stingwray
-
Posts
1,455 -
Joined
-
Last visited
Posts posted by stingwray
-
-
Its a cloud.
Americans really should stop worrying about mother nature and the weather, if you gave up building most of your houses out of wood and plasterboard and moved to brick, like we did hundreds of years ago, you really wouldn't have any problems with the wolf.
-
You have to remember that an encryption algorithm will only handle its maximum amount of allowed bits for the key, AES tops out at 256-bits, so increasing the key anymore does nothing for security.
2^256 is a very very big number. As to my previous post, if you require more security than this then you need to be looking at other things than encryption.
As for combining multiple encryption algorithms for redundancy, i still believe this is pointless, your going to seriously hurt your performance when working within the encrypted sector. Also given that all approved algorithms are tested extensively before they are accepted, the only likely vulnerability to be found is one which is systemic of all symmetric block ciphers of that type, like block ciphers. So all the algorithms that your going to use are broken at the same time.
For example, you secure a chest with two pad locks, both of different lock design, which is great, until someone comes along with bolt cutters and simply cuts them both of at the same time because they have the same weakness.
Its far easily and better to have better password policy and contingency plans, so pick a 32 character password which is completely random using a good range of characters, then change it regularly. If an encryption scheme is broken, have your system convert from one to another and remove all trace of the old version.
-
Why not use a CD/DVD like everyone else?
I can't see a need to boot a windows os off a flash drive, linux is a different matter.
-
If its a live CD then you won't have a very large rainbow table on it.
Given that its your first post and you really don't seem to know what your doing I'll explain.
The rainbow table is a table which matches password to its hash. The crack the password, it takes the hash and checks it against all of its hashes, if a match is found then you get the password.
Problem is there are loads of pairs, which take up quite a bit of room. Which means a CD will only hold a limited number (in fact a DVD doesn't do much more). We are talking in the >100GBs of tables here.
So the first thing you need to do is see what rainbow table you have. A good table will say what it includes, such as upper/lower case, numbers and special characters, plus the number of characters used. If you haven't been able to crack the hash then it isn't in that subset you have got.
To almost guarantee cracking, you'll need the biggest rainbow table you can get your hands on, and run Ophcrack against it, or your favorite cracking software.
-
The total mortgage may not have doubled, but their imediate payment per month did.(Or close to double) A lot of people were misled and didn't understand the sliding scale for their mortgage payment and how much it was going to go up. On top of the fact that the banks could plainly see that if their payment went any higher they would no tbe able to make payments. I know, because I work for a bank, and they have more than enough insight to see if the borrower will be able to afford the increase. The banks didn't care because they broke up the assets and sold them off to other banks, getting their money up front, while the second adn third banks down the line came in buying up these assets only do find the borrower couldn't meet the higher interest payments. Its a combination of stupid people living beyond their means, and the banks taking them for a ride, telling them how much they can afford. I went to severl banks myself, and they all told me I could get a mortgage for 1200 a month. That wa sbefore taxes and insurance! I then went to my employer(which is a bank) and did the same thing adn they told me no way, no how with what I make can I afford those kind sof numbers! They at least were honest enough to set it straight. I went from having the credit to get a $300,000.00 home from these other lenders, to being told I only make enough for a house worht in the ballpark of $88,000.00! That is what happened to these people! They got fucked by the prospect of having the American dream, a nice big house, 2 car garage, etc, and then their bank sold it out from under them while their adjustable rate jumped and they got forclosed.
You know you just repeated exactly what I said, but I did it in 5 lines.
The banks didn't care about the repayments as they didn't hold any of the risk. As securities (loans and other things packaged together and sold to other institutions) don't hold any risk for the person who sold the loan, or the person that packaged it and were making decent money from it, there was a high demand for securities, thus more loans were given out. Supply and demand.
-
Erm, don't think you can put USB devices in raid. There are some DAS solutions which put the devices in raid for you and then connect over USB if thats what your looking for. They generally only support one interface though.
Why can't you boot with another RAID controller installed? Nothing other than slots or space should effect that.
-
If you have a trucrypt volume with say, a 16 character passphrase. Then inside that you have another truecrypt volume (same crypto or not) with a different 20 character passphrase (obviously would have a different hash, was created at a different time), then it WILL make it 'harder' to crack because you have only gotten half way if/once you crack the first container. And how long did that take? Who knows how long the second one will take? Will there be more encrypted containers inside this one?
Actually your making it considerably easier for me to crack.
Proof:
You have one encrypted container which contains another encrypted container, passphrase1 for the first, passphrase2 for the second. The passphrases are both n bits long.
To check all the passphrases for one of them you need to check 2^n passphrases. Ignoring the probability of finding it within half of that normally. This means to crack both the containers I need to check 2x2^n passphrases. Say n=4. That is 32 passphrases to check.
Now I only use one encrypted container and a single passphrase, but the passphrase is double that of previous example, 2n. That means I have 2^(2n) passphrases to check, with n= 4, I have 256 passphrases to check.
So by using a single container, with the passphrases concatenated together you have significantly increased your security.
It can also be argued that on successfully cracking one container, the attack would be motivated to carry on.
-
Also, bundling it with other crypto methods is a good idea.
What do you mean by other "crypto methods"?
Because encrypting a file with algorithm1 and passphrase1, then with algorithm2 and passphrase2, is no more secure than using just one of the algorithms and passphrase1+passphrase2 (if the algorithms are secure).
You just end up slowing down your encryption and decryption more because you have to do it twice, where with a longer passphrase you get the same security and it takes no longer.
If your worried about an algorithm being found to be insecure, then on evidence of this, switch algorithm then, it'll take a little time switching but you will have gained that time back by not having to make two passes using two algorithms.
Theres really no need at the moment for anything more than AES-256, if you need stronger encryption at that point (to stop the NSA from reading your information for instance) then you need to look into other aspects of security to secure your data.
-
Americans didn't buy houses and just walk away. Some might have, but for the most part, they bought houses, waited 3 years, then their mortgage doubled, and they were forced out from forclosure.
Mortgages don't double, interest rates change and that affects different types of mortgages in different ways, but it doesn't double, no where near it.
The problem is they were sold a mortgage, which they could simply never ever meet the repayments on, this was because of securitisation and the person selling the mortgage was going to take none of the risk and yet still make a decent amount of money.
-
Its practically needed on a banks trading floor now, its too difficult to cool each of their 4 computers and 9 monitors!
-
Full drive encryption on linux is not great from what I've seen. I have my windows system fully encrypted with truecrypt but it cant do linux. I'd suggest installing a live ubuntu onto a 4gb key and making an encrypted store onto that.
If you have autologon enabled, the you will only need one password to unlock the encrypted store.
Linux supports full drive encryption out of the box and does a better job than truecrypts full drive encryption at the moment.
Ubuntu doesn't allow you to setup encryption on the graphical install, fedora however is very good and allows you to do it easily. I found this out when installing from USB onto my Aspire One.
-
Most likely a piece of malware if it only affected one computer on the network, although only allowing google is a little odd but then it could have had a problem, malware comes with bugs too!
-
That's of course assuming that the attacker didn't create a rogue CA, or recover the private key of a trusted CA. I agree with you and stringwray that a Javascript solution does not provide the same level of security as a full, properly configured, SSL session. But, at the same time, the OP doesn't seem to be too concerned with security and it would fit his requirements.
People really shouldn't chuck that around, because unless the rogue Cert was created before Jacob gave his talk its not going to happen now, it was be a statistical fluke bigger than the winning the lottery.
Also, to simply avoid this problem, make sure any SSL cert that you use is SHA-1 hashed, done.
If the OP doesn't seem to concerned about security, the might I recommend no security, its just as effect as not really concerned about security and a damn lot easier and less trouble!
-
My copy of Vista idles at 1.46gb of RAM used, on a 32bit OS that would only leave 1.5gb left,
So you run a game and play online, game takes its share of the RAM, but then you may have ventrillo, possibly xFire, running a G15 keyboard and a game that supports the HUD? eventually it all takes its toll on the RAM.
Family users play games as well, its not just left to elite hardcore gamers who need top end rigs just to blow a load in the morning. These days for the price its not uncommon to build cheap systems with 4gb (@ 800) of RAM. Might as well utilize it.
See, your doing it wrong, the man below is doing it right!
my 32bit vista idles at 698 meg used out of 2gig how ever it is a new install so doesnt have much running -
If there was two computers connected together online that did not have ascii, but instead both computers had a unique and identical language other then ascii, would the data that they would send and receive online between both computers be recognizable?
Sorry this wouldn't work, you've just changed the coding, which is trivial to decode almost always, especially with the advancements in cryptanalysis.
Coding is not cryptography, that's is a very importantly lesson to learn, that many people get wrong.
Also, if your developing protocols etc. for computers you should release all of your work to the community for it to be tested and checked (especially true with cryptography), also this means that you can't hide behind obscurity, which is the only thing protected this idea.
The network stack is all very interesting, but the original question would be to anonymize data, that sounds to me like you want to stop people from working out who it is from or who it is going if they are listening in some. The best solution this this is to use tor at the moment.
-
I'm not going to argue the toss any further because there's no point. I've implemented software RAM disks and work with hardware implementations and my employee and the manufacturers that I work with are quite happy with the definitions that I have previously used.
-
Incorrect, you're missing a key distinction...A RAM disk, in the traditional sense, is a software layer that enables applications to transparently use RAM (often a segment of main memory) as if it were a hard disk or other secondary storage. Quite obviously, this does not describe the Gigabyte iRAM.
A solid-state drive (SSD) is any data storage device that uses solid-state memory to store persistent data. DRAM is solid state memory, and is made persistent via the enclosed battery, ergo the Gigabyte iRAM is a SSD. Wikipedia calling such SSDs based on DRAM "RAM Drives" is a misnomer (Just as SSDs based on NAND Flash are sometimes refered to "Flash Drives" though they bear little resemblance to their tiny USB cousins).
If that wasn't clear enough, a SSD is hardware, a RAM Disk is software.
That part you got right, to take advantage of a DRAM based SSD you would need the speeds offered by PCI Express. I imagine a 4x slot would be adiquate to start seeing some serious performance gains.
As for the DMA problem, you're over thinking it. All the PCIe card has to do is represent itself to the OS as a disk controller (with an attached drive). Problem solved.
In industry, if a RAM as in DRAM and SRAM is used as a disk, as in you can read and write to it like a hard drive, it is referred to a RAM disk. Whether it is on the motherboard as part of system memory or on a device like the ACard doesn't matter. It is referred to as a RAM disk because of features of the RAM, like being volatile.
A software version uses system memory, using a drive which takes a portion of memory and mounts a filesystem on it, these are pretty trivial to implement. A hardware version is the ACard, but they are both RAM disks, because they both use RAM to store a filesystem.
The reason why I quote the problem with the DMA, is that you can't use the RAM as a disk controller for the full performance, a disk controller uses DMA to transfer data to the processor. Disk controllers only use a small amount of memory because normally they are slow and the CPU will take the data before it has more to load. In this case it won't be, your bottle neck is now going to be waiting for the CPU to take the data before you can read any more data into system memory. You've now lost all the benefits of RAM disk beacuse your spending half your time waiting. This is why you need a huge DMA area, which is impractical.
This is why the Gigabyte iRAM and the ACard use the Sata interface, because people don't want to loose all of their system memory to a device which uses all the addressable space as DMA.
-
Oooh, you edited to add this.
It wasn't just America that didn't live within their means, it was several countries. The blame is half banks, half people. You sorta covered the people part, but the bank part is crucial. I don't want to explain it wrong, so I'd get the story, brilliantly told, here. Banks gave the money away to people who couldn't pay it back, so it's partially their fault too.
Actually its all their fault. Banks with regulations weren't allowed to give more loans out than they had in deposits. But because of securitisation they didn't have the loan or the risk. That was until they started buy the securities because they "were" making money on them.
It was simple supply and demand, people wanted securities, the banks provided them, no risk to the banks, create even more of them, thus give a loan to everyone and anyone who wants one.
The recession spawns from this simple model. If the banks had been more heavily regulated then this wouldn't have happened and things like house prices wouldn't have spiraled up.
-
After watching the end of the "PHP Twitter Tamagotchi and Roflcon" episode were Matt and Darren were talking about where they were gonna get a Mac Pro from. I thought why not build a Hackintosh Mac Pro instead of buying one. It's a whole lot cheaper and it would make a sweet video segment.
You could not be more wrong!
The Mac Pro is actually one of the best priced dual processor workstations available at the moment, and wipes the floor on price of the likes of Dell and HP.
The simple reason for this is that if you went out and bought two 2.8GHz 1600MHz FSB Quad-core Xeon processors, you would have spent about 75% of the cost of the Mac Pro, for the remaining money, you simply cannot buy a good case, motherboard, powersupply.
Where the Mac Pro becomes expensive is in the buy to order (BTO) options, but these you can upgrade yourself without voiding your warranty. Memory is about 1/3 of what apple want to sell it to you and the same goes for the hard drives.
In fact I recently wrote about it in my blog.
You might want to check your facts when spouting wild allegations.
-
The Gigabyte iRAM is not a RAM Drive, it's a SSD (Solid State Drive).
Actually the Gigabyte iRAM is a RAM Drive, if you hadn't noticed it is made up of RAM.
A solid-state drive (SSD) is a data storage device that uses solid-state memory to store persistent data. A SSD emulates a hard disk drive interface, thus easily replacing it in most applications. An SSD using SRAM or DRAM (instead of flash memory) is often called a RAM-drive.From Wikipedia.
Also the ACard ANS-9010 is the current RAM disk available, if you read reviews on it you'll find out that it is not particularly faster than a conventional flash based SSD, where the SSD benefits from considerably more capacity and persistence, the ACard requires a Compact Flash card to backup to, which takes about 20mins which is horrible. Also the SSD and the ACard are about the same price, making the SSD a no-brainer.
The only way a RAM disk is going to be useful now is if it transfers across the PCI-E bus, but the problem with that is that I believe for that your going to have to use Direct Memory Access, so what you could end up with is not having any system memory available as its all mapped to external devices. In fact I really wonder what happens with that? Hopefully the architects have been clever and said that a certain amount of system memory can't be mapped away.
-
Say you have 8GB of memory installed. Your using a 32-bit OS and want to install the OS to the 4GB of unaddressable space by that operating system, allowing you a very fast boot.
You going to require a boot load that can support the full memory size, which will copy in the data to the usable area for the OS. The OS then needs to be able to read that data to know what its got. You can't turn turn the partitioned space into a disk drive to read and write to without a hypervisor which is going to make everything funky. Because te OS now needs to be away of what is in main memory its boot sequence needs altering, which means you can't get Windows to do this as you can't alter the code.
The next problem is that the area of memory which is not used by the OS is not contiguous in memory, virtual to physical memory address translation with the processor is even distributed across all DIMMs, so if you had 4 x 2GB modules then you would be using the first 1GB of each DIMM, with the boot loader it now needs to be know which areas of memory it can read and write, thats going to be non-trivial to implement.
I think the only practical solution to this is a hypervisor, but with even a very small and lightweight hypervisor your still going to loss performance for what I would consider not a great benefit. This is of course unless you wanted to do a hardware solution, either on the motherboard or perhaps a PCIE FPGA memory controller.
-
I simply don't understand the benefit from doing this.
Memory keeps its data for a short (or relatively short period of time) but corruption does happen at a steady pace. If motherboard came with the option of persisting main memory with power while the computer is off, then there would be lots of benefits to having more memory which could be accessed like a drive, something like the RAM-SATA drives available. But without so, your still going to have problems with memory addressing and also having to read data into the RAM disk which is slow from a hard drive.
-
Yeah its fine if you don't mind Google informing everyone else where you are, such as the poilce and any number of companies that "only" want to target you with advertising for where you are.
Next you'll be receiving adverts for medicine when you don't make your normal commute the office.
Thanks but no thanks for letting the government know everything about me.
-
Oh, wow, didn't think about that.
This is exactly my point about leaving it up to the professionals.
Well, the OP could create a shared-secret using a PSK and Javascript to create the level of security I think he's looking for.PSK fails to work with multiple users and the requirement that good passwords means passwords are regularly changed.
SSL offers so many other benefits, such as not allowing people to see anything what you are talking to the server about. Encrypting data for transmission across an unsecured tunnel is going to provide attacks with a wealth of information, such as what they are doing, where they are going etc. still.
Booting OS from Flash Drive
in Hacks & Mods
Posted
The air supports remote booting from another computers optical drive, if you didn't buy the external drive with it you can use that.