kstumpf - Slashdot User

Encrypted Images Vulnerable To New Attack 155

Posted by kdawson on Sunday October 05, 2008 @04:04PM from the bye-bye-deniability dept.

rifles only writes "A German techie has found a remarkably simple way to discern some of the content of encrypted volumes containing images. The encrypted images don't reveal themselves totally, but in many cases do let an attacker see the outline of a high-contrast image. The attack works regardless of the encryption algorithm used (the widely-used AES for instance), and affects all utilities that use single symmetric keys. More significant to police around the world struggling with criminal and terrorist use of encryption, the attack also breaks the ability of users to 'hide' separate encrypted volumes inside already encrypted volumes, whose existence can now for the first time be revealed." The discoverer of this attack works for a company making full-disk encryption software; their product, TurboCrypt, has already been enhanced to defeat the attack. Other on-the-fly encryption products will probably be similarly enhanced, as the discoverer asserts: "To our knowledge is the described method free of patents and the author can confirm that he hasn't applied for protection."

Comment you'd think they would eventually learn (Score 1) 456

by Tesseract on Wednesday May 09, 2007 @10:13AM (#19051211) Attached to: Disney Says, You WILL Watch the Ads

The more they try to force me to do something that is not in my best interest, the more they marginalize themselves...

Submission + - Saddam Execution Video Posted to Google Video

Submitted by

Kadin2048

on Tuesday January 02, 2007 @09:11PM

Kadin2048 writes: "As reported by the BBC and many other sources, one of the witnesses of Saddam Hussein's execution apparently recorded the event using a cell phone, and the recording was subsequently posted to Google Video and YouTube (registration required). The unofficial video caused an immediate furor, particularly as it was at odds with official descriptions of the execution, and has prompted an official inquiry from the Iraqi government."

Comment Education Problem (Score 3, Interesting) 568

by kstumpf on Sunday November 19, 2006 @03:30PM (#16905864) Attached to: Tech Czar Unimpressed With US IT Workforce

I blame schools. Secondary education is big business. There's only a handful of schools with quality programs. Here in Louisiana, many schools still teach pascal and basic. Later courses are taught by underqualified professors who've been out of the loop for years. For my C++ course, I had to constantly argue with the teacher over every program I would write because he did not know the ANSI standards. The class barely covered the first three chapters of a "teach yourself C++ in 24 hours" type book. Classes tend to "gear down" to the accomodate the dumbest person in the class, which is just wrong. I got fed up, left school, got six years experience, then came back and got a business degree.

Comment Am I missing something? (Score 1) 466

by underling on Friday July 07, 2006 @12:05PM (#15676042) Attached to: Work Around for New DVD Format Protections

There is absolutely no way to create a data format that makes it impossible to extract a perfect unencrypted digital representation of that content. At some point, no matter how much encryption and encoding and authentication you add to the disc, the consumer is going to be able to play it in all its digital glory. The mere fact that this is possible means you have to have access to the unencrypted data, which can always be copied.

They're employing encryption techniques in a field it wasn't suited to address. PKI is meant to be used to allow a user to authenticate that the content on the disc came from a trusted source. It fails when you try to forcefully disallow reading content from a disc if the source (in the case of DVDs, the player. in the case of an XBox, the disc) isn't trusted. This can generally be circumvented by a nerd with a soldering iron.

Hollywood is spending millions on making it more difficult to emulate an authenticated player, but it's fundamentally futile. You only need to circumvent the authentication once. From then on, you can release software that can do it for anyone that wants it, as long as there's a player on the market that gives you software access to the encrypted content.

Comment Re:Not too bad..... (Score 1) 577

by TheIndividual on Friday May 12, 2006 @05:12AM (#15316087) Attached to: Slashdot CSS Redesign Contest Update

It actually looks quite normal in the latest Opera Weekly Build.
Get it at http://my.opera.com/desktopteam/

Classic Star Wars Trilogy Finally on DVD 673

Posted by samzenpus on Thursday May 04, 2006 @08:06AM from the Han-shoots-first-again dept.

chinton writes "From starwars.com: 'In response to overwhelming demand, Lucasfilm Ltd. and Twentieth Century Fox Home Entertainment will release attractively priced individual two-disc releases of Star Wars, The Empire Strikes Back and Return of the Jedi. Each release includes the 2004 digitally remastered version of the movie, as well as the original theatrical edition of the film. That means you'll be able to enjoy Star Wars as it first appeared in 1977, Empire in 1980, and Jedi in 1983.'"

Journal Journal: Sveasoft illegally uses OpenWRT 2

Journal by TheIndividual on Tuesday March 14, 2006 @06:50PM

Ok I admit it, I have been lazy recently. Not much had happened in the WRT scene in a while.
OpenWRT now has a great Web-Interface, DD-WRT got better on a daily basis while Sveasofts lost all its developers except James and the quality of their firmware releases declined even more.

Journal Journal: Freeman 1.04 released 1

Journal by TheIndividual on Tuesday May 31, 2005 @10:02AM

The new version of Freeman (1.04) is now available for download!

Last time Sveasoft apparently had unintentionally released an unprotected binary on which Freeman 1.02 was based. This time Sveasoft didn't make the same mistake, the MAC protection had to be hacked and removed.
Kudos to the people responsible for that!

Journal Journal: Talisman hacked by unknown group - on mirrors now 3

Journal by TheIndividual on Monday May 09, 2005 @09:23PM

It was bound to happen. After pissing of the entire open source community with their scam, it was only a matter of time until Sveasoft's latest baby - Talisman - would be hacked and made public.

Journal Journal: Alchemy 1.0 released to the public 5

Journal by TheIndividual on Friday April 29, 2005 @07:13AM

Sorry for not updating this journal in a while. On April 21st, Sveasoft decided to drop work on Alchemy and release it to the public as it is. It is called final and it should be somewhat stable.

Also, after not releasing any source code to the subscribers for 5 months, they finally made the Alchemy sources available.

Both files will appear on the mirrors shortly.

Journal Journal: Tag-free Sveasoft Alchemy pre7a 11

Journal by TheIndividual on Tuesday March 01, 2005 @02:24PM

Hello everybody,
thanks to two fellow suppliers I had the chance to make a tag-free version of Alchemy pre7a. You may notice the name change, apparently Sveasoft decided that having seven release candidates durin a feature freeze is a little embarassing.

This version, as always, has been tested before release. Please read the included text files for further information, post questions or comments in this forum thread

Journal Journal: Sveasoft sending DMCA notice to Google, Inc 8

Journal by TheIndividual on Friday January 14, 2005 @01:45PM

Looks like James is doing everything he can to twist the truth. Check out this DMCA copyright violation notice he sent to Google, Inc.
I know it is dated October 2004 but I didn't hear/read about it until today. What's next?

Journal Journal: RC5a released, help by mirroring on P2P (ed2k) 3

Journal by TheIndividual on Monday January 03, 2005 @11:08AM

Sorry for the delay, I had expected Sveasoft to release a public version soon so I didn't bother.
However they now claim that it is delayed due to "illegal" copies of Alchemy. Sounds to me like a really bad excuse but who cares, I hereby declare Alchemy 6 RC5a a public version :)

Journal Journal: More tags, more firmware: Wolfs Alchemy-6rc1w42 released 9

Journal by TheIndividual on Thursday November 11, 2004 @01:40PM

Today I am proud to present you the second firmware without any tags. It is Wolf's CVS offspin of Alchemy 6rc1 with lots of bugfixes.

Slashdot Top Deals