Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:Oblig xkcd (Score 5, Interesting) 220

by Will_Malverson (#48137109) Attached to: VeraCrypt Is the New TrueCrypt -- and It's Better

I've posted this before, but I want to get this idea out there:

Here's how to make your password truly secure, if you really have something you want to hide:

1) Get fifty dollar bills. Maybe get some fives and tens mixed in with them. Total cost less than $100.

2) Shuffle them into a random order.

3) Set your Truecrypt (or Veracrypt, or whatever) password to be the hundred-digit number formed by taking the two least significant digits of the bills' serial numbers, in order.

4) Keep the stack of cash next to your computer, and make sure you don't let it get out of order. If you lose - or even just drop - the stack, it's game over. If/when you find yourself starting to remember the password and able to enter it without referring to the stack, shuffle the stack and change your password.

5) If an adversary raids your house, chances are that the stack of cash will simply vanish into a pocket. And if that doesn't happen, odds are pretty good that the stack will be scrambled, especially if there are different denominations mixed in.

6) At this point, your password is well and truly gone. No amount of rubber hose cryptography can bring it back.

7) The best part about this plan is you don't have to actually do it. Your password can be your dog's name, as long as you're willing to stick to your story - and it helps if you actually keep a stack of cash next to your computer - that you did steps 1-4.

Comment: I've said it before (Score 1) 560

Step 1: Acquire fifty one-dollar bills. If you're feeling especially rich, mix fives and tens in with them.

Step 2: Put them into a random order.

Step 3: Generate a password by taking the least significant two digits of each bill, in order, for a 100-digit number. Use this password to encrypt your data.

Step 4: Make sure that the bills never get out of order. Keep them in your desk drawer or another safe place.

Step 5: The cops raid your place. There is a decent chance that a small stack of cash would never make it into evidence, simply vanishing into an officer's pocket. Even if that doesn't happen, they'll catalog the money, sort it (here's where the fives and tens come in handy), and almost certainly get it out of order in the process.

Step 6: Your password is now gone. Unless the cops turned in the cash and kept it in order, it is impossible for you to tell them your password. If the bills make it into evidence, there are up to 50! (~200 bits) possible passwords. If not, there are 10^100 (~300 bits) possible passwords.

Step 7: Don't actually do steps 1-4. Just keep a small stack of cash next to your computer. Your actual password can be your cat's name. Just be willing to testify under oath that you did steps 1-4.

Comment: Mine does. Somewhat. (Score 1) 572

From looking at certification chains, I can see that my employer (a state government) MITMs Google (even though GMail is blocked), and probably other sites that I haven't noticed, but they do not MITM banks, at least not the two I visit occasionally from work. I haven't done much investigation beyond that.

+ - Snowden rebuts Feinsteins statement that NSA spying is not surveillance->

Submitted by SternisheFan
SternisheFan (2529412) writes "Note to Eds: Entire Ars Technica story pasted here, edit as you like...

by Cyrus Farivar — Oct 25 2013, 12:17am +0200
National Security
88
NSA leaks
US official handed over 35 foreign leaders’ phone numbers to NSA
Germany accuses US of spying on Chancellor Angela Merkel’s phone
France angered by new revelations of NSA surveillance
Snowden’s NSA post in Hawaii failed to install “anti-leak” software
The top 5 things we’ve learned about the NSA thanks to Edward Snowden
View all

Former National Security Agency contractor Edward Snowden went into a relatively long silent period after being charged with espionage and fleeing to Russia. But it seems that he is becoming more comfortable about speaking out. Today, new Snowden comments emerged in which he directly took on Sen. Diane Feinstein (D-CA), who last week defended the NSA spying programs in a controversial op-ed in USA Today.

“We've learned that the US intelligence community secretly built a system of pervasive surveillance,” Snowden wrote in the statement, published today by the American Civil Liberties Union.

“Today, no telephone in America makes a call without leaving a record with the NSA. Today, no Internet transaction enters or leaves America without passing through the NSA's hands. Our representatives in Congress tell us this is not surveillance. They're wrong.”

In her October 20 op-ed, Feinstein argued that the “call-records program is legal and subject to extensive congressional and judicial oversight,” adding that “[t]he Supreme Court has held this ‘metadata’ is not protected under the Fourth Amendment.”

Snowden called on his supporters to join the American Civil Liberties Union, the Electronic Frontier Foundation, and other groups who will be holding a rally called "Stop Watching Us" at Union Station in Washington, DC on Saturday, October 26, at 12:00pm local time."

Link to Original Source

It is much harder to find a job than to keep one.

Working...