[opensuse] Re: [opensuse-offtopic] Google now open for "deletion" requests
Per Jessen wrote:
Friday last week, after being ordered by the Court of Justice of the EU, Google opened a portal for deletion or take-down requests. During the first day, about 20.000 requests were received, peaking at to 20 per minute.
Security by obscurity?
In truth, ALL information security is security by obscurity. The whole point of 1024-bit passwords is that they are, by definition, more obscure than, say, 8-bit passwords. You can find an 8-bit password in less than a minute.... these days, probably less than a second. Car locks, likewise, are security by obscurity -- which of the hundreds of different key-profiles (hills and valleys) will set the pins in the correct position for the tumbler to turn? When I was a student at the U.S. Army Signal School, one thing stuck with me in a block on using cryptographic methods: ALL code-systems can be broken, given enough traffic to eavesdrop on, and enough time to decode them. The goal then, is to NOT use "an unbreakable code" because no such thing exists. They point is to use a code system which is sufficiently difficult to break, such that the encrypted information will no longer be useful by the time the opposing forces decrypt it. Do not use a code which is good for 24-hours (when used to encrypt small pieces of numerical data) to encrypt a long message which must remain secret for a year or more. Likewise, do not use a method which will provide security for decades to encrypt information which is of value for only a couple of hours (such as the map coordinates of where vehicles should meet for distribution of the next meal and beverages). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/03/2014 12:04 AM, Dirk Gently wrote:
In truth, ALL information security is security by obscurity.
The whole point of 1024-bit passwords is that they are, by definition, more obscure than, say, 8-bit passwords. You can find an 8-bit password in less than a minute.... these days, probably less than a second.
Car locks, likewise, are security by obscurity -- which of the hundreds of different key-profiles (hills and valleys) will set the pins in the correct position for the tumbler to turn?
That's not my understanding of security by obscurity. It means trying to hide something in something else. For example, some people think just using a different port number provides security.
When I was a student at the U.S. Army Signal School, one thing stuck with me in a block on using cryptographic methods: ALL code-systems can be broken, given enough traffic to eavesdrop on, and enough time to decode them. The goal then, is to NOT use "an unbreakable code" because no such thing exists. They point is to use a code system which is sufficiently difficult to break, such that the encrypted information will no longer be useful by the time the opposing forces decrypt it. Do not use a code which is good for 24-hours (when used to encrypt small pieces of numerical data) to encrypt a long message which must remain secret for a year or more. Likewise, do not use a method which will provide security for decades to encrypt information which is of value for only a couple of hours (such as the map coordinates of where vehicles should meet for distribution of the next meal and beverages).
One thing public key encryption uses is a new key for every encryption, with only the public private key remaining the same. They are used to protect the random number key that actually encrypts the data, so that it's similar to using a one time pad, which is unbreakable. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
On 06/03/2014 12:04 AM, Dirk Gently wrote:
In truth, ALL information security is security by obscurity.
The whole point of 1024-bit passwords is that they are, by definition, more obscure than, say, 8-bit passwords. You can find an 8-bit password in less than a minute.... these days, probably less than a second.
Car locks, likewise, are security by obscurity -- which of the hundreds of different key-profiles (hills and valleys) will set the pins in the correct position for the tumbler to turn?
That's not my understanding of security by obscurity. It means trying to hide something in something else. For example, some people think just using a different port number provides security.
When I was a student at the U.S. Army Signal School, one thing stuck with me in a block on using cryptographic methods: ALL code-systems can be broken, given enough traffic to eavesdrop on, and enough time to decode them. The goal then, is to NOT use "an unbreakable code" because no such thing exists. They point is to use a code system which is sufficiently difficult to break, such that the encrypted information will no longer be useful by the time the opposing forces decrypt it. Do not use a code which is good for 24-hours (when used to encrypt small pieces of numerical data) to encrypt a long message which must remain secret for a year or more. Likewise, do not use a method which will provide security for decades to encrypt information which is of value for only a couple of hours (such as the map coordinates of where vehicles should meet for distribution of the next meal and beverages).
One thing public key encryption uses is a new key for every encryption, with only the public private key remaining the same. They are used to protect the random number key that actually encrypts the data, so that it's similar to using a one time pad, which is unbreakable.
One-time pads are similar, but different. You could use something as simple as a Caesar Cipher and it would be absolutely secure with a 1-time pad as long as the one-time pad is never captured. [With a one-time pad, each character has a new key, and there is no way of knowing if you have successfully decrypted your adversaries messages encrypted with a one-time pad... because ANY message of equal length is equally valid]. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Dirk Gently
-
James Knott