hardware you get from mail can be backdoored. https://leaksource.files.wordpress.com/2015/03/nsa-tao-cisco-interdiction.jpg
maqp: There is absolutely no way to guarantee delivery against interdiction. So unless the device uses unbackdoorable components, then no.
maqp: Too bad we can't have a mature discussion about this
maqp: What works?
maqp: I think it's more safe if people download manuals from the network, and then buy COTS hardware and build data diodes / HWRNG themselves
maqp: Basically, LEDs and phototransistors might be secure against interdiction attacks, but the problem is finding a properly functioning pair
maqp: http://pastebin.com/H5LMVB6f ☟︎☟︎
maqp: It's a complicated problem. Let me quote an expert on this
maqp: confidentiality, integrity, availability
maqp: phf: Well, when you look at history of TLS, you'll notice that modes of operation are not obvious. My approach for TFC is first of it's kind (at least in FOSS world). My approach on a-b is to see whether CIA-triad is fulfilled. If my peer can be tricked into sending messages to infiltrator / network attack that changes a single public key etc. all security is lost
maqp: me and whoever might agree with me
maqp: If you're passionate about the project, I hope you dive into it, write a paper on this and prove us wrong.
maqp: It's just that this type of nihilistic reasoning and security t-bones with the standard infosec discourse so badly I can't offer advice.
maqp: Okay. I really hope you end up creating somethign cool. Just be sure to get someone elses opinion too
maqp: The range with illuminated retro reflectors is up to 10 miles. You going to shoot anybody within that range?
maqp: Should we abandon all security because security isn't absoulte?
maqp: There is no way your system can defeat targeted SIGINT monitoring attack, where government drives within a few hundred meters and collects signals emitted by your keyboard cable. ☟︎
maqp: usually, expensive enough
maqp: Security is, and has always been about adding layers, enough layers to make attack unbeneficial to attacker
maqp: Yeah, I'm afraid there's really no situation this could be used in
maqp: so you get secrecy without affecting the anonymity
maqp: and you can be assured that only the recipient will read what you sent
maqp: you can encrypt
maqp: unless you sign*
maqp: The point is, unless you encrypt the message, anyone might have created the plaintext ☟︎
maqp: Why not? To have even a tiny bit of integrity you need trustworthy peer network
maqp: then when you want to send a message to contact, you encrypt the message with the public key and ask users to pass along the ciphertext
maqp: Why not instead have a public repository of all public keys similar to Tor
maqp: and evetually it will reach them
maqp: Okay, so basically I tell my peer that this message should at some point reach my contact
maqp: Why couldn't this work on OTR. I have a OTR messaging with my friend and I ask them to relay a message for me to someone peer has on their contacts?
maqp: so a secure communication system with no anonymity between peers, no secrecy, no integrity and no authenticity unless all peers are trustworthy ☟︎
maqp: So a friend who holds a grudge on you can change a message?
maqp: So are you signing the plaintext before you send it to the peer?
maqp: sure
maqp: Can you give a tldr on how ciphertexts propagate in the network?
maqp: v? *
maqp: v works?
maqp: So the urban vs rural talks about anonymity being a "rat in a sewer"
maqp: But I fail to see the rat in the sewer, when you're giving the government a finger by bouncing traffic across the globe
maqp: Well, we must depend on those who are able to do something then given their current social and societal situation
maqp: It doesn't have to be a family, it might be a parent, friend, someone we look up to
maqp: it depends on how well they can weigh the threat and what track record the tools of their OPSEC have
maqp: I think we need both
maqp: There's nothing bad being a Moose. It can be hard to be a moose when your family is being tortured in another room when you chose not to use anonymity to hide participation in dissidence movement
maqp: The article steers away from infosec discourse faster than CRC32 collision. I skipped to the end--
maqp: Have you discussed the threat model?
maqp: So it's a secure chat with track record?
maqp: I see nothing being discussed about forward secrecy or deniability
maqp: Ok, I'll skim it
maqp: (IMO you should be spending your efforts on Ricochet or fork it.)
maqp: Is there a memo on that design?
maqp: "URC can be as private and secure as military systems"
maqp: are you referring to this? https://github.com/JosephSWilliams/urcd
maqp: Vaporware?
maqp: So breaking the anonymity won't reveal content of chat that could compromise their identity
maqp: Then TFC can really help since Tails and Pidgin only see TFC ciphertexts
maqp: But if you find Tor insecure and suspect someone is remotely breaching for example your Tails live session
maqp: I'd prefer secure by design approach any time
maqp: Sure it has it has it's problems. But the only alternative is secure-by-policy VPN
maqp: I'll have to read the article. Tor sucks slides indicate it puts up a fight even against FVEY agencies
maqp: So Pidgin is just a way to transmit ciphertexts from dbus to XMPP server
maqp: great <:
maqp: plaintext input, output, encryption, decryption, key generation and storage happens on separate computers
maqp: However, the entire computer Pidgin is running on is not part of the trusted computing base.
maqp: I completely agree with ioerror on that "pidgin is a flock of zero-days flying in formation"
maqp: http://log.bitcoin-assets.com/?date=07-2-2016#1399034
maqp: sure just a second
maqp: since you and ascii_rear disapproved
maqp: mircea_popescu: I looked at the backlog someone linked me and I wanted to address one thing about TFC using it
maqp: ben_vulpes: I think you're confusing patriotism with nationalism
maqp: AFAIK Snowden hasn't got a degree in math/crypto, but what he said might indicate something in the leaks the journalists chose not to publish. It's a long shot but since there was no harm in cascading...
maqp: That's pretty much the story behind CEV
maqp: Additive keystreams have very low risk after all and I didn't have to trust single external crypto library
maqp: Snowden hinted something about using cascading at Harvard Privacy Synopsium when he was talking with Schneier. Schneier disagreed but it left me wondering whether Snowden's tongue slipped. Cascading was agreed as a good practice in the Schneier's Friday squid blog so I had a go
maqp: mircea_popescu: Didn't see that. CEV was built to distribute trust over multiple cryptographic primitives and designers
maqp: but yeah, my bad <:
maqp: unconditionally secure authentication fits information theoretically secure algorithms (not ciphers)
maqp: one-time MAC
maqp: would've*
maqp: punkman: splitting hairs but yeah. Algorithms woul've come closer
maqp: works well
maqp: "because why trust on a single cryptographic primitive" makes a lot more sense than "why use information theoretically secure ciphers"
maqp: Keccak512-CTR - XSalsa20 - Twofish-CTR - AES256-GCM - HMAC-SHA512 - SHA3-512-MAC
maqp: basically it's like OTP but with forward secret cascading encryption
maqp: CEV is the cascading encryption version
maqp: It's also a lot easier with NaCl than with OTP/CEV (there's a separate command for adding PSKs)
maqp: NaCl also lets you pre-share 256-bit XSalsa20-Poly1305 keys. It was the only practical post-quantum solution at the moment
maqp: indeed. I'll look into that <:
maqp: (checksum included)
maqp: Base36 would reduce public key length to 56 chars
maqp: But since you don't have to read the public key in Base58 format, it could use two different encodings
maqp: "lightish square, a bit darker square, white square"...