Forgot your password?
typodupeerror

Comment: Re:Commodore Amiga 3000T (Score 1) 673

by WaywardGeek (#46791491) Attached to: Ask Slashdot: What Tech Products Were Built To Last?

I solved my cellphone battery life problem with a Moto-X from Republic Wireless. Republic still has a few growing pains to get past, but for big geeks who don't mind putting their phone in airplane mode and enabling wifi once or twice a day, it's amazing. In that mode, I go for days without having to charge it, though my phone is only a few feet from the wireless router most of the time. For $25/month for "unlimited" Sprint 3G everything but tethering, it's hard to beat.

Comment: Re:Ukraine's borders were changed by use of force (Score 1) 303

by etash (#46779597) Attached to: Is Crimea In Russia? Internet Companies Have Different Answers
australia, 1901, which incidentally is about 130 years after the US. comparing the britain of 1770 with that of 1900 is comparing apples to oranges. Plus australia is not totally independent, having the queen still as head of state and the british flag as part of its own.

Comment: Re:To Crypt or Not To Crypt (Score 1) 171

by WaywardGeek (#46757167) Attached to: First Phase of TrueCrypt Audit Turns Up No Backdoors

I'm always amazed at how hard something as simple as password hashing can be. Yes, it's the user's fault for reusing passwords, but we should try and protect him anyway, because it's very common. Part of the job of the computer security industry is protecting stupid people. Improving this is situation one reason for the Password Hashing Competition.

You are right that password strengthening before encryption is a different problem from user authentication, but the solutions tend to be the same. You can use Bcrypt or Scrypt for strengthening a password hash on an authentication server just like you can while deriving a volume decryption key. The main difference seems to be that a common server may not have a significant fraction of a second to spend on authenticating a user/password combo. TC has some additional constraints, like the volume needs to appear as random data, making it harder to embed various encryption parameters, such as which key stretching algorithm is in use. To an attacker, he doesn't care whether the password/salt is protecting a login account or an encrypted volume. To him, it's just so many rounds of PBKDF2 (or whatever), and then a quick check to see if he got the right answer, and do as many in parallel as possible. Salt is used either way to defeat rainbow tables, so instead attackers use GPU farms to do massively parallel brute force guessing, where each guess is user/salt specific.

However, the two cases I've mentioned are both encryption: TC encrypted volumes, and OpenSSh id_rsa private keys. We could argue about how much effort a server should put into protecting it's user's passwords, but both TC and OpenSSh do *nothing* more than a typical server, devoting only a millisecond to key stretching. That's just lame.

Comment: Re:To Crypt or Not To Crypt (Score 1) 171

by WaywardGeek (#46756787) Attached to: First Phase of TrueCrypt Audit Turns Up No Backdoors

I just added a keyfile as you suggested. I put it on a couple of USB keys, so I have a backup, and now in theory my encrypted volume can't be mounted without having the physical key. That should greatly increase my passphrase protection, as well as the volume contents (basically a list of all my various user/password credentials at various sites). I'm still running TC in Windows, and several times I've answered "yes" to let various programs make changes to my hard disk, and my machine probably comes with back-doors from both Lenovo and Microsoft and maybe even Intel. I don't trust our company's closed-source VPN provider, either. So, I still don't feel secure, but at least it's an improvement. Thanks for the tip.

Comment: Re:To Crypt or Not To Crypt (Score 2) 171

by WaywardGeek (#46756435) Attached to: First Phase of TrueCrypt Audit Turns Up No Backdoors

I don't do this for a living, but I'm not totally ignorant about this topic. TrueCrypt does a poor job strengthening passwords. TC's users would be far better protected if TC ran something even as lame as PBKDF2 for a full second, with rounds somewhere in the 100's of thousands or millions. Not only does TC do a poor job protecting my data, but when an attacker does manage to guess a user's low-entropy password, he can then try that password all over the place to see where else the user has used it. This is why I say that the user's password is at risk due to TC, not just the data TC encrypts.

To give TC some credit, OpenSSL has the same lame password strengthening as TC, putting id_rsa passphrases at risk, in addition to the user's private key. So, there seems to be plenty of lameness to go around. I hear that a Bcrypt option is in the bleeding edge version of OpenSSL. I which they'd push out that patch along with the Heartbleed fix.

Comment: Re:Ukraine's borders were changed by use of force (Score 1) 303

by etash (#46755981) Attached to: Is Crimea In Russia? Internet Companies Have Different Answers
Is this the first time in your life that you see a not 100% correct by the international standards change of regimes/borders (Kosovo comes to mind)? On the other hand I do like your Kuril argument. Let's extend it a bit more: "Finally, would the British Empire accept a referendum by residents of it's colonies in the new world, for example, on breaking away from motherland and becoming independent?" Those sorts of things are not achieved by throwing roses at your enemies.

Comment: Re:To Crypt or Not To Crypt (Score 2) 171

by WaywardGeek (#46752449) Attached to: First Phase of TrueCrypt Audit Turns Up No Backdoors

I use TrueCrypt. Not that it likely matters given all the other back-doors on my Lenovo Wintel laptop, but I use a passphrase from Hell, and I suspect even the NSA's biggest cracker would have trouble with it.

Other than the backdoors in various places on this toxic waste dump of security, the biggest security threat to my passphrase from Hell is TrueCrypt itself. TrueCrypt by default does 100% useless password strengthening (key stretching or whatever it's called). It's strongest mode, which you have to select manually, is 2000 rounds of SHA-256. I can buy SHA256 boxes that do 1 Giga-hash/second per $10. Figure a government has a few million at least for such boxes, and go compute how strong your password needs to be, and it isn't pretty.

I use my password and TrueCrypt to protect my data. Why didn't it occur to the TrueCrypt authors to protect my password? I mean, Bcrypt at least, come on...

Comment: Re:not developed by a responsible team? (Score 1) 301

by WaywardGeek (#46714683) Attached to: Theo De Raadt's Small Rant On OpenSSL

Sometimes the individuals involved can be responsible while the team acts irresponsibly. For example, why is my passphrase of my id_rsa key protected by only one round of hashing with no option for increased rounds? I hear there are good things coming, like being able to use bcrypt, but this is a scandal. Only a security ignorant fool would want his passphrase attached to an id_rsa key with no password stretching at all. So... how many fools do we have out there? I surely hope you weren't counting on your passphrase being secure just because the OpenSSL team was involved.

Comment: the question is not valid because (Score 1) 393

by etash (#46677615) Attached to: Why Are We Made of Matter?
we don't know we are made of matter. What if what we call matter is in fact anti-matter ? Or to put it differently, if the universe was made of "antimatter" wouldn't we think we were made of matter and the definition of antimatter (positron etc.) would be the opposite of what's now? Isn't it just a matter (no pun intended) of definition ?

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis

Working...