/t/ - Technology

Discussion of Technology

Index Catalog Archive Bottom Refresh
Options
Subject
Message

Max message length: 12000

files

Max file size: 32.00 MB

Total max file size: 50.00 MB

Max files: 5

Supported file types: GIF, JPG, PNG, WebM, OGG, and more

E-mail
Password

(used to delete files and posts)

Misc

Remember to follow the Rules

The backup domains are located at 8chan.se and 8chan.cc. TOR access can be found here, or you can access the TOR portal from the clearnet at Redchannit 3.0.

Uncommon Time Winter Stream

Interboard /christmas/ Event has Begun!
Come celebrate Christmas with us here


8chan.moe is a hobby project with no affiliation whatsoever to the administration of any other "8chan" site, past or present.

You may also be interested in: AI

(207.96 KB 220x166 big boss approves.gif)

Let's talk about encryption Anonymous 05/29/2020 (Fri) 15:48:51 No. 283
Which encryption software, standards, algorithms, etc do you think are most resistant to attack? Which ones are crackable or have already been cracked by local law enforcement, FBI, NSA, etc? Is plausible deniability in encryption important (e.g. VeraCrypt)? What are some good tips for encrypting hard drives, files, and other volumes? No CP, just mudercube and /k/ shit in minecraft which may not abide by the minecraft EULA
Anything asymetric is a good bet. The biggest risk with encryption though has always been imperfect implementations of mathematically sound algorithms. Standard algorithms like RSA and AES are very secure in theory. What matters is, does the NSA have their own secure implementations for their purposes and backdoored implementations for others to use? Thankfully, different departments compete with each other to secure their own assets and crack the others. The Federal Government has provided loads of information to the community by attacking itself. I've seen no evidence that TrueCrypt/VeraCrypt has been actually cracked, at least not for use by local police. There are cases where the police surely would have broken the encrpytion otherwise. >Is plausible deniability important Not for the encryption itself, but absolutely for securing your assets. If you can be compelled to provide keys for all your data then no amount of encryption actually matters. This makes attackers unsure if you even can unlock it.
Taking advantage of this thread to ask a related question. I'm planning to take a flight after the pandemic allows and I'll need to take with me a few of my encrypted devices. Should I be worried about officers asking me to unlock them at the airport or them otherwise taking issue with them? >>292 I don't really have a lot of trust in asymmetric crypto. It's just so much more complex than symmetric encryption and it's had so many issues with attacks and constantly requiring bigger numbers to provide security and whatnot. You don't see that kind of issues with symmetric crypto, not since AES at least. >I've seen no evidence that TrueCrypt/VeraCrypt has been actually cracked Me neither, but I've seen some concerns about TrueCrypt only using 1000 rounds of PBKDF2. If you have a strong enough password you probably don't have anything to worry about but these days there's no reason not to use a much bigger number of iterations or a different algorithm and making sure the scheme holds up better even with weaker passwords.
>>296 Very interesting. In the U.S., I am pretty sure that airport security can't make you unlock an encrypted device without a warrant (although I don't think that will stop them from trying, so if they give you a hard time ask them for a warrant). In other countries I am not so sure, check their aviation security laws and see. Also make sure your devices don't go through X-Ray or millimeter wave scanners.
>>292 Isn't asnymmetric much weaker vs quantum and also a bit of a blind gamble mathematically speaking? As in, nobody has found a way to reverse it cheaply but there's no formal proof that such a cheap reversal can't exist.
>>303 >Also make sure your devices don't go through X-Ray or millimeter wave scanners. I've made a quick online search and pretty much every source said electronic stuff wouldn't be affected by airport scanners. Can you elaborate?
>>322 Oh. I figured it might wipe hard drives. I guess I was wrong.
>>329 I thought you were worried about airport employees finding the micro sd cards hidden up anon's butt
(25.72 KB 448x274 security.png)

Encryption is good, but doesn't stand up to a $5 wrench...
>>303 I know New Zealand, UAE, Saudi Arabia, and Russia will make you decrypt devices in front of them. Not only that, they'll make you decrypt, then do a sector copy of your drive... I get the authoritarian areas, but New Zealand is supposed to believe in free speech and individual rights. Fucking kiwi cunts.
>>303 Traveling domestic, airport law enforcement would need probable cause or a warrant to look on your electronic devices. Arriving from an international location and going through ICE, they can demand access without cause. The legal rationale is that in ICE, prior to being actually 'admitted' to the USA, you're not in the USA and therefore not subject to Constitutional protections.
>>11221 > New Zealand is supposed to believe in free speech and individual rights. The thing about "rights" is that it is easy in a country like New Zealand, where everyone more-or-less agrees about society, religion, the purpose of the state, etc, to say that they support "rights" and see no rights abuses. Freedom of speech is only tested when people disagree, and there isn't disagreement in New Zealand, which is interpreted as freedom because there are no rights abuses. And this is how a deeply authoritarian society looks free to others.
If you carry an encrypted laptop to travel security, just make sure to hide it properly. Install Windows with some normie applications and set it to default boot; remove the Linux bootloader – you can still boot it through the EFI shell. It's not like they will be checking for hidden operating systems. Or, just put your sensitive files in a blob on a server somewhere.
>>11390 >just put your sensitive files in a blob on a server somewhere. I've been keeping my files on a microSD card hidden under my foreskin. TSA hasn't checked there so far
>>11396 >>11390 >just put your sensitive files in a blob on a server somewhere. "I've been keeping my files on a microSD card hidden under my foreskin. TSA hasn't checked there so far" Exactly what >>11390 said ... put it in a blob.


Forms
Delete
Report
Quick Reply