[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTinc-euZnw6vNY4QxwvjnZjR3MYC5jmeukcGXcex@mail.gmail.com>
Date: Mon, 14 Jun 2010 14:16:14 +0200
From: Christian Sciberras <uuf6429@...il.com>
To: stuart@...erdelix.net
Cc: Full-disclosure@...ts.grok.org.uk
Subject: Re: Introducing TGP...
> The basic flaw, to me, seems to be your erroneous assumption that the
> enemy has symmetric compute capability to yourself. Once you give
> the enemy a copy of your data, even if it is encrypted, you are
> opening the door to them using some hyper-core, quantum-cooled super-
> fandango against your crypto, and you give them all the time in the
> world to do it.
You cannot decrypt what is not encrypted.
No one said you have to play fair on the grounds of security.
On Mon, Jun 14, 2010 at 1:51 PM, lsi <stuart@...erdelix.net> wrote:
> On 14 Jun 2010 at 4:23, Thor (Hammer of God) wrote:
>
>> >> create a private key with a strong password, post that, and then, say,
>> >> encrypt a scan of your passport and post that.
>> >
>> >So, I think this is a dumb idea... :)
>
> The basic flaw, to me, seems to be your erroneous assumption that the
> enemy has symmetric compute capability to yourself. Once you give
> the enemy a copy of your data, even if it is encrypted, you are
> opening the door to them using some hyper-core, quantum-cooled super-
> fandango against your crypto, and you give them all the time in the
> world to do it.
>
> Also, you will only have available, in the cloud-solution you offer,
> archival copies of the data. The latest versions will only be on
> your machine.
>
> While SSH datastreams might be captured and eventually decrypted, the
> attacker must have access to your wire. If you post your datastream
> all over the net, they don't need that. SSH also provides access to
> live data and is already available on many platforms....
>
> Stu
>
> ---
> Stuart Udall
> stuart at@...erdelix.dot net - http://www.cyberdelix.net/
>
> ---
> * Origin: lsi: revolution through evolution (192:168/0.2)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists