Forum Statistics

Threads
27,576
Posts
541,642
Members
28,554
Latest Member
pbtom
What's New?

Parler

Bigtex

Bigtex

VIP Member
Aug 14, 2012
1,108
1,636
When I programmed (worked for DHMV as an computer operator while attending college for computer science with a concentration in programming) I was taught that no matter what the encryption level, once it's reaches the "backbone", it has to be broke down into machine language so that it can be passed on to the desired destination...Has this changed?...If not, that means encryption is shit...All u would have to do is look at the machine language and be able to tell what was typed (communicated)...Follow?...I'm not sure...It's been 30+ years since I programmed!...Also, guess who runs the "backbone"?...
.

I believe the use to be able to decript DES and a few others but AES replaced that. 128-bit can be decripted but it is so far impossible to decript 256-bit. Using one the the government super computers to brute-force attack AES-256, one would need to try 2 to the power of 255 or 2,117.8 trillion keys to get the job done. In real time it would take 27 trillion trillion trillion trillion trillion years. So, encrypted email only shows headers (metadata) at the backbone, the body of the message is encrypted. They can also read the ISP, but since you are using a VPN the ISP that is read is that of the VPN service. Can the IP of the VPN be traced back to you will logs? Yes, which is why it is very important to get a VPN that does not log or a company that is not so friendly with the USA. I have also read stuff from CDT senior staff technologist Joseph Lorenzo Hall that the encryption NSA can break are PPTP and MS-Chap. These are commonly used int he middle east. Technically I believe that additions to the Patriot Act allows the NSA to get a court order to seize computers of people using VPN's especially those who use TOR, So the double edge sword is while encryption gives keeps the snoops out, it also calls attention to your activity.

The U.S. Supreme Court on quietly approved in August of 20020 a rule change to Rule No.41, that would allow a federal magistrate judge to issue a search and seizure warrant for any target using anonymity software like Tor to browse the internet. The government is very afraid of VPNs and they care being used more and more.

Here is a PDF from the NSA to government agencies on how to use VPNs. The do recommend AES-256
https://t.co/rrVsDLIaLL?amp=1

Now for all intent and purposes most of us are not going to be concerned with NSA and just want a measured amount of internet privacy. This will surely work. If you really want protection use a VPN and TOR. Or even better run something like Tor's TAIL which is a portable operating system you can run or a USB drive. Tails never writes anything to the hard disk and only runs from the memory of the computer. The memory is entirely deleted when you shutdown Tails, erasing all possible traces. Like TOR, TAILS encrypts and anonymizes your connection by passing it through 3 relays. These are servers operated by different people and organizations around the world.
 
CFM

CFM

National Breast Implant Awareness Month Squeezer
Mar 18, 2012
1,975
1,678
While 'far right Trumper's' exercise their freedom of speech and vent their frustration, leftists continue to act out destroying their own communicates.

No one knows the difference.
 
captaincaveman

captaincaveman

TID Board Of Directors
Oct 17, 2010
1,301
485
No one knows the difference.

I do.

I also need directions to the Republican riots. I want to watch. Will they wear red body armor? Will they throw red bricks? All I have seen so far is scary pickup trucks and flags.
 
BackAtIt

BackAtIt

MuscleHead
Oct 3, 2016
2,185
668
I believe the use to be able to decript DES and a few others but AES replaced that. 128-bit can be decripted but it is so far impossible to decript 256-bit. Using one the the government super computers to brute-force attack AES-256, one would need to try 2 to the power of 255 or 2,117.8 trillion keys to get the job done. In real time it would take 27 trillion trillion trillion trillion trillion years. So, encrypted email only shows headers (metadata) at the backbone, the body of the message is encrypted. They can also read the ISP, but since you are using a VPN the ISP that is read is that of the VPN service. Can the IP of the VPN be traced back to you will logs? Yes, which is why it is very important to get a VPN that does not log or a company that is not so friendly with the USA. I have also read stuff from CDT senior staff technologist Joseph Lorenzo Hall that the encryption NSA can break are PPTP and MS-Chap. These are commonly used int he middle east. Technically I believe that additions to the Patriot Act allows the NSA to get a court order to seize computers of people using VPN's especially those who use TOR, So the double edge sword is while encryption gives keeps the snoops out, it also calls attention to your activity.

The U.S. Supreme Court on quietly approved in August of 20020 a rule change to Rule No.41, that would allow a federal magistrate judge to issue a search and seizure warrant for any target using anonymity software like Tor to browse the internet. The government is very afraid of VPNs and they care being used more and more.

Here is a PDF from the NSA to government agencies on how to use VPNs. The do recommend AES-256
https://t.co/rrVsDLIaLL?amp=1

Now for all intent and purposes most of us are not going to be concerned with NSA and just want a measured amount of internet privacy. This will surely work. If you really want protection use a VPN and TOR. Or even better run something like Tor's TAIL which is a portable operating system you can run or a USB drive. Tails never writes anything to the hard disk and only runs from the memory of the computer. The memory is entirely deleted when you shutdown Tails, erasing all possible traces. Like TOR, TAILS encrypts and anonymizes your connection by passing it through 3 relays. These are servers operated by different people and organizations around the world.

BT, you're referring to the "end user" (hacker, programmer, person using software, etc)...I'm thinking along the lines of "machine language"...Computers need the characters compiled into machine code (language) in order for the computer to understand what has been typed, voiced, etc...For instance, say that I type the word "cat"...The os will not understand those characters...There will have to be an conversion made to binary code (machine language)...That also goes for encrypted data as well...Once u run it thru the encryption program, it still has to be compiled into "machine language" (binary code, 0's and 1's)...This is done by the complier, not the user or program that a user has created...

Again, let's take the ex. "Cat"...Let's say we wanted to encrypt it with worlds best encryption software (NSA, FBI, CIA, etc)...Sure, we can stop the "hacker", or end user from decyrpting it in transient...However, it would still need to be reduced to "machine language" at some point...Even if it is encrypted (the computer cannot understand characters) the compiler will have to convert it to binary data...See what I'm saying?...What my question was, is it possible for the "machine language" (binary data) of the message (whether encrypted or not) able to be discovered?...In other words, if it can be, then u don't have to "brute force" it or use any other method to read it...U would only need to know machine code and then u could read the message (encrypted or not)....

I don't know, maybe the architecture of computers has changed and this is not how they work now...Anyway my friend, let me know what your thoughts are on it, again, it's been 30+ years since I fooled with this stuff...It's extremely interesting to me, not for nefarious reasons, but simple intrigue!...
.
 
Bigtex

Bigtex

VIP Member
Aug 14, 2012
1,108
1,636
That could all be possible IF NSA or anyone else can decrypt AES-256. All the experts seem to agree that even the quantum computers do not yet have the capability. They also agree that it will be decades before they can. The number of qubits that have is the limiting factor. Some encryption can be quickly decrypted. From what I understand they scan metadata from suspected individuals. Key words will only work in data that can be decrypted. This is done by brute force attacks.

Now what can be done is the information sent from a users computer through the backbone to the VPN. That information is not encrypted at all until it leaves the VPN. So you should avoid sending email from your computer through say MS Outlook. Instead use you VPN to log onto an online web email. That way anything you send will be encrypted.

Check out some of the stuff Edward Snowden has written about NSA spying capabilities.
 
BackAtIt

BackAtIt

MuscleHead
Oct 3, 2016
2,185
668
That could all be possible IF NSA or anyone else can decrypt AES-256. All the experts seem to agree that even the quantum computers do not yet have the capability. They also agree that it will be decades before they can. The number of qubits that have is the limiting factor. Some encryption can be quickly decrypted. From what I understand they scan metadata from suspected individuals. Key words will only work in data that can be decrypted. This is done by brute force attacks.

Now what can be done is the information sent from a users computer through the backbone to the VPN. That information is not encrypted at all until it leaves the VPN. So you should avoid sending email from your computer through say MS Outlook. Instead use you VPN to log onto an online web email. That way anything you send will be encrypted.

Check out some of the stuff Edward Snowden has written about NSA spying capabilities.

I'm gonna do a little research on "machine language"...Again, I'm thinking of the compiler, rather than the end user...U are referring to what an end user can do via an program (software written by programmer)...

From my previous studies, once an end user submits data to the computer, the on board "compiler" needs to convert the data to binary code (machine language)...So from my understanding, even if the end user, uses an program such as AES-256, the encrypted data will automatically be converted to binary...It would seem like u could go in at that point of processing and look at the binary code and would be able to see the raw data...The compiler automatically decrypts is what I'm thinking...Give me a couple of weeks to study...
.
 
Bigtex

Bigtex

VIP Member
Aug 14, 2012
1,108
1,636
I'm gonna do a little research on "machine language"...Again, I'm thinking of the compiler, rather than the end user...U are referring to what an end user can do via an program (software written by programmer)...

From my previous studies, once an end user submits data to the computer, the on board "compiler" needs to convert the data to binary code (machine language)...So from my understanding, even if the end user, uses an program such as AES-256, the encrypted data will automatically be converted to binary...It would seem like u could go in at that point of processing and look at the binary code and would be able to see the raw data...The compiler automatically decrypts is what I'm thinking...Give me a couple of weeks to study...
.

Take your time. I am asking for some advice too. But I did find NSA's recommendation to all government offices for sending and receiving top secret information. The do say AES-256 is the recommended way to send. They along with every expert I have read say the same thing, AES-256 is secure and can not be broken at this time. NSA has been the one who has forced major backbone to allow them to tap into the connections. They use different NSA programs like PRISM and XKeyscor to collect email based on the metadata in the header. They store this for later use. If they find a header that is suspicious that retrieve the store email and attempt to crack the encryption. What they are doing has been determined by SCOTUS to be illegal and they were ordered to stop. I have no doubt it is still going on.
 
BackAtIt

BackAtIt

MuscleHead
Oct 3, 2016
2,185
668
Take your time. I am asking for some advice too. But I did find NSA's recommendation to all government offices for sending and receiving top secret information. The do say AES-256 is the recommended way to send. They along with every expert I have read say the same thing, AES-256 is secure and can not be broken at this time. NSA has been the one who has forced major backbone to allow them to tap into the connections. They use different NSA programs like PRISM and XKeyscor to collect email based on the metadata in the header. They store this for later use. If they find a header that is suspicious that retrieve the store email and attempt to crack the encryption. What they are doing has been determined by SCOTUS to be illegal and they were ordered to stop. I have no doubt it is still going on.

My dear bro, I'm not interested in usurping the NSA or any other gov. agency...If they are involved in nefarious activity they will answer to our Maker, not me...

Yes, what u are talking about is referred too as "data mining"...And yes, on the "end user" end, it is virtually impossible to crack...Again, tho, allow me to direct your thoughts to the "compiler"...It will automatically convert characters to binary code (1's and 0's) this is how the computer understands what the user keys in or in the course of what u are referring too, encrypted data (characters) that the user has encrypted...It doesn't require an end user to try and decrypt it by using an "brute force" attack or any other method...Again, the computer does this on it's own via the compiler so that it can process the data...

If u have time, take a look see at machine code and u will see what I'm talking about...Unless the data is still encrypted at binary coed level, u should be able to read the message as it should be decrypted...From the way I was taught, after the computer (compiler) converts to machine language it then re-encrypts it and sends it on its way to the destination...Again, it has been a long time since I studied this...If I'm right in my line of thought, all u would need is the map showing what the machine code represents...For ex. an "A" could = 001, whereas an "a" could represent 100 in binary code, etc...This is basically where bits and bytes come in to play...I gonna study this mess being that u got me on it *LOL*...But not in hopes of usurping the NSA, FBI, etc for chris sakes *LOL*...Just for fun!...Hey, good talking at ya again, my monsterous bro!...
.
 
Bigtex

Bigtex

VIP Member
Aug 14, 2012
1,108
1,636
All I am concerned with is my rights to privacy. Whether its NSA, the FBI, CIA or a local hacker. I have been a big advocate of internet privacy since I first got into the internet back in the early 90's. I have only two college computer courses under my belt and that was basic programming and C++. I taught myself HTML and JAVA. So I am pretty much a self taught guy on this subject. I am definitely not doing anything illegal but do not wish anyone to track my private information. I have read literally tons of information on how to protect yourself online over the years.

If what you are talking about works I would think VPN code writers would have already figured it out and how to beat it. Understanding that email is not sent whole and instead broken up into small packets of data it would be hard to get much out of a packet. VPN encryption not only protects the data but it also encrypts the packets and all the is visible is the wrapper which contains information on where it is going. I agree, this is very interesting shit. Let me know what you find and I will keep looking too. I know I have read that NSA gets around some of these encryptions by using hackers. Instead of brute force attacks they do side attacks where they install back doors and also use malware like the ShiOne ransomeware to get keys. Not so legal either so you have to really be done something to get attention to get this kind of treatment.
 
B

buffalo3

Member
Oct 11, 2010
27
7
Im conservative and a Trump supporter and also have moved to Parler,i like it but its taking some time to get used to.
 
MorganKane

MorganKane

VIP Member
Nov 12, 2012
1,721
1,001
I'm gonna do a little research on "machine language"...Again, I'm thinking of the compiler, rather than the end user...U are referring to what an end user can do via an program (software written by programmer)...

From my previous studies, once an end user submits data to the computer, the on board "compiler" needs to convert the data to binary code (machine language)...So from my understanding, even if the end user, uses an program such as AES-256, the encrypted data will automatically be converted to binary...It would seem like u could go in at that point of processing and look at the binary code and would be able to see the raw data...The compiler automatically decrypts is what I'm thinking...Give me a couple of weeks to study...
.


When it converts it to machine code as you say, it keep the encryption.
Basically, the machine code is just binary. I did learn how to program that a very loooooong time ago.
Adding 2 numbers wasnt that easy with binary :). I even had to learn how assembly worked.

When something is encrypted its done end to end (most cases).
The possibility of a "man in the middle" attack is very real and that bypasses the encryption.
I think thats what Chinas "big cannon" did. Basically intercepted and put it self in the middle.

If you do a packet capture you can see exactly whats transmitted and received.
If its an encrypted connection you will just see the encrypted data with the included "data" layers like tcp/udp, load, etc.

I normally do a packet capture looking for data but I pull it from the firewall, not the device it self.
If you want to see whats leaving your computer then install Fiddler.
run fiddler first without adding in enabling "Capture HTTPS Connections".
Open a few web pages that uses SSL. Open your email etc.
Then enable the "capture HTTPS connection and check decrypt HTTPS traffic.

You might be suprised how much your computer chatters on the internet even without you surfing the net or doing anything.
Do a packet capture in the firewall and you see all the shit your IoT devices, printers etc sends out.
Its more than you think.

This subject really goes past just social media. Data monitoring and capturing is done at all levels and all devices.
use a VPN if you can and use SSL every time you can.

The VPN is only a connection between you and the VPN device, from there it leaves the encrypted connection and goes out in clear text if the connection is not encrypted.
The good thing is that the last exit device like a Tor node or VPN server is what the logs will show on the website that the connection came from. So your real IP is shielded by a good VPN provider, someone that does not keep logs and only logs for its own troubleshooting.

I wouldnt trust Tor nodes alone. Plenty of lists and services that monitors and finds Tor nodes.
I often use the list in firewalls to block any traffic from Tor. Dont want them on the network.

Its not that easy to decrypt most connections so it must be worth it to the feds to do so.
 
Who is viewing this thread?

There are currently 0 members watching this topic

Top