Encryption, paranoia and virtual machines

Mon Dec 5 11:48:08 UTC 2011

This is interesting, what phone are you using?

Do you think its some sort of best guess factor of the phone browser? Ie. you surf to tlug.ss.org enough that the phone guesses that is where you want to go. 

I can't use the link from my phone, in fact it doesn't highlight it as a link. Although checking gmail from the web does show it as a clickable link, however it does not resolve to anything. 
The 404 not found page is what shows up.

Tyler Aviss <tjaviss-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:

>on my phone it resolves just fine to the ss.org address. how
>interesting
>On Nov 28, 2011 3:06 AM, "R. Russell Reiter" <rreiter91-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
>wrote:
>
>> Ah, the enigma codes. The German esszett ligature (also called the
>> scharfes s (sharp s)) ß evolved from the ligature"long s over round
>s".
>>
>> It is replaced by 'SS' in capitalized spelling and in alphabetic
>ordering.
>> ß is only used in Germany and Austria, nowadays generally never in
>> Switzerland.
>>
>> The code might have been a little harder to crack if there weren't
>> apparantly orphaned SS's in messages.
>>
>> I wonder how tlug.ß.org would resolve.
>>
>> Cheers,
>> Rußell
>>
>> Christopher Browne <cbbrowne-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>>
>> >Well, the "security" of the rolls mostly depends on the attacker not
>> >knowing how it works, and the majority of the population being
>> >comprised of
>> >illiterate slaves. Having 3 or 4 rolls of different sizes would
>> >suffice
>> >for cracking most of this; knowing the fact of variable roll size is
>> >99% of
>> >the trick.
>> >
>> >A considerable portion of security from encryption is achieved by
>> >minimizing the source text, notably to keep out readily guessable
>plain
>> >text. In WWII, British decryption efforts were helped plenty by
>German
>> >officers that considered it a "career limiting" factor *not* to end
>> >messages with "Heil Hitler". That perception mayn't have been wrong,
>> >but
>> >those bits of predictable plain text almost certainly caused the
>losses
>> >of
>> >German U-Boats, as it provided a vulnerability for Allied
>> >cryptographers to
>> >exploit.
>> >
>> >F. L. Bauer's book on cryptography describes other "politically
>> >necessary"
>> >sorts of cryptographic protocol failures - when messages contain
>> >fawning
>> >phrasing ("by order of the fuhrer") or spelling out some of the
>wacky
>> >long
>> >officer titles in high command, this all helps in attacking:
>> >A) individual messages
>> >B) message keys that will be used on other messages
>> >(Hence, the sloppy bozo may wind up getting others that are
>competent
>> >killed)
>> >C) the cipher system as a whole.
>> >
>> >Bauer observes that a *good* cryptograms clerk:
>> >- removes all unnecessary text
>> >- abbreviates heavily
>> >- misspells whatever they can
>> >
>> >That seems like it's likely to still be valid-ish.
>> >
>> >We do have stronger ciphers, today, but the notion that having known
>> >plaintext helps certainly persists in modern cryptanalysis. You'll
>see
>> >it
>> >a fair bit in Bruce Schneier's writing (sp?)
>> >
>> >On some extra reflection, there is a harmful aspect to encrypting
>your
>> >whole system, as this introduces a barrel load of known plaintext.
>> >Forget
>> >about a few references to Nazi haute, you are throwing in a dozen
>> >copies of
>> >the GPL, and as likely as not, a gigabyte of well-known binary and
>text
>> >data. Lots of material for cryptanalysis, quite possibly enough to
>> >meaningfully enhance a brute force attack.
>> >
>> >And when it's certain that the key for all that will be in the VM, a
>> >smart
>> >attacker won't bother with brute force when getting the key from the
>VM
>> >will provide the Keys To The Kingdom. Better still, once cracked,
>you
>> >can't fix it - changing the key requires rebuilding your VM. A
>> >*really*
>> >smart attacker may be sufficiently ready that they'll regain access
>> >before
>> >you can reboot into the new VM!
>>
>> R. Russell Reiter's Left Brain Messaging Matrix
>> [Currently Under Development] Your mileage may vary.

--
R. Russell Reiter
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists