Re: [vox-tech] ssh/telnet security question

Subject: Re: [vox-tech] ssh/telnet security question
From: Jan Wynholds <jcwynhMAPSolds@yahoo.com>
Date: Wed, 07 Feb 2001 11:54:58 -0800

--- Micah Cowan <micah@cowanbox.com> wrote:
> On Tue, Feb 06, 2001 at 09:15:12PM -0800, Peter Jay
> Salzman wrote:
> > > Does > it decrypt SSH/SSL packets or sniff
> packets from
> > > behind a firewall?
> > 
> > this is the NSA we're talking about.  the great
> puzzle palace.  the same
> > people who helped bring you operation mkultra
> (mind control), haarp
> > (weather/atmosphere control) and tempest
> technology (eavesdropping on a
> > monitor by listening to the RF waves emitted by
> the CRT tube).
> > 
> 
> Note that mkultra and haarp are not so successful
> that they have
> achieved a high degree of control in either case.

I guess the mount /dev/brain -t gray matter joke going
around was closer to the truth than I ever thought.

> 
> The NSA has no capability to decrypt carefully
> encrypted packets with
> a sufficiently large key (I usually use 1024-bit
> keys, which is
> plenty.  Use a  2048-bit key, and you rock).  Even
> if the whole world
> were to gang up just to decrypt one such key, the
> computing power does
> not exist to do this within several hundred-thousand
> lifetimes.

Estimating the kind of computing power the NSA has
access to is IMHO, moot.  Granted, decrypting a 2048
bit key would take a _very_ long time using current
technology.  My persoal belief is something wildly
advanced fell from the sky, and the government
recovered it, and never bothered to tell anyone
(except defense contractors hired to reverse engineer
the stuff).  So, really, who knows what kind of
calculation power that 'they' have.

> 
> That said, the key phrase is "carefully encrypted" -
> any poor
> encryption practices that are used work against you,
> and the NSA can
> readily exploit a variety of flaws.  The biggest
> flaw that comes to
> mind is an unsufficiently random pseudorandom-number
> generator.  This
> is why the truly paranoid will use the natural
> entropy around them to
> feed the generation, in an attempt to create truly
> random numbers.
> 
> Of course, the capability of listening to your
> monitor is something
> they /can/ do, which will render all of this moot. 
> They won't usually
> resort to that, however, as it is far easier to
> detect keystrokes.

Is there anything that will block/shadow/interfere
with the signals?  Should I throw a faraday cage
around my desk?  

> 
> Micah

Whew, and I thought that I was paranoid before I knew
all this.  Thanks for all the helpful info to spread
around :)...

-Jan

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

Prev by Date: Re: [vox-tech] ssh/telnet security question
Next by Date: Re: [vox-tech] ssh/telnet (Apple app to scp?)
Previous by thread: Re: [vox-tech] ssh/telnet security question
Next by thread: Re: [vox-tech] ssh/telnet (Apple app to scp?)
Index(es):
- Date
- Thread

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
1105 Kennedy Place, Suite 1, Davis, CA 95616
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Richard Mancusi
For a generous donation to allow us to continue meeting at the Davis Library.