Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re:3des (Score 1) 213

by hargrand (#45803025) Attached to: Encrypted PIN Data Taken In Target Breach

From the first article linked:

The PIN information is encrypted within Target’s systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the “key” necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident.

Comment: Re:Can encyption experts chime in? (Score 3, Insightful) 213

by hargrand (#45801997) Attached to: Encrypted PIN Data Taken In Target Breach

You're assuming the PIN was in any way related to the 3DES key. That's almost certainly not the case. More likely, Target requests a transaction key from the bank which is then used to encrypt the PIN and sent the encrypted PIN to the bank. The bank then decrypts the PIN using the 3DES key and verifies the PIN.

They probably should switch to RSA or some other public key algorithm. With 3DES, both parties need to share the key. With RSA, there is a public key and a matched private key. If the public key is compromised, it's no big deal. Since the bank retains the private key and doesn't share it, it's at least theoretically more secure for this kind of transaction.

Comment: Re:Most of this will be about internal politics (Score 1) 519

I think you'll find the Japanese consider China's intent to wrest control of the Senkakus from Japan's administrative control as an aggressive act... or do you consider Japan to be "on the other side of the planet" from China? The U.S. considers it aggressive (to the extent the Obama administration has a coherent foreign policy which can be differentiated from abject appeasement at least) because it has important strategic allies in the area, namely Japan, South Korea, Taiwan, the Philippines and other Southeast Asian nations. In economic terms China is also an important trading partner to the U.S., and anything which destabilizes the area, or interferes with the flow of trade will impact this partnership to the detriment of both. And lastly, the U.S. has a possession in the area (i.e. Guam), not to mention its treaty obligations to assist the Japanese from outside threats.

Failure to recognize these and to take them into account, while may be good from a "rose colored glasses" perspective, is nonetheless both naive and ignorant.

Comment: Re:Most of this will be about internal politics (Score 4, Informative) 519

It's more than purely symbolic. There are extensive undeveloped natural resources in the area which the Chinese would like to control. The islands also lie at a strategic location between the Pacific and the East China Sea, and just north of Taiwan. If the Japanese, Americans and Taiwanese do nothing to abate this, the Chinese will be emboldened to act more aggressively in the area.

+ - Anonymous Hacks Federal Sentencing Commission website -- Posts Video-> 2

Submitted by
anagama
anagama writes ""This time there will be change, or there will be chaos." In response to the disproportionate prosecution of Swartz, Anonymous hacked the US. Sentencing Commission website and posted a video. One interesting thing discussed in the video, is an encrypted file that it is hoped will spread far and wide (mirror list — appears to be files related to Supreme Court Justices), the key for which would be released if reforms are not enacted. As for the statement itself, the text is available in the ZDNet article and mirror list linked above, and includes this clearly self-aware statement: "We [who] make this statement do not expect to be negotiated with; we do not desire to be negotiated with. We understand that due to the actions we take we exclude ourselves from the system within which solutions are found. There are others who serve that purpose, people far more respectable than us, people whose voices emerge from the light, and not the shadows. These voices are already making clear the reforms that have been necessary for some time, and are outright required now.""
Link to Original Source

+ - Operation Last Resort-Anonymous takes revenge for Swartz->

Submitted by
emil
emil writes "Late evening Friday, January 25, U.S. Sentencing Commission website (http://www.ussc.gov) was hacked and encryped government files distributed by Anonymous, which threatens to release decryption passwords should the government not comply with demands for legal reforms. Anonymous cited the recent suicide of hacktivist Aaron Swartz as a "line that has been crossed" in the retaliatory defacement. Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court judges. At a regular interval commencing today, Anonymous will choose one media outlet and supply them with heavily redacted partial contents. Anonymous called the launch of it new campaign a "warhead."

http://www.youtube.com/watch?feature=player_embedded&v=WaPni5O2YyI#!"

Link to Original Source
Crime

+ - Anonymous Warhead Targets US Sentencing Commission

Submitted by theodp
theodp (442580) writes "Late Friday, Violet Blue reports, the U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in 'Operation Last Resort.' The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced ussc.gov website Anonymous cited the recent suicide of Aaron Swartz as 'a line that has been crossed.' Calling the launch of its new campaign a "warhead," Anonymous vowed, 'This time there will be change, or there will be chaos.'"

A method of solution is perfect if we can forsee from the start, and even prove, that following that method we shall attain our aim. -- Leibnitz

Working...