Equipped To Survive Equipped To Survive® Presents
The Survival Forum
Where do you want to go on ETS?

Page 4 of 4 < 1 2 3 4
Topic Options
#261919 - 07/18/13 01:35 PM Re: Why you don't use large vendors computerencryption [Re: haertig]
Pete Offline
Veteran

Registered: 02/20/09
Posts: 1343
"Actually, come to think of it, a company like Google, and just recently Yahoo, already "know" the contents of all of your emails since they actively scan through all of them for marketing purposes and to serve up targeted online ads."

Very true. The commercial world is constantly invading our space for advertising purposes. It's a pretty tricky piece of intel gathering - but because they just "tune it" to produce adds ... we ignore it :-)

I would think that if people here start encrypting their messages with software like PGP - it will just attract more attention from "whoever watches all this stuff". PGP was never guaranteed to be perfect - it's just Pretty Good. There's probably ways to crack it.

If you want to keep a secret - tell it verbally to one person that you trust. Anything in a "network" is fair game.

Pete2


Edited by Pete (07/18/13 01:37 PM)

Top
#261923 - 07/18/13 07:55 PM Re: Why you don't use large vendors computerencryption [Re: haertig]
James_Van_Artsdalen Offline
Addict

Registered: 09/13/07
Posts: 449
Loc: Texas
Originally Posted By: haertig
Personally, I need a solution that works on Linux, Windows, and Android. iPhone/iPad would be nice too, but I don't have those (although my wife does, so compatability there is a plus).

Use hardware-based locking.

I use a Corsair Padlock 2

This will protect from a lost or stolen device. If you get sent to Dictatorstan it's not going to stop the national-level security agency but at least it's tamper-evident and it will stop any of the lesser attacks you actually face (curious teenagers, etc). Good for anyone who has to carry "it's worth your job" data as well as secret bank account access codes.

The access code is entered onto the device directly so there is no keylogger vulnerability.

Top
#261943 - 07/19/13 04:41 PM Re: Why you don't use large vendors computerencryption [Re: haertig]
JPickett Offline
Enthusiast

Registered: 08/03/12
Posts: 264
Loc: Missouri
In view of the revelations re: government access to web-based communication and the USPS photographing the exterior of every piece of mail sent through the postal system, I feel the only means of secure communication looks to be snail mail with no return address on the envelope. If you need to verify delivery, include a stamped postcard for the recipient to mail back to you; again with no return address. If I need to send a large document, I may start relying on an inexpensive thumb drive in a padded envelope. Thoughts?

Top
#261954 - 07/19/13 10:31 PM Re: Why you don't use large vendors computerencryption [Re: LCranston]
chaosmagnet Offline
Sheriff
Carpal Tunnel

Registered: 12/03/09
Posts: 2878
Loc: USA
Originally Posted By: LCranston
If you password protect a zip file, it uses AES. Just use very strong password.......


Keep in mind that while AES is good, strong encryption, a weak password makes any encryption easy to crack. Also, there are a number of zip cracking software suites out there, some are very effective. They use imperfections in the encryption implementations (almost never the encryption algorithm itself) to gain significant advantage over simple brute force cracking.

Brute force cracking can be done very effectively if you throw enough horsepower at it. Using Amazon EC2, most passwords can be cracked for less than $100. Often far less than $100.

Top
#261960 - 07/20/13 04:43 PM Re: Why you don't use large vendors computerencryption [Re: James_Van_Artsdalen]
Arney Offline
Pooh-Bah

Registered: 09/15/05
Posts: 2485
Loc: California
Originally Posted By: James_Van_Artsdalen
Use hardware-based locking. I use a Corsair Padlock 2

I was taking a look at this product that you linked to. The description sounds great--hardware-based encrypted thumb drive for a not unreasonable price.

Although most reviews are good, I am concerned about some of the negatives reported, and I only looked through a few pages of reviews. Random loss of data is one that crops up multiple times. Also the fact that there is basically a "master" PIN code out there that will unlock any Padlock 2--but only once. How many Padlock 2 buyers would know that?

There seem to be reviews from the first version of the Padlock mixed in, too, but even the Padlock 2 does seem to have issues still, like the master PIN.

Actually, since you're actually using the Padlock 2, I suggest you research this master PIN issue, if it really is a universal flaw with this product. Then use it on your thumb drive so that it can't be used to unlock it again in the future since it supposedly only works once.

Top
#261963 - 07/20/13 05:08 PM Re: Why you don't use large vendors computerencryption [Re: JPickett]
Arney Offline
Pooh-Bah

Registered: 09/15/05
Posts: 2485
Loc: California
Originally Posted By: JPickett
I feel the only means of secure communication looks to be snail mail with no return address on the envelope.

I don't mean to sound nitpicking, but you're using the word "secure" but I think your method is really more about "privacy". They aren't the same thing although a method can be both secure and private. Are you looking more for privacy?

A PGP encrypted email can be highly secure and difficult to read the contents, but who it's from and where it's going may be plainly visible, so that aspect of the message is not private. So, NSA's PRISM program would dutifully record that kind of info.

The method you described seems quite private, but not necessarily highly secure unless you're using written codes or encrypting digital info that you're sending this way. It used to be that a search warrant was required to intercept and open first class mail, but I think that bar is significantly lower nowadays, especially in cases where national security is used as a justification.

Not to freak you out further, but here's a very recent article describing the Postal Service's version of PRISM.

Top
Page 4 of 4 < 1 2 3 4



Moderator:  Alan_Romania, Blast, chaosmagnet, cliff 
April
Su M Tu W Th F Sa
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30
Who's Online
1 registered (dougwalkabout), 204 Guests and 5 Spiders online.
Key: Admin, Global Mod, Mod
Newest Members
Ak47Lover, Nari, Begaye, JDanny, Just
5246 Registered Users
Newest Posts
MRE shortage
by Ratch
08:55 PM
How to sharpen a machete
by chaosmagnet
05:40 PM
the 10 essentials...prep for camping/hiking
by brandtb
12:21 PM
Camping is love
by dougwalkabout
12:54 AM
What did you do today to prepare?
by TeacherRO
11:57 PM
Hammer lanyard
by Roarmeister
06:39 PM
Defense against sharks, the bears of the sea!
by M_a_x
05:36 PM
fiador knot lanyard
by hikermor
01:03 AM
Newest Images
Tiny knife / wrench
Handmade knives
2"x2" Glass Signal Mirror, Retroreflective Mesh
Trade School Tool Kit
My Pocket Kit
Glossary
Test

WARNING & DISCLAIMER: SELECT AND USE OUTDOORS AND SURVIVAL EQUIPMENT, SUPPLIES AND TECHNIQUES AT YOUR OWN RISK. Information posted on this forum is not reviewed for accuracy and may not be reliable, use at your own risk. Please review the full WARNING & DISCLAIMER about information on this site.