Overclock.net › Forums › Industry News › Technology and Science News › [CNET] Apple's iMessage encryption trips up feds' surveillance
New Posts  All Forums:Forum Nav:

[CNET] Apple's iMessage encryption trips up feds' surveillance - Page 6

post #51 of 122
Quote:
Originally Posted by j3st3r View Post

Ugh are you seriously comparing breaking encryption to quantum tunneling? Is this dude serious right now?

You need to read more. Your post is nothing short of blatant misinformation. You can start here: http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/
Lol...

http://www.nbcnews.com/technology/technolog/hacked-sites-spread-malware-android-smartphones-753458

Android app security holes have long been a concern because of the mobile operating system's more open architecture and the app market's less stringent standards for developers than others such as Apple's iOS or Research In Motion's BlackBerry OS.

It may not have worked in the latest examples, with 17 "bad mobile apps," and 700,000 downloads of those apps, as of May 3, Trend Micro said.

http://articles.washingtonpost.com/2013-03-08/business/37554452_1_android-phones-malware-malicious-apps

Nearly 80 percent of all mobile malware found in 2012 was written for phones running Google’s mobile Android operating system, according to a report from security firm F-Secure.

Android is the world’s most popular smartphone platform — with nearly 70 percent of the market, according to numbers posted in January by Strategy Analytics.

False sense of security, much? I work for IT security. I'm pretty sure I consider myself an authority of what is considered secure and not secure. Android platform is anything but secure. Especially when noob users go randomly download packages from 'developers' around the internet. Almost none of you actually go through the code nor have access to it. Lets stop pretending you guys are more 'leet' than Apple users. Following tutorials on XDA is not 'leet'.


It's funny to see Android users have such a false sense of security because their OS is open source. Apples to oranges.


The analogy of quantum tunneling to encryption was stated.... probably but not feasible. With current or near-future technology, how much resources would it take to break 128-bit AES?
Quote:
If you assume:
•Every person on the planet owns 10 computers.
•There are 7 billion people on the planet.
•Each of these computers can test 1 billion key combinations per second.
•On average, you can crack the key after testing 50% of the possibilities.
Then the earth's population can crack one encryption key in 77,000,000,000,000,000,000,000,000 years!
A HD7850 can do around 10K keys/second today....

I am aware of the NSA datacenter being built. However, we are talking about standard ciphers here.... well-vetted ones and global standards for a reason. Unless the NSA has found a flaw in the cipher and didn't publish, they don't have the horsepower to brute-force everything in reasonable time.

IT Security huh? DId you reach your position through certs or comp sci path? How do you KNOW iOS is more secure? You should know that "security through obfuscation" is not reliable. Apple has had security slip-ups before as well. The nature of Open Source is that anyone can examine it.... as an IT security, you should realize the power in that fact.

Again, you are talking about Android applications... and not about the OS itself!
Edited by DuckieHo - 4/4/13 at 9:06pm
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #52 of 122
WHAT IF...

if this is just some PR stun in order to ppl think " oh wow iMsg rules, not even the DEA can decript it !!! im gona use it for everything and dont hold back"

then... BAM !!! you got owned


ninja.gifthinking.gif
post #53 of 122
Quote:
Originally Posted by Huguito View Post

WHAT IF...

if this is just some PR stun in order to ppl think " oh wow iMsg rules, not even the DEA can decript it !!! im gona use it for everything and dont hold back"

then... BAM !!! you got owned


ninja.gifthinking.gif

Well... the government cannot decrypt basically anything that uses standard encryptions. They have been talking about it for years... it's called "going dark" and the government is pushing for backdoors. (Which is an absolutely terrible idea for technical reasons alone.)
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #54 of 122
Thread Starter 
Quote:
Originally Posted by DuckieHo View Post

The analogy of quantum tunneling to encryption was stated.... probably but not feasible. With current or near-future technology, how much resources would it take to break 128-bit AES?

A HD7850 can do around 10K keys/second today....

I am aware of the NSA datacenter being built. However, we are talking about standard ciphers here.... well-vetted ones and global standards for a reason. Unless the NSA has found a flaw in the cipher and didn't publish, they don't have the horsepower to brute-force everything in reasonable time.

IT Security huh? DId you reach your position through certs or comp sci path? How do you KNOW iOS is more secure? You should know that "security through obfuscation" is not reliable. Apple has had security slip-ups before as well. The nature of Open Source is that anyone can examine it.... as an IT security, you should realize the power in that fact.

Again, you are talking about Android applications... and not about the OS itself!



http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/4/

There is still one technology preventing untrammeled government access to private digital data: strong encryption. Anyone—from terrorists and weapons dealers to corporations, financial institutions, and ordinary email senders—can use it to seal their messages, plans, photos, and documents in hardened data shells. For years, one of the hardest shells has been the Advanced Encryption Standard, one of several algorithms used by much of the world to encrypt data. Available in three different strengths—128 bits, 192 bits, and 256 bits—it’s incorporated in most commercial email programs and web browsers and is considered so strong that the NSA has even approved its use for top-secret US government communications. Most experts say that a so-called brute-force computer attack on the algorithm—trying one combination after another to unlock the encryption—would likely take longer than the age of the universe. For a 128-bit cipher, the number of trial-and-error attempts would be 340 undecillion (1036).

Breaking into those complex mathematical shells like the AES is one of the key reasons for the construction going on in Bluffdale. That kind of cryptanalysis requires two major ingredients: super-fast computers to conduct brute-force attacks on encrypted messages and a massive number of those messages for the computers to analyze. The more messages from a given target, the more likely it is for the computers to detect telltale patterns, and Bluffdale will be able to hold a great many messages. “We questioned it one time,” says another source, a senior intelligence manager who was also involved with the planning. “Why were we building this NSA facility? And, boy, they rolled out all the old guys—the crypto guys.” According to the official, these experts told then-director of national intelligence Dennis Blair, “You’ve got to build this thing because we just don’t have the capability of doing the code-breaking.” It was a candid admission. In the long war between the code breakers and the code makers—the tens of thousands of cryptographers in the worldwide computer security industry—the code breakers were admitting defeat.

This is some next level encryption breaking going on. They are combining new private ways of breaking encryption combined with billion dollar hardware. It can be done. Your "quantum argument is the general public analysis of encryption. You don't spend billions of dollars if you don't think its feasible.
post #55 of 122
Cleaned and reopened. Could we not have such hostility in this thread? Name calling won't be tolerated on this site.


Quote:
Originally Posted by aroc91 View Post

Quote:
Originally Posted by Pheatton View Post

Give them time, they will find a way to break the encryption eventually. Besides the DEA, FBI or CIA aren't the organizations that would be working to break the encryption anyway, that job would fall the the NSA and the they are VERY good at this sort of thing.

Key word is eventually. How long has Truecrypt been around without being cracked yet?

Actually, trucrypt was sort of cracked last year

http://www.informationweek.com/security/encryption/forensic-tool-cracks-bitlocker-pgp-truec/240145127
post #56 of 122
This is one of the only things i like about Apple, other being their Displays.
Vaporizer
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 5 1600X Gigabyte AB350N-Gaming WiFi Sapphire RX Vega 64 G.Skill Flare X 3200MHz CL14 
Hard DriveHard DriveCoolingOS
Seagate 1TB 2.5" HDD ST1000DM035 Samsung 960 Evo 250GB Noctua NH-D9L Windows 10 Pro 
MonitorKeyboardPowerCase
Dell U2515H K70 Lux Cherry Brown Corsair SF600 NCASE M1 V5 Silver 
Mouse
Steelseries Kana V2 
  hide details  
Reply
Vaporizer
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 5 1600X Gigabyte AB350N-Gaming WiFi Sapphire RX Vega 64 G.Skill Flare X 3200MHz CL14 
Hard DriveHard DriveCoolingOS
Seagate 1TB 2.5" HDD ST1000DM035 Samsung 960 Evo 250GB Noctua NH-D9L Windows 10 Pro 
MonitorKeyboardPowerCase
Dell U2515H K70 Lux Cherry Brown Corsair SF600 NCASE M1 V5 Silver 
Mouse
Steelseries Kana V2 
  hide details  
Reply
post #57 of 122
isn't BBM the same way?
thus was tons of business people use them.
post #58 of 122
Quote:
Originally Posted by LuminatX View Post

isn't BBM the same way?
thus was tons of business people use them.

it is pretty similar actually i think. they both avoid going through the carriers systems
post #59 of 122
Late to the game. Hundreds of encrypted messaging services that are currently improbable to crack.
    
CPUMotherboardGraphicsRAM
Intel Core i7 3930K Gigabyte GA-X79-UP4 PNY Quadro K5000  16GB Kingston HyperX DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
WD Velociraptor 1TB Samsung 840 Pro 128GB (AD Inventor on it) Samsung DVD/CD burner/reader, pretty basic Custom WC 
OSMonitorKeyboardPower
Windows 7 Ultimate x64 Dell UltraSharp U3011 30" 2560*1600 Razer BlackWidow mech. keyboard Antec EA650 platinum series 
CaseMouseMouse PadAudio
Lian Li PC-7B Razer Abyssus mah desk Asus Xonar Essence STX 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i7 3930K Gigabyte GA-X79-UP4 PNY Quadro K5000  16GB Kingston HyperX DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
WD Velociraptor 1TB Samsung 840 Pro 128GB (AD Inventor on it) Samsung DVD/CD burner/reader, pretty basic Custom WC 
OSMonitorKeyboardPower
Windows 7 Ultimate x64 Dell UltraSharp U3011 30" 2560*1600 Razer BlackWidow mech. keyboard Antec EA650 platinum series 
CaseMouseMouse PadAudio
Lian Li PC-7B Razer Abyssus mah desk Asus Xonar Essence STX 
  hide details  
Reply
post #60 of 122
Quote:
Originally Posted by downloads_plz View Post

I assume this would be a good thing if I sold drugs or did drugs. But I don't, and this seems like all it will do is impede efforts to catch people that do, so I'm not seeing the plus side.

I'll trade a few more "criminals" getting away for the added security..

Quote:
Originally Posted by poizone View Post

I may be late on quoting this, but what a load of bull. I had my bike locked up with three kryptonite new yorks (two u-locks on the wheels and frame, and a chain on the frame), and it got jacked. The difference between my bike and the one next to it? Mine was worth about $1550 more. The lesson: Live in a dorm where you can bring your bike to the room.

On the topic of algorithms, let's just hash the messages and require the other user to brute force them!

I dunno if you go to Ohio State but when I did I took my bike to my dorm when I lived in the towers. It wasn't allowed but I told the floor mom that I wasn't going to risk the bike being stolen, and if there was a real issue she was free to call whomever and we'd plead our case to them. I moved out after 2 years and nothing ever became me bringing my bike in..

On a related note a $200 SS is all I'd ever bring to campus if I had to do over again.
 
DD Portable
(12 items)
 
 
CPUMotherboardGraphicsRAM
i5 5675C Gigabyte GA-Z97X Gaming 5 XFX RX 480 GTR 32GB Corsair Vengeance 1600 
Hard DriveHard DriveHard DriveCooling
Samsung 840 Evo Western Digital Black RE4 2TB Western Digital Green 2TB bequiet! Silent Wings 2 140mm PWM 
CoolingCoolingCoolingOS
bequiet! Silent Wings 2 140mm PWM bequiet! Shadow Wings SW1 120mm PWM bequiet! Dark Rock Pro 3 Arch X64 / Gnome and OSX 10.11 
MonitorKeyboardPowerCase
Samsung 590D 4K KBC Poker II be quiet! Straight Power 10 400W bequiet! Silent Base 800 
MouseAudioAudio
Speedlink Omni VI  Sound Blaster Z  Bose Companion 2  
CPUMotherboardGraphicsRAM
i5 3427U The Googs HD4000 4GB DDR3 
Hard DriveOSMonitorKeyboard
32GB Flash / 128GB SanDisk Extreme SD card ChromeOS / Ubuntu 14.04 12" 2560x1700 bad 
PowerCaseMouseAudio
not much  Aluminium  Trackpad it makes noise I think  
  hide details  
Reply
 
DD Portable
(12 items)
 
 
CPUMotherboardGraphicsRAM
i5 5675C Gigabyte GA-Z97X Gaming 5 XFX RX 480 GTR 32GB Corsair Vengeance 1600 
Hard DriveHard DriveHard DriveCooling
Samsung 840 Evo Western Digital Black RE4 2TB Western Digital Green 2TB bequiet! Silent Wings 2 140mm PWM 
CoolingCoolingCoolingOS
bequiet! Silent Wings 2 140mm PWM bequiet! Shadow Wings SW1 120mm PWM bequiet! Dark Rock Pro 3 Arch X64 / Gnome and OSX 10.11 
MonitorKeyboardPowerCase
Samsung 590D 4K KBC Poker II be quiet! Straight Power 10 400W bequiet! Silent Base 800 
MouseAudioAudio
Speedlink Omni VI  Sound Blaster Z  Bose Companion 2  
CPUMotherboardGraphicsRAM
i5 3427U The Googs HD4000 4GB DDR3 
Hard DriveOSMonitorKeyboard
32GB Flash / 128GB SanDisk Extreme SD card ChromeOS / Ubuntu 14.04 12" 2560x1700 bad 
PowerCaseMouseAudio
not much  Aluminium  Trackpad it makes noise I think  
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [CNET] Apple's iMessage encryption trips up feds' surveillance