mersenneforum.org

mersenneforum.org (https://www.mersenneforum.org/index.php)
-   Tales From the Crypt(o) (https://www.mersenneforum.org/forumdisplay.php?f=130)
-   -   'All Your Data ❝Я❞ Belong To Us' Thread (https://www.mersenneforum.org/showthread.php?t=20713)

xilman 2020-10-05 18:21

[QUOTE=kriesel;558962]Remember the clipper chip farce [url]https://en.wikipedia.org/wiki/Clipper_chip[/url]
An 80 bit key, ooh I feel SO secure. And key escrow entrusted to the same government that later developed FISA courts, and filed applications there based on known false information, while omitting valid exculpatory information.[/QUOTE]I remember it well.

I was one of the team who helped convert the MIT Press publication of the PGP source code into machine-readable format out here in the free world

Xyzzy 2020-11-03 13:59

[url]https://www.theregister.com/2020/11/02/application_level_gateway_flaw/[/url]

xilman 2020-11-03 18:16

[QUOTE=Xyzzy;562067][url]https://www.theregister.com/2020/11/02/application_level_gateway_flaw/[/url][/QUOTE]

Oh no, NAT again.

xilman 2020-11-03 18:30

[QUOTE=xilman;558973]I remember it well.

I was one of the team who helped convert the MIT Press publication of the PGP source code into machine-readable format out here in the free world[/QUOTE]I am unable to go into details because of a NDA I signed just over 10 years ago, but back then real-time (100mHz - 100Hz) 64-bit key search was within (relatively) easy reach of a (relatively) small commercial organization.

If one assumes Moore's law with a doubling period of 2 years, the ~1Hz capabilities of a similar organization is now 70-72 bits (assuming 5 bits from ML and another 1-3 from an organization willing to try somewhat harder). 80-bit search at 1mHz seems plausible to me for the likes of them.

People with real resources to hand, TLA's mostly, can undoubtedly do much better. They will not be able to read everything but they are very likely to be able to read everything of suffiicient interest.

Dr Sardonicus 2020-11-16 15:31

[url=https://apnews.com/article/europe-operating-systems-software-d4c3442e4f174d57bef3510cfb187e4e]Privacy activists in EU file complaints over iPhone tracking[/url][quote]BERLIN (AP) — European privacy activists have filed complaints against Apple over its use of software to track the behavior of iPhone users.

The Vienna-based group NOYB - short for "none of your business" - said Monday that it has asked data protection authorities in Germany and Spain to examine the legality of Apple's tracking codes.
<snip>
NOYB says the iOS operating system creates unique codes for each iPhone that allow Apple and other third parties to "identify users across applications and even connect online and mobile behaviour."

The group argues that this amounts to tracking without users' knowledge or consent, a practice that is banned under the European Union's electronic privacy rules.
<snip>
NOYB, founded by privacy activist and lawyer Max Schrems, has filed numerous cases against major tech companies including one against Facebook that recently led the European Union's top court to strike down an agreement that allows companies to transfer data to the United States over snooping concerns.[/quote]

Xyzzy 2020-11-16 16:02

[url]https://old.reddit.com/r/hardware/comments/jtyy6j/louis_rossmann_apple_watching_logging_every_app/[/url]

retina 2021-01-26 11:26

They are still trying to pretend that without targeting they will all die
 
[url]https://www.axios.com/google-privacy-friendly-substitute-cookies-test-05c2c28e-77f1-4921-9a99-1ef0c009b064.html[/url] [quote]Google on Monday said new test results show promising signs that the technology it's hoping will replace cookie-based ad targeting is working.[/quote]The problem isn't about finding a replacement for cookies. The problem is that they still continue to target. And the only way to do that is to monitor and analyse your behaviour.

I'm sure Google would love to eliminate cookies, because it is very easy for people to delete them. Naturally they still use ever-cookies to respawn the cookies but many people have discovered those also.

So now the browser will track you, and assign you a group profile, and tattle about your preferences to each and every website you visit. Thus giving better targeting, and no cookies required.

They aren't doing it to benefit you.

Uncwilly 2021-02-09 21:41

[QUOTE=chalsall;482458]For those who don't know about it, [URL="http://www.dpstele.com/scada/introduction-fundamentals-implementation.php"]SCADA[/URL] controls your world's infrastructure.

For those who do know about, be very afraid if any part of that network is connected to the Internet.[/QUOTE]
Yep!
[url=https://www.npr.org/2021/02/09/965791252/fbi-called-in-after-hacker-tries-to-poison-tampa-area-citys-water-with-lye]FBI Called In After Hacker Tries To Poison Tampa-Area City's Water With Lye[/url]

tServo 2021-02-18 16:38

Spy Pixels in email
 
I had no idea these things even existed.

[URL="https://www.bbc.com/news/technology-56071437"]https://www.bbc.com/news/technology-56071437[/URL]

retina 2021-02-18 16:45

[QUOTE=tServo;571917]I had no idea these things even existed.

[URL="https://www.bbc.com/news/technology-56071437"]https://www.bbc.com/news/technology-56071437[/URL][/QUOTE]Turn off, or disable, "view external content".

An even better solution is to disable HTML view completely, and always view in plain text.

Another thing to be aware of is "read receipts". Tell your email program not to send any.

If you use one of those online email services like Yahoo, or Gmail, etc., they often try to make it really hard to view plain text, and seem to have a hardon for HTML view. Write to them and complain.

LaurV 2021-02-19 04:08

Talking about that, a very old and known bug of Outlook is the fact that, by default, moving a message into deleted items folder, will enable the hyperlinks and the attachments. No joke, when you receive a junk email, it goes to junk folder, where, by default, all the links, html, etc, are disabled, and the attachments can not be accessed, so you look at it, conclude it is indeed junk, and delete it. As not all emails going to junk are junk, some quite important emails still go to your junk folder, especially if you have some "paranoid" settings (like "all emails from persons not in my contact list go to junk", which is actually quite common), it means that from time to time, as the schedule allows it, you have to look at the junk emails one by one, and if you decide it is junk, delete it. If it is important, move it to inbox, or your respective project folder, and possibly add a new rule to handle such emails in the future. By doing so, i.e. by using the "normal" deleting procedure** (like mouse click or press delete key), the email goes to deleted items folder, where al the links, attachments, etc., are, by default, [U]enabled[/U] :lol:. Moreover, if you have the confirmations on (on by default!), and the sender requests a reading confirmation, then a confirmation email may be sent to the sender when you do so (depends on other settings).

When getting tracing/external links or pictures/logos on external servers, or trojans, or similar carp in your email box, you have to be excessively careful not to click those links AFTER you deleted the junk, and/or always use "empty folder" instead of deleting them one by one. Always forbid confirmations too, they make no sense, and they can be used by spammers to check if the email address is valid. Tell your net admin to disable replies like "this address does not exist on this server" and just ignore emails with bad address. This may result in losing an important email now and then, if the sender made a typo in the address, or didn't use an address book (nowadays everybody uses one, and nobody type the addresses by hand, anyhow), but it will hush away many spammers which can exploit such "nicety" to find valid addresses in your organization, and spam the unlucky people. If you want to tell your customer you read his email, just reply to him. With some windoze/outlook settings, carp can open when you hover with the mouse, even if you DID delete it. One would need to change outlook settings from the default, to tighten the security of the deleted items folder.


------
**there is a way to delete the emails without moving them to deleted items folder, if you use a wipe or hold shift+delete, but that is not practical either, because sometimes when in hurry, you may delete important emails by mistake; the rubbish bin is a good invention, for a reason...


All times are UTC. The time now is 05:27.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.