Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [Wired] It’s Time to Encrypt the Entire Internet
New Posts  All Forums:Forum Nav:

[Wired] It’s Time to Encrypt the Entire Internet - Page 5

post #41 of 52
Quote:
Originally Posted by DuckieHo View Post

On the other hand, one standard means things just work.....

Note, most of world already uses a handful of encryption and hashing standards/implementations already.
Well yes, and quite a few of them have had interesting issues lately. I'd argue we need more types of encryption, both in protocol and in encryption style.

I know it will never happen, but I still think it is what we desperately need.
Old and busted
(11 items)
 
New Hotness
(13 items)
 
 
CPUMotherboardGraphicsRAM
AMD Phenom II X2 555 870A Fuzion (MS-7660) MSI NX8800GTS 640 OC Mushkin  
RAMCoolingOSMonitor
Mushkin  Zalman CNPS10X Performa Windows 8 64 bit Dell 2208 WFP 1680*1050 
KeyboardPowerCase
Microsoft RT2300 Silverstone ST60EF 600W Antec 900 
CPUMotherboardGraphicsRAM
3570k ASRock Z77 Pro3 LGA 1155 MSI 7870 Twin Frozr OC Samsung DDR3 
Hard DriveOptical DriveCoolingOS
Samsung 840 SSD POS Lightscribe DVD burner Zalman CNPS10x Performa, dual fans. Windows 8 Pro 64 Bit 
MonitorKeyboardPowerCase
ASUS 248qe Microsoft RT2300 Silverstone ST60EF 600W Antec 900 
Mouse
Generic USB mouse 
  hide details  
Reply
Old and busted
(11 items)
 
New Hotness
(13 items)
 
 
CPUMotherboardGraphicsRAM
AMD Phenom II X2 555 870A Fuzion (MS-7660) MSI NX8800GTS 640 OC Mushkin  
RAMCoolingOSMonitor
Mushkin  Zalman CNPS10X Performa Windows 8 64 bit Dell 2208 WFP 1680*1050 
KeyboardPowerCase
Microsoft RT2300 Silverstone ST60EF 600W Antec 900 
CPUMotherboardGraphicsRAM
3570k ASRock Z77 Pro3 LGA 1155 MSI 7870 Twin Frozr OC Samsung DDR3 
Hard DriveOptical DriveCoolingOS
Samsung 840 SSD POS Lightscribe DVD burner Zalman CNPS10x Performa, dual fans. Windows 8 Pro 64 Bit 
MonitorKeyboardPowerCase
ASUS 248qe Microsoft RT2300 Silverstone ST60EF 600W Antec 900 
Mouse
Generic USB mouse 
  hide details  
Reply
post #42 of 52
It's time for Wired to stop pretending it is relevant. They were always the good-looking but came-late news bearers. In this case they tell us something the internet was buzzing about 2003 or earlier.

They got to bite the bullet and realize they'd be perfect for a fashion magazine selling clothes and watches.
PC
(9 items)
 
  
CPUMotherboardGraphicsRAM
4790K 4.6G 1.24v/1.74v, 5.1G 1.35v validation. GA-Z97X-Gaming 7 Tri-X R9 290 1100/1350 +0.012v G.Skill 2400 c10 
CoolingMonitorPowerCase
Noctua NH-D15 24EA53 IPS 76Hz OC EVGA 1000 G2 Phanteks Enthoo Pro 
Audio
SoundMagic E10 
  hide details  
Reply
PC
(9 items)
 
  
CPUMotherboardGraphicsRAM
4790K 4.6G 1.24v/1.74v, 5.1G 1.35v validation. GA-Z97X-Gaming 7 Tri-X R9 290 1100/1350 +0.012v G.Skill 2400 c10 
CoolingMonitorPowerCase
Noctua NH-D15 24EA53 IPS 76Hz OC EVGA 1000 G2 Phanteks Enthoo Pro 
Audio
SoundMagic E10 
  hide details  
Reply
post #43 of 52
I'm surprised IPv6 and IPSec haven't been mentioned this entire thread. There's your internet encryption.
Quote:
Originally Posted by PappaSmurfsHarem View Post

They are designed to do this, but when all traffic is required to be encrypted/decrypted 100% of the time that's going to be alot of load on the devices.

It's not that bad, especially for algorithms like AES that have been designed to be able to work efficiently on hardware and software.
post #44 of 52
Quote:
Originally Posted by Chakravant View Post

Well yes, and quite a few of them have had interesting issues lately. I'd argue we need more types of encryption, both in protocol and in encryption style.

I know it will never happen, but I still think it is what we desperately need.
No, we don't desperately need more encryption..... we need more audits.

The NIST and other organizations are aware of fostering encryption algorithms that utilize different approaches. During the selection of new standards, this is actually a stated criteria. This is one reason that elliptic curve cryptography (ECC) was approved a few years ago.
Quote:
Originally Posted by The Hundred Gunner View Post

I'm surprised IPv6 and IPSec haven't been mentioned this entire thread. There's your internet encryption.
It's not that bad, especially for algorithms like AES that have been designed to be able to work efficiently on hardware and software.
In fact, most modern CPUs have dedicated hardware to off-load AES.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #45 of 52
Yeah, but we shouldn't be using performance ciphers because they're easier to crack. The whole point of cryptography isn't that things are impossible to decrypt, but that it takes so long to decrypt that the probability of forcefully decrypting a hash within a reasonable time frame is extremely low. If we use ciphers that have are not computationally expensive then it's equally cheap for attackers to crack - and then you have to ask yourself if you're actually gaining any additional security or if you're just wearing the emperors new clothes
post #46 of 52
Quote:
Originally Posted by SectorNine50 View Post

Ah-ha, clever. So the username/password hash is passed to the server, and is presumably compared in memory without decrypting. After that's verified, encrypted data is passed back, and the client decrypts using the password.

...I like it. It makes the target way less centralized. LastPass should be the model for many secure websites.

isnt that part of what a Pair wise master key is.


Also the way see it having recently been lumped with a family members iPad with a dodgy certificate issue is that unless the encryption has almost no user involvement its going to get messy or be useless if certificates expire and or cant be validated and people just click to accept any. To know what,where and how to manually download and add certificates and verify even over a two year life span is going to brick a lot of devices if the user even has a whiff of control over that process (which thankfully at the moment they don't)

Security is a rabbit hole. Trust me, I have been in positions where I knew what was right but the practical realities of life made it almost impossible to maintain sensibly across the board and one slip up by a user mitigates everything.

what we are talking about in the context of this thread though is tunnelling everything to secure endpoints. So why not just run VPN's or something new and even more robust? Even basic home routers can usually do 5 - 10 hardware VPN sessions not to mention peoples home computers could sustain one (because windows is an arse about multiple software VPN tunnels)

The bonus with this is VPN's are not prone to traditional traffic shaping and could break out of local networks in order to give higher video playback on sites such as youtube.

The problem is .. would ISP's want everyone on an silent tunnel with no traffic shaping ability ?
Edited by Pip Boy - 4/22/14 at 4:23am
post #47 of 52
i wouldn't even know how to start biggrin.gif

But as far as internet go and security - i don't use anything that I would be scared of loosing or finding .

If you use internet banking then having 2 accounts is better, 1 for internet purchasing with limited funds at anytime.
post #48 of 52
Locking everything up is useless when security agencies who don't respect an individual's privacy still have all the keys, or sabotage hardware to purposefully weaken encryption.
post #49 of 52
Quote:
Originally Posted by linkin93 View Post

Locking everything up is useless when security agencies who don't respect an individual's privacy still have all the keys, or sabotage hardware to purposefully weaken encryption.

The innocent citizen is in the middle of all of it. Criminals on both sides be it legitimised by law or by outlaws who care not for the law or the individual.

I guess netizens are a bit like a herd of circling wilder beast. Lions on one side silently stalking and monitoring with Jackals on the other, just waiting for a vulnerable moment to strike the weak.

ladcrooks had the right answer and its been echoed by quite a few industry pro's: If you don’t want it seeing by others eyes or ears for your lifetime and your children's then don’t put it on the internet. Of course with banking and buying you just need to try be vigilant
Edited by Pip Boy - 4/22/14 at 4:34am
post #50 of 52
Quote:
Originally Posted by linkin93 View Post

Locking everything up is useless when security agencies who don't respect an individual's privacy still have all the keys, or sabotage hardware to purposefully weaken encryption.

...or can just demand the data from the cloud to begin with

security.png
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [Wired] It’s Time to Encrypt the Entire Internet