The underwater cable chop...

On Sun, 3 Feb 2008, wrote:

>> You can have unbreakable codes by pre-arrangement, single use. For
>> example, use of some innocent word in any text. Nobody can figure that out
>> unless they had a microphone in the room when two people agreed on what
>> that, or a few words meant. Also like single-use passwords. You would have
>> to get your hands on the list and that could be pretty hard.
>
> Body language can also be used for secret communications.
>
> In general, secret lingo is commonly done for communications in
> organized crime, violent street gangs, etc ... and also in a prison
> type environment.
>
> The ways these are undermined is having an informant "mole" in a
> particular crowd, where they're able to determine the lingo. Even
> without an informant, wiretaps on phones, computers, etc ... and
> planted bugs can determine to some extent what they're talking about.
>
> ** satire mode on **
> For example, if the feds (or clandestine corporate "enforcers") wants
> to get the goods on Straydog for being a "terrorist" against
> corporations, they can just parse through all of Straydog's usenet
> posts and other possible writings. The feds may also set up wiretaps
> on Straydog's telephones, computer, ham radio transmissions, etc ...
> and bug his home and whatever hangouts he frequents, as well as his
> wife's place of work. The feds may even try to send in an informant
> "mole" to befriend Straydog.

Anyone out there want to be my "mole"? I'll be glad to tell you anything
for $10,000 for any one thing, otherwise, consulting fee is $1,000 per
hour until you get tired of my answers (I get breaks, vacation time,
bonuses, and pick my own hours of work, and get to pick the questions I
answer; questions to be submitted in writing in advance)

All of this accumulated information can
> be used to write up a translation dictionary for Straydog's code
> words, as well as compiling incriminating information for future
> prosecution.
> ** satire mode off **
>

There, that will fix your smartass ass!
 >> Stay informed about: The underwater cable chop... 

> Its still brute force, and, still, if we're running "one use" passwords,
> then the only thing you can do is try to get the original list from where
> they are coming from. And, that could be made veeerrrrrrrryyyy difficult.

Single use passwords can be undermined if they fit into a pattern
which can be established. For example, somebody using each of the
words in a Shakespeare play in sequential order, while rejecting the
words already used previously.
 >> Stay informed about: The underwater cable chop... 

On Sun, 3 Feb 2008, wrote:

>>> In practice, cracking via dictionary attacks is actually quite
>>> effective for passwords.
>>
>> Again, you have to test many words, and no good if the word is not in the
>> dictionary. ISPs (at least the ones that are smart) run disconnect on
>> third failure, and where they are real serious, disable the account.
>
> All they have to do is grab the password or shadow file, and run a
> program like Crack
>
> http://en.wikipedia.org/wiki/Crack_(software)
>
Its still brute force, and, still, if we're running "one use" passwords,
then the only thing you can do is try to get the original list from where
they are coming from. And, that could be made veeerrrrrrrryyyy difficult.
 >> Stay informed about: The underwater cable chop... 

On Sun, 3 Feb 2008, wrote:

>> Its still brute force, and, still, if we're running "one use" passwords,
>> then the only thing you can do is try to get the original list from where
>> they are coming from. And, that could be made veeerrrrrrrryyyy difficult.
>
> Single use passwords can be undermined if they fit into a pattern
> which can be established. For example, somebody using each of the
> words in a Shakespeare play in sequential order, while rejecting the
> words already used previously.
>

Yeah, back to the old arguments about how random some computer-generated
list of random numbers is. I've read some of the arguments, and all the
guys arguing about how many fairies can dance on a head of a pin.

Like I said, its all in a realm beyond my interests. But, you can go to
one of the crypto-cypherpunk-etc., newsgroups if you really want to tangle
with those guys. For me, its moslty a dead horse.
 >> Stay informed about: The underwater cable chop... 

On Feb 3, 7:30 pm, Straydog wrote:
> On Sun, 3 Feb 2008, wrote:
> >> Its still brute force, and, still, if we're running "one use" passwords,
> >> then the only thing you can do is try to get the original list from where
> >> they are coming from. And, that could be made veeerrrrrrrryyyy difficult.
>
> > Single use passwords can be undermined if they fit into a pattern
> > which can be established. For example, somebody using each of the
> > words in a Shakespeare play in sequential order, while rejecting the
> > words already used previously.
>
> Yeah, back to the old arguments about how random some computer-generated
> list of random numbers is. I've read some of the arguments, and all the
> guys arguing about how many fairies can dance on a head of a pin.
>
> Like I said, its all in a realm beyond my interests. But, you can go to
> one of the crypto-cypherpunk-etc., newsgroups if you really want to tangle
> with those guys. For me, its moslty a dead horse.

Security is largely caveat emptor.
 >> Stay informed about: The underwater cable chop... 

On Mon, 4 Feb 2008, wrote:

> On Feb 3, 7:30 pm, Straydog wrote:
>> On Sun, 3 Feb 2008, wrote:
>>>> Its still brute force, and, still, if we're running "one use" passwords,
>>>> then the only thing you can do is try to get the original list from where
>>>> they are coming from. And, that could be made veeerrrrrrrryyyy difficult.
>>
>>> Single use passwords can be undermined if they fit into a pattern
>>> which can be established. For example, somebody using each of the
>>> words in a Shakespeare play in sequential order, while rejecting the
>>> words already used previously.
>>
>> Yeah, back to the old arguments about how random some computer-generated
>> list of random numbers is. I've read some of the arguments, and all the
>> guys arguing about how many fairies can dance on a head of a pin.
>>
>> Like I said, its all in a realm beyond my interests. But, you can go to
>> one of the crypto-cypherpunk-etc., newsgroups if you really want to tangle
>> with those guys. For me, its moslty a dead horse.
>
> Security is largely caveat emptor.
>

Back when (40 years ago) when I was getting my first security clearances
and had to undergo breifings I had dealings with two security office guys.
One was right out of the gestapo (when I was sitting accross from the
desk, he was even holding his paper that he was writing notes on with the
edge curled up so I could not read what he was writing [but there are
guys out there who can read what you're writing by looking at the pen
movements <I can't do that>]). The other was a human being. The human
being told me "there's no such thing as 100% security".

Couple of years ago I read Skoudis' book "Malware...." (probably the best
overview of hacking out of several [I don't have what it takes to hack,
either]) and he said the same thing. Based on the honeypots, honeynets,
and honeymonkeys, I'd say that the guys who are smarter/smartest are the
born hackers and the guys trying to lock down the boxes are on the losing
side of brilliance.

Best line of defense: don't be trying to make a living that requires that
you help keep the nation's secrets, or something equally valuable.

<my two cents mode on>

Lock down to the limits your web browsers and don't use modern email
clients, either. If the website says you need a plug-in, MY advice is
don't even go back a second time. Best line of defense: use books,
newspapers, and magazines.

<my two cents mode off>
 >> Stay informed about: The underwater cable chop... 

> <my two cents mode on>
>
> Lock down to the limits your web browsers and don't use modern email
> clients, either. If the website says you need a plug-in, MY advice is
> don't even go back a second time. Best line of defense: use books,
> newspapers, and magazines.
>
> <my two cents mode off>

Most people will just buy a new computer once the old one is all
infested with viruses + spyware to the point of unusability after a
few years. As far as they're concerned, it's not their problem
anymore once they buy a new machine.
 >> Stay informed about: The underwater cable chop...