Skip to comments.'Cryptopalypse' Now: Looming Security Crisis Could Cripple Internet
Posted on 08/21/2013 8:50:45 PM PDT by Errant
The Internet, and many forms of online commerce and communication that depend on it, may be on the brink of a "cryptopalypse" resulting from the collapse of decades-old methods of shared encryption.
The result would be "almost total failure of trust in the Internet," said four researchers who gave a presentation at the Black Hat security conference in Las Vegas earlier this month.
"We need to move to stronger cryptosystems that leverage more-difficult mathematical problems," the presenters said.
(Excerpt) Read more at livescience.com ...
Remember when most websites were gray with very few pictures?
It was almost like using BBS’s sometimes
Yep! Since you mentioned BBS’s, expect they may be making a comeback! lol
It is unclear how this situation came to be. The usual obvious explanations (unencrypted hotspots and the like) don't apply, and the password should be hashed at the other end. Linux on this end, properly maintained, and no indication of anything amiss. There is nothing particularly of interest in my boring gmail, so it is puzzling that anyone would go to the trouble of computing a hash match.
Mention BBS today and most people would say, "Huh, Whut?"
LOL, for sure... I used to play around with them some, way back when.
A BBS could be more secure. It would be interesting for a local group to try that idea out.
Someone may have gotten your info from another less secure site and just seeing if you had a gmail account using the same username/password?
Would be good for backup, incase TPTB shut down the net. Could also use ham equipment to access it?
That’s the puzzling thing — did not use the same password on any but what should be the most secure sites (like banks — that’s what scared me). Have different passwords now.
No trouble. Rainbow tables. Precomputed values that match the md5 hash of your passwd. Stored “in the cloud”.
That's a pain in the butt to do. I pretty much have different ones except for a few secure sites. I don't use gmail or yahoo anymore. I have my own email accounts through my old business domains - nothing encrypted though.
I was playing around with tormail in anticipation of what's coming with all the spying going on, but that got shut down.
Startpage is suppose to begin a secured, paid email service called Startmail in 2014.
hacking is a scattered approach, they have likely programmed a computer to hack hundreds or thousands of emails at a time
I was tinkering with the idea of using shortwave radio to broadcast “news” and data to computers. I doubt shortwave is clear enough for that but it could be something to experiment with.
Very true. I was just getting into computers when the BBS thing was dying out. I remember a free magazine about computers here locally that had lists of BBS’ we could access.
I have some ideas using encrypted P2P networking along those lines. Different wavelength though. ;)
Yep, I picked up a U.S. Robotics 56K USB (no serial ports on PC’s these days) modem on sale just in case we are forced to return to BBS days! Next step HAM equipment.
Betcha somewhere there be a BBS running. Might have to dig out one of my old modems and search the net. lol
Radio Free America could be sending out hourly or daily data packets with the news that the government wants suppressed. Imagine getting a daily PDF “newspaper” via shortwave reception.
Do you think this kind of thing might be able to work?
we should try that
I remember I only did local calls back in the day, that was before affordable long distance plans.
This Dell laptop I’m working off of now is the first computer I’ve bought without a modem. Just always insisted on having one as a basic configuration in the past. Now that you mentioned it, lol, those old modems did connect via serial.
OK... not an easy search on Google these days
Yeah, I was reading about them but why me? All my controversial stuff is in plain text on fr! lol Also, the rainbow tables give a hash match but it is many:one on passwords to hashes, right?
No indication of any more attempted breaches since last night.
Seems likely my account was one of many attacked.
It would work. There are a number of ways to do it. Connect, exchange data and disconnect. May even be some open source software available already.
Wait, this phone plug on my laptop that connects to the FiOS (or could if I wasn’t using wifi) isn’t a modem?
Whoever received the daily packets via shortwave could upload it to local BBS’ for those who don’t have the shortwave receiver on their computers.
That could be interesting. They could even post some audio broadcasts I guess.
If there is an open source way to pick up data packets from shortwave someone should use Linux From Scratch and build a special Underground Linux OS in preparation. Burn your iso files in advance.
If it’s a phone plug, it should be able to be a modem and able to be used to connect to a dial-in BBS with the right software.
Camas Washington has a BBS with 48 nodes! “DragonLance” must be a local gaming server.
I wonder if this would work, I don’t think my Linux PC has the right software.
I’m no Ham expert, but there are number of folks here you are. I do know it’s possible to send data over ham frequencies. Your idea to have this connected to a dial in BBS is a good one.
OK. I checked the Ubuntu repository and there does appear to be some utilities to dial out.
I’m sure there are a number of open source apps that would do it for you.
Yep. There is a free program called FLARQ that lets us share data over a ham connection. ha.
FLARQ is also FLDIGI
one review :
de WN1Z 21nov11: Running Ubuntu 11.04, FLDIGI is the only app that does psk-31 (etc.) that i can get to run properly with my limited knowledge of configuring my Ubuntu machine. All the other similar apps (twpsk, linpsk, gMFSK, and a couple others) either would not run, or could not find /dev/dsp or some other problem. FLDIGI’s configuration dialog, when i checked “PortAudio,” identified “HDA Intel: ALC272 Analog.” I won’t have a chance to hook it up to my radio for a couple weeks, but testing with a mic and headphones says it works. Thank you author(s)!
To make it harder for the bad guys in the future, try using Google’s two-factor authentication. After anyone logs in successfully with your username and password, Google sends a code to you by phone, text, or email. You can proceed only if you enter that code.
With two-factor authentication, it’s much harder for the bad guys to take over your account.
So, yes the technology and software does exist to make my idea work. So, now... how do we talk one of those big shortwave radio stations into trying this on a large scale (two big ones out of TN one is Christian and the other is a conspiracy/Alex Jones type operation)
I would love to see FReepers all over America who have HAM equipment see if they can download a PDF file from a packet being broadcasted. Then upload the packets to a local BBS where those without the HAM equipment can retrieve it.
The idea is only valuable if we organize a way to use it when it becomes necessary. We could organize this as a test of the Free Republic Emergency Communication System (FRecs for short). It would also be interesting to see if we can get a message from Jim Robison to be spread from Fresno to BBS sites across the country without by HAM using the internet or the big SW radio guys.
We should be prepared in case of the worst.
Bless you if you can figure how to incorporate access to FR. Bet Jim has some old BBS code on floppy discs somewhere! lol
without using the internet I meant
Local BBS services and local FReepers with HAM equipment to upload data packets for those without the equipment to be able to access.
As an emergency back-up if/when the internet goes down or the “kill switch” from the tyrants in DC goes down. This is obviously not a total SHTF scenario but it is a variant of it.
Need a way to sync the data. Some type of P2P networking with distributed data capabilities later - initially, maybe just mirror everything. Wouldn’t require much storage space.
lol. It’s just an idea I had floating around in my head, all of the technology actually exists if we want to use it.
He who beats Diffie-Hellman beats the world! (Well, except for cheaters who use man-in-the-middle attacks)
Keep thinking about it. Your idea certainly has possibilities! It would be nice to have something up and running ahead of a SHTF emergency. Maybe even broadcast the latest news of the day over any number of stations who do so over shortwave. TruNews.com is one that comes to mind, and Rick Wiles (the owner) was just donated a 50K transmitter on some island in the Caribbean.
Oops, make that a 50,000 Watt transmitter.
Who does a FReeper HAM ping list??
Is there one??
The FReeper HAMs in each local market could also send packets back and forth at set times so that we can know what each other are saying. Not just a one way communication that way, and those without HAM could be assured that some things they posted on the local BBS would be available (eventually) to FReepers in other markets.
Might even have to hop data packets from one market to the next. lol
All the technology exists I think, how to make it as secure as possible and implement a P2P system is a bit advanced. I think a mirror of each local system would be a good idea too.
There are websites that sell old laptops (the kind with modems and 40GB hdd’s) for a hundred bucks or so. Wipe the HDD, install a Linux.. our version of “Underground” Linux I suppose.
Of course every FReeper prepper should be involved in this, even if they are just using the old software (a live disc) to access the BBS that gets set up. There could be one day every few months where we pull out our livedisc/bootdrive or old laptop in the closet and access the local BBS to see what the local FReeper HAM has put up.
Then they can login to FR and say if they got it or not.
For most participants it will just be the ability to call into the BBS. It would likely cost nothing but a blank CD for many of those.
How many FReepers are using HAM radios?
I think this would be a great Free Republic project!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.