|
 This is amazing.
|
#
?
Jan 20, 2018 00:51
|
|
|
|
| # ? May 23, 2024 09:06 |
|
|
How did this magical thing happen?
|
|
#
?
Jan 20, 2018 02:59
|
|
|
Absurd Alhazred posted:How did this magical thing happen?
|
|
#
?
Jan 20, 2018 03:21
|
|
|
This is incredible. Thank you. Thank you.
|
|
#
?
Jan 20, 2018 04:03
|
|
|
Got into a fun discussion today that this thread might enjoy pondering. Let's say that, for bullshit legal reasons, you want to encrypt something and NOT keep the password in your memory or anywhere in your possession. So for the password, you use the hash signature of a particular file, and then you don't keep a copy of that file yourself, anywhere. Whenever the time comes to decrypt -- and it will likely be many years in the future -- you'll have your encrypted data, and the software to do the decryption, but not the file whose hash is the key. You'll have to trust in your ability to track down another copy of that same file. Remember, it has to be bit-for-bit identical or it won't work. Put aside the question of whether the legal trick would work (spoiler: no) and just go with the premise. What file do you choose? What are you confident you'll still be able to find in the future, let's say 25 years from now? We kicked this around and arrived at what I think is a great answer: The ROM of a reasonably popular old video game cartridge. You aren't depending on a single source (which might go out of business or something), there isn't going to be a new edition of it (at least not one that would displace the original version), and it's not the sort of thing that would be casually altered (like an image or sound file being re-encoded in a new file format). Someone out there will still be preserving these things as a hobby. And hell, if it came right down to it, you could even try to track down original hardware and re-rip the data yourself. Other ideas?
|
|
#
?
Jan 20, 2018 11:01
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering. Hmm but how good are you at resisting interrogation/torture?
|
|
#
?
Jan 20, 2018 11:06
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering.
|
|
#
?
Jan 20, 2018 11:10
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering. Someone in a position to acquire a password from your memory/elsewhere in your possession is probably equally able to track down a copy of a particular video game rom once you've told them what they're looking for. Essentially your password is now the string "the sha-256 of the original mario rom", and the decryption process starts with "track down a copy of the named file".
|
|
#
?
Jan 20, 2018 11:39
|
|
|
You know this question was answered by nerds when the first thing that comes to mind is a game ROM file instead of the hash of some famous text, like from a book. Your program could strip all whitespace/linebreaks/punctuation and hash the lowercase ASCII encoding of a few hundred letters (set number, no matter how much text was entered.) You'd just have to remember: use part 3, chapter 4 of Crime and Punishment (or bible verses if you're so inclined.) This would allow you to decrypt offline by manually typing in the characters from a paper copy. If you were monitored, this would be less obvious than your sudden interest in finding Bubble_Bobble.nes in the year 2043.
|
|
#
?
Jan 20, 2018 15:31
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering. Well there's lots of version of game roms (have a look at ToSEC for a start), so something more fundamental would be better, maybe your DNA sequence, the atomic weights of the first n elements, the gps/gallileo co-ords of your house or the strength of the weak nuclear force at n quarks or whatever.
|
|
#
?
Jan 20, 2018 15:51
|
|
|
everyone replying to that could have just stopped with the part where he says "NOT keep the password in your memory" and then talks about remembering a thing. that's asinine whether the thing is a loving game ROM or digits 69 through 420 of pi. the only way to keep an encrypted file that you can't be persuaded to decrypt, legally or by rubber hose, would be to have someone else choose the password and not tell you what it is. and that person should probably live in a different country, and have been told not to reveal the password until you see them in person. no matter how desperate you sound on the phone. and now you're dealing with the consequences, legally or rubber hose wise, of carrying an encrypted file that the Opposition claims is CP or NSA secrets or the mafia's bitcoin address or whatever the gently caress else, and you can't decrypt it. so whatever you're carrying better be worse / more important than anything you have a chance of being accused of.
|
|
#
?
Jan 20, 2018 18:53
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering. Use the first 10-15 words of lorem ipsum, you're never gonna remember that poo poo
|
|
#
?
Jan 20, 2018 19:00
|
|
|
This story is relevant.
Sheep fucked around with this message at 19:27 on Jan 20, 2018 |
|
#
?
Jan 20, 2018 19:24
|
|
|
Powered Descent posted:Got into a fun discussion today that this thread might enjoy pondering. I was just about to suggest a FIDO U2F key, but then I realized you said: "NOT keep the password in your memory or anywhere in your possession. ". The key would obviously mean that the "password" would be kept somewhere in your possession. To be fair it could be a vault in a bank, with specific instructions that Trump, Obama and Bush have to be present personally for that box to be opened. But still, it fails that requirement. Without keeping the password (in some way, shape or form) I don't see how the data can be decrypted, ever. Even if you have an algorithm that can generate the password from a known set of bytes (book, PI, or game roms) , then that set of bytes is essentially the password. So, you need to have the password.
|
|
#
?
Jan 20, 2018 19:31
|
|
|
Use Hello.jpg, nerds will never give that up.
|
|
#
?
Jan 20, 2018 21:06
|
|
|
Is it the part of the thread where we discuss using pictures as passwords again?
|
|
#
?
Jan 20, 2018 21:43
|
|
|
Cup Runneth Over posted:Is it the part of the thread where we discuss using pictures as passwords again? goatman is my password
|
|
#
?
Jan 20, 2018 22:15
|
|
|
Just use a secure combination of letters and numbers, like kjs500.
|
|
#
?
Jan 20, 2018 22:37
|
|
|
Jeoh posted:goatman is my password my gape is my passport, verify me
|
|
#
?
Jan 20, 2018 22:41
|
|
|
Password1! Except replace the o with a zero. You're welcome for this badass security tip.
|
|
#
?
Jan 20, 2018 22:42
|
|
|
Martytoof posted:Password1! I can now successfully attack contoso.com
|
|
#
?
Jan 20, 2018 22:45
|
|
|
Microsoft hates him! See how one man made $10,000 in one afternoon with ONE WEIRD SECURITY TRICK
|
|
#
?
Jan 20, 2018 23:14
|
|
|
Klyith posted:my gape is my passport, verify me So just shove a iris scanner up there or do you have someone hold it for you?
|
|
#
?
Jan 20, 2018 23:34
|
|
|
when the feds ask me what my password is, i’ll tell them “i don’t know what my password is” and they’ll get super mad that i owned them but that’s literally my password
|
|
#
?
Jan 20, 2018 23:35
|
|
|
Dadbod Apocalypse posted:when the feds ask me what my password is, i’ll tell them “i don’t know what my password is” and they’ll get super mad that i owned them but that’s literally my password if you have an iPhone X they'll just point it at your face lol pwned
|
|
#
?
Jan 20, 2018 23:37
|
|
|
Dadbod Apocalypse posted:when the feds ask me what my password is, i’ll tell them “i don’t know what my password is” and they’ll get super mad that i owned them but that’s literally my password
|
|
#
?
Jan 20, 2018 23:46
|
|
|
D. Ebdrup posted:...would that actually work? I'm imagining some sort of "Who's On First" skit in my head, and it's loving hilarious. "Give us your password!" "What!" "The password to your computer!" "What!" ""The password you use to login to your computer!" "What" *Sigh* "Okay, let's start over. You sign in to your computer, right?" "Right." "So you type something in." "Yes." "What do you type in?" "The password." "So your password is the password?" "No, the password is my username!" "So both your username and password are the password?" "No." "So what is your password?" "What." "The password to your computer!" "What!" "The password you use to login to your computer!" "What!!" "Stop saying "what" or so help me God I will kill you!" "I'm just trying to help!"
|
|
#
?
Jan 20, 2018 23:50
|
|
|
My password is "I murdered a homeless person 5 years ago", but I can invoke my 5th Amendment rights not to self-incriminate by telling anyone that* *except they already ruled that you can just enter it - they don't care what it is.
|
|
#
?
Jan 20, 2018 23:51
|
|
|
Martytoof posted:if you have an iPhone X they'll just point it at your face lol pwned Ha! that's where you're wrong, feds! I've secretly trained my iphone X to unlock only when pointed at my balls
|
|
#
?
Jan 21, 2018 00:08
|
|
|
"My password is the first 64 bytes of the 3rd file on a flashdrive that was sitting on my desk when you stormed in and siezed everything. You have it somewhere, and I just told you what it is." Hint: You're still lying.
|
|
#
?
Jan 21, 2018 00:08
|
|
|
Klyith posted:Ha! that's where you're wrong, feds! Didn't realize the faceid camera had 100x zoom
|
|
#
?
Jan 21, 2018 00:59
|
|
|
Martytoof posted:Didn't realize the faceid camera had 100x zoom
|
|
#
?
Jan 21, 2018 04:05
|
|
|
One of the images on https://www.warnerbros.com/archive/spacejam/movie/jam.htm That page has been up since the web was created. Put like people said, you can be pressured to reveal which member of the Monstars is your password. If i was super worried about leaking a sensitive password a dead-man or, in this case, a jailed-man switch to delete your password stored somewhere would not require another person to possibly leak the information. [
|
|
#
?
Jan 21, 2018 04:16
|
|
|
Absurd Alhazred posted:"Give us your password!" Haha, that works pretty well!
|
|
#
?
Jan 21, 2018 06:44
|
|
|
Absurd Alhazred posted:"Give us your password!" Reminds me of this https://www.youtube.com/watch?v=bLE7zsJk4AI
|
|
#
?
Jan 21, 2018 08:35
|
|
|
Boris Galerkin posted:Reminds me of this https://www.youtube.com/watch?v=bLE7zsJk4AI Nice.
|
|
#
?
Jan 21, 2018 08:40
|
|
|
Absurd Alhazred posted:"Give us your password!" Or even better, The Lion and The Unicorn episode of Batman: TAS.
|
|
#
?
Jan 21, 2018 19:12
|
|
|
duz posted:Or even better, The Lion and The Unicorn episode of Batman: TAS. I haven't watched that show in ages. 
|
|
#
?
Jan 21, 2018 19:22
|
|
|
Absurd Alhazred posted:I haven't watched that show in ages. The passphrase was the title line. To "fight" the truth serum, Alfred constantly said fantasy phrases so the truth sounded like the nonsense he was babbling. It's not as Abott and Costello, but still amusing.
|
|
#
?
Jan 21, 2018 20:14
|
|
|
|
| # ? May 23, 2024 09:06 |
|
|
duz posted:The passphrase was the title line. To "fight" the truth serum, Alfred constantly said fantasy phrases so the truth sounded like the nonsense he was babbling. It's not as Abott and Costello, but still amusing. I see. Unrelated: https://www.youtube.com/watch?v=Mdqv5xIsFLM
|
|
#
?
Jan 21, 2018 20:18
|
|