Reply With Quote
counterhack. for having set up the first internet, the AF is slacking.
Yes, but the key is not exchanged over the internet. as for hacking? You design the system so they are compartmentalized, and that cannot happen.
counterhack. for having set up the first internet, the AF is slacking.
do you clowns actually think they really care? as long the govt continues to increase funding is all it matters that they still have a job
My point is, the system you're describing could be broken in multiple other ways: intercepting the key along the way, getting the info afterwards, etc etc. when they say that China is "hacking" our systems, I doubt it's all just about 1's and 0's.
With private key, you cannot intercept the key because it is never part of the transmission.
Did you even read what I wrote above? And yes, there's some form of transmission, its just not electronic. Unless you're telling me we have developed psychic powers, then point B has to know about the key point A is using. During that process, an alternate party can find a way to determine the key. Again, if you disagree, give me an example of this "unbreakable" method of information delivery and I will show you multiple ways to get around it.
The whole point of security isn't to make your system unbreakable/invincible; its to make your network a less attractive target than other networks out there, using appropriately costed measures.
No, it is simpler than that. Both ends already know which key is in use. Because there is no "negotiation" of cypher or certificate, there is no weakness in security.
In some ways we were better off when was stored in a locked filing cabinet...
My goodness you can be pedantic sometimes. Tell me WC, how do both ends "know" which key to use?
Do you and your wife have the same cut key for your house?
It's just that simple. You know who you are communicating with, and therefor you know which key to use.
Has the modern military security forgotten the old school stuff that works? I couldn't find the system anywhere on the internet to show you. information overload, and all cypher system I find use public key. Some they call private/public. Now public key is convenient, but the tradeoff is level of security.
Are you really this stupid? You're totally missing his point. Both he and his wife have the key to their home. Is that not a potential breech in security?
Ok, lets say that my wife and I entering our home is a "system". Now, someone who wants to enter our house could try a million differen keys in hopes one would work. (Brute force attack). Or they could just take the key from us. Or they could trick us into giving them the key. Or they could wait until we unlocked the house then try to sneak in or force their way in shortly after. And there's far more I'm not even getting into.
Somewhere along the line, there is a line of communication from A to B telling B that A is using a certain key. They don't have to break the KEY if they can break into weaker communications to figure out what the key is.
Also WC, are you really saying that old school military communications were more secure? I seem to remember something called an "Enigma" machine, along with many other examples that would counter that argument.
Yes, old school systems were more secure than any public key type system.
Old school methodology. I mean private key systems instead of this public key stuff. No matter how much someone promises public key cannot be broken, it's a lie.
I said how it works. Not the actual level of encryption.
I'm thinking more on the lines of a KG-95 or better. At the time, with limited computing capability, 32 bit encryption was enough. Now 256 bit is common enough so that brute force attacks cannot work, unless really lucky.
2^256 = 1.15792E+77 (115,792,089,237,316,xxx,xxx,xxx,xxx,xxx,xxx,xxx,x xx,xxx,xxx,xxx,xxx,xxx,xxx,xxx,xxx,xxx,xxx,xxx,xxx ,xxx)
First off, why do you think they went away from these systems that are "more secure"? Is every IT person in the world an idiot?
Second, you're missing my entire point. Do you freaky think the Chinese are brute forcing anything? No, they're making viruses and botnets.
Third, you can't just say "Old stuff is better!" Without even being able to give a single example of such a system.
Fourth, a public/private key exchange is nearly the same as a "just private" key exchange. As you said yourself, brute force attacks are hard to accomplish. How do you think they are breaking these private keys sent publicly? Do you think they're actually breaking the key, or exploiting the key through other methods?
We went away from more secure systems in an attempt to still have security, but with multiple users and multiple public keys keys.
Viruses and Botnets... into systems with data that are not properly compartmentalized.
A simply crypto unit like a KG-95 is not an example... OK... If you say so. I thought it was a crypto devise from secure data transmission, but I guess you can prove me wrong.
I'm not getting my point across, and am going to waste little more time. Public key can be broken by knowing the system, intercepting the transmission, the reverse engineering the process. Private key cannot.
Heck, I guess we could have the safest network in the world, if we just unplugged each computer from every other computer. Of course, then we couldn't really function, but we would be secure. And yes, KGs are good devices, and strong at encryption. But all you need to do is socially engineer the person that uses the crpyto into giving up secrets and you don't need to break the key. (ie. "Hey this is so-and-so from the helpdesk, we've had major issues with secret connections, can you test yours out? Ok thanks, I'll wait. Ok, you're on? Good. Can you tell us what your IP is? Ok, right that checks out. Ok now bring up your email, we're going to send you a test message. You didn't get it? Ok, do you have any emails in your box from today? Are they from on-base or off-base, because we've been having server exchange problems. Offbase, ok... etc etc"
It's disappointing to see the military is so weak in security these days.
The military isn't "weak" on security, and you have no factual evidence to back you up, just old man "Back in MY day" stories. Not to mention that the military relies on comm 100x more than they did even a decade ago.
Making excuses for incompetence now?
Really WC? Unless you think I'm personally responsible for the network being compromised in any way, Id say that's a pretty awesomely stupid claim to make.
Frankly WC, you have no idea how much more comped military networks are nowadays than when you were in. You have no idea of the demand and necessity for constant communications. Generals today would pretty much kick you in the teeth if you ever suggested limiting their connectivity capability; and comm squadrons run numerous layers of defense to prevent attacks. Not to mention that security is very much a reactive rather than proactive measure, since its hard to counter a Day 0 exploit.
You can't even name one system that is supposedly so much more secure than the ones nowadays... Likely because if you did, I could google "hacking X system" and return a thousand hits. As I said above, if it was only about "security" then we could just unplug every PC from the network. Obviously it's about providing security while allowing as much accessibility as possible.
You have no idea how vital communications infrastructure is to the very way we fight wars now, yet in typical WC fashion, you think you know more than DARPA, DISA and the entire IT community at large. You're a joke.
I didn't say your incompetence. The military's.
Sorry, but I was in the nuclear theater during the cold war. It's sad to see how much security has fallen along with the wall.
Actually, I do understand the necessity of the vast communications today. That doesn't mean they cannot be better secured.
Do you think you know how to secure networks better than the thousands of IT guys the govt hires? If so, you could probably make a few millions with your ideas. Why not share them?
Tell me, how much hacking did you have to worry about during the Cold War? How many Russians could attack your electronic systems from across the globe in milliseconds? Oh wait, that would be none. Its a completely different world WC.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions