Luux Posted August 26, 2013 Posted August 26, 2013 Hello all, I was reading on a bit of history regarding Phil Zimmerman and PGP. (Start here: http://cryptome.org/nsa-sabotage.htm) I have used PGP since the mid '90s and I have always wondered if their code had been 'affected' (weakened) by NSA or other governmental body to the point where they could easily break the encryption. With some of the capabilities of the NSA becoming common knowledge, you can assume that they are effectively 10+ years ahead of consumers in regards to breaking keys. So.. what to do? With the mindset that we are a decade behind our government, what can you possibly do to become effective in protecting information? I run an encrypted lvm, but I don't feel that this provides me much protection other than from other consumers off the street from browsing my data. If the NSA wants information off of your encrypted volume, you can be guaranteed that they will retrive it. I have a personal policy of just remembering anything of value and never documenting anything, but I'm starting to forget things and I need a safe place to keep it. Quote
Luux Posted September 2, 2013 Author Posted September 2, 2013 Maybe I should retitle my post to "Metasploit 101" because knowing how to compromise another box is apparently more important than securing your own. ;) Quote
logicalconfusion Posted September 3, 2013 Posted September 3, 2013 It wouldn't matter. Anyone(any computer scientist) can make a hydrogen cooled super computer in his basement and then design an application to crack your key. Keyless encryption is the only real encryption. remember the old saying, when in doubt - destroy the data; I personally want the government on my side.... Quote
BuckoA51 Posted September 5, 2013 Posted September 5, 2013 I think "Easily break" is a bit of a stretch if you're using the strongest possible keys. Even if you assume a determined attacker could break your e-mail encryption, by encrypting the mail your still protecting against the NSA and their random, mass gathering of E-mails which are no-doubt screened for certain keywords and probably have a lot of false positives that result in government staff snooping on your stuff just because you quoted some song lyrics or something. Quote
logicalconfusion Posted September 11, 2013 Posted September 11, 2013 (edited) Thats true, BuckoA51....good point. Encryption is better than nothing! I use 23-factor authentication to secure my stuff... Edited September 11, 2013 by logicalconfusion Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.