Jump to content

Making a safe chatroom on your pc for multiple participants

AXANO

By AXANO
in Security

 Share

Recommended Posts

digininja Grand Master

digininja

Posted
Posted

Easy, to save money you reuse the tinfoil that you wrapped yesterdays sandwiches in. While out walking in the park a seagull sees a small piece of bread caught in a fold. It swoops in and grabs the bread, tearing a hole in the hat in the process. You don't notice the hole which allows a small stream of conciousness to leak out, this is picked up by the thought police and results in a long stay in a dark hole.

Link to comment
Share on other sites
AXANO Newbie

AXANO

Posted
  • Author
Posted

@digininja i respect you and your knowledges and you have proven to me that you know things but if there wasnt a way to hide yourself from the government there wouldnt be any hackers because they would all have been caught surely there is a big chance that somebody will make a mistake but we are not talking about mistakes here only about ways to really stay anonymous from the gov. and to protect all our personal data.

Link to comment
Share on other sites
digininja Grand Master

digininja

Posted
Posted

Its as I've said a few times, you have to decide who you are trying to stay safe or hide from. It is usually going to be the police who go after low level criminal hackers, in most countries they are under resourced and so have to choose their battles and so the script kiddies who could probably be easily swept up due to really poor OPSEC are unlikely to get tracked down as the prosecution is going to take more effort that its worth. In the UK there is a threshold of monetary loss that someone has to show for a successful prosecution, under that level, the police aren't interested.

When the government or police really decide to go after someone, e.g. Lulzsec, they put their resources into action and that is where little mistakes mean big problems for the criminals.

So, this takes me back to these questions which you need to answer so that your question can be answered better:

Who are you trying to protect your self against

What are you planning to do once hidden and is it likely to make you a target

What are you trying to actually protect

What level of effort do you want to go to to protect yourself?

Link to comment
Share on other sites
sud0nick Newbie

sud0nick

Posted
Posted

Easy, to save money you reuse the tinfoil that you wrapped yesterdays sandwiches in. While out walking in the park a seagull sees a small piece of bread caught in a fold. It swoops in and grabs the bread, tearing a hole in the hat in the process. You don't notice the hole which allows a small stream of conciousness to leak out, this is picked up by the thought police and results in a long stay in a dark hole.

I never told you I eat sandwiches. How did you know? Also, why would I wrap my sandwich in tinfoil, that stuff is for my head.

Link to comment
Share on other sites
  • 2 weeks later...
vailixi Newbie

vailixi

Posted
Posted (edited)

Challenge accepted:

To secure myself from government agencies reading my mind I will put on my tin foil hat. Completely secure.

Tinfoil hats only work if you are not wearing rubber soled shoes. You have to grounded or the tinfoil hat will actually be amplifying said eyesight television Frankenstein radio controls. Saw it on YouTube I'm pretty sure.

But on a serious note I would be willing to help develop said chat application. Basically take you favorite book and use that as a wordlist. You know what book it is and your buddy knows what book it is. Each line of the book gets read and used as a salt while hashing each word up to certain length maybe 7 characters bigger words concatenated. So only you and your buddy have the dictionary to create the precomputed lookup cards for messages. Then you create an encrypted container to put the message in put that into another encrypted container and so on for like 500 layers of encryption block cipher send through stream to buddy.

So an attacker would have to know what book what pages you are using for salts. Then they would have to know the hashing algorithm then would have to know which encryptions you are using. Then they would need a LOT of compute power to get the plaintext. The hashing portion of this could be figured out like a very complex cryptogram so you alternate hashing and encryption schemes to make it less susceptible to attacks. Nothing is really secure though.

Whatever type of encryption is less relevant. But in the case it can be bruted just calculate the total hashrate of all of the computers currently in existance combined and multiply that by like several orders of magnitude. So yeah even if it's bruteable it will still take until sun burns out to crack your message.

Anybody want to seriously talk about this hit me up.

Edited by vailixi
Link to comment
Share on other sites
sud0nick Newbie

sud0nick

Posted
Posted

Inventing your own can be a great learning experience, though. I'm currently working through "Implementing SSL / TLS Using Cryptography and PKI" by Joshua Davies and it's pretty awesome to see how different algorithms are implemented even if it is a bit dense at times.

Link to comment
Share on other sites
i8igmac Newbie

i8igmac

Posted
Posted

I have made my own encryption/compression...

I have felt the supper clever self appointed genus syndrome...

I have also read a lot of articles about other people doing this and the response given... a rookie cryptographer could most likely crack it...

So. My clever feeling was put in check by that statement...

I would love to put my encryption to the test, I wish there was a place to submit my encryption algorithm. super computers existence allow for a huge advantage and any professional cryptographer would have easy access to one...

it was a great learning experience, my skill level has progressed so much with attempting these kinds of projects... I have not given up on this project, just had life issues come up...

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

Crypto is too important to just hope for the best. There are *so* many ways in which your home-grown crypto can fail it really isn't at all funny.

Proving compression/decompression works is easy: Put something in, take it out again, compare what went in with what went out and if identical, see how small it was while being in. If it's smaller than most, hey presto! You have a winning compression algorithm.

With crypto people will be able to make assumptions based on the various stages of encrypting the data and the state of the CPU or the power draw while it's doing it or it'll be non-uniform or, or, or.... People who do this sort of thing get paid a *LOT* of money to do this and they too are very hesitant to say "this shit works".

Link to comment
Share on other sites
  • 2 weeks later...
cooper Newbie

cooper

Posted
Posted

Just found this which seems relevant: https://www.deepdotweb.com/2016/02/03/into-ricochet/

If you are looking at things like that then I'd say look at this instead as I know the authors and trust them.

http://risky.biz/RB328

Today, invisible.im's main focus is supporting the development of Ricochet Messenger.

So there's no 'instead', rather, we have 2 votes of confidence in Ricochet.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...