128-bit crypto scheme allegedly cracked in two hours

128-bit crypto scheme allegedly cracked in two hours.

-- Tom

 

This is how it should work Trusting "NSA experts" was such a suckers' game.

 

^ Yup ^ I saw all of this crap coming from a mile away in it's infancy. Cryptography is being intentionally, and successfully broken by design these days. I'll put my trust in old, time tested & true, traditional/standard methods over newer and supposedly stronger crap like the curve that's broken and backdoored.

The good thing is this crap isn't fooling anyone anymore and is common knowledge in the VPN/TOR communities. The bad news is these shiesters have dug their claws into many other avenues by now, including Firefox, and possibly also OpenVPN (which I haven't fully trusted since v 2.2.1). Only now those old versions are vulnerable to Heartbleed... so they've got you by the balls either way. I think that serves as a perfect microcosm of the state of affairs these days. Our choices are: a rock, or a hard place? The game is being rigged just like politics. The end game is going to be that privacy and anonymity are completely lost causes.

 

I'm more optimistic.

Back in the day, only the NSA (and some other state actors) had the expertise and resources to develop and test high-end crypto. That changed in the 80s-90s as computers became affordable. Maybe quantum computing will give them more of an edge for a while, but the competition is much more intense now.

 

You don't trust Firefox anymore? Why? What browser do you recommend?

 

For info. on this refer to this post: "other software & services" section, Page 2, "Mozilla Firefox 29.0 Final" thread, post # 49 by user "Baserk". If you read that post, and follow associated links you'll see why there's cause for concern regarding new versions of Firefox. I'm still on v28 and have no intention to upgrade. As to what to migrate to now?... that's the frustrating part, and as I stated later on in that very thread... there's nothing left!

Maybe full circle back to IE. When it started out they (and Live Search) were Big Brother... having a monopoly on the net. Then Mozilla & Google came along to rescue us and give us options. They were the "little guy". But now they've turned into the enemy they sought to fight in the first place and became behemoths themselves. An all too common theme that extends far beyond the world of tech. Now IE is the little guy. Frankly I'm inclined to trust them more than Firefox and Google these days. I'm thinking maybe IE and Ixquick. But as for now I'm just staying on FF v28 and biding my time, until/if there's some major vulnerability that puts me at risk and forces my hand to make that change.

But people should be made aware of these facts/events, so that their decisions (which are theirs and theirs only) are informed ones. That's something I believe in strongly. And nobody seems to be talking about this. And they should be because it's far from trivial. In fact it's "make or break" type stuff IMO. But all anyone is talking about instead is that DRM crap, whose implications are FAR less important. And I have to wonder if this isn't an intentional sleight of hand... another commonly deployed tactic that expands beyond the world of tech.

 

That's crazy about FF. I had no idea. But isn't it basically an open source project? As in, developers from all over contribute? You think one guy is sneaking stuff in?

 

Thanks for the explanation! I will read the post that you referred to.

 

I just read that post and I am surprised that there is not more talk of this.

 

Well, given that all that matter know Eric Rescorla's history, he'd have a hard time breaking Firefox, no?

All sorts of evil folk (whatever your perspective) contribute to open-source projects, anonymously or not.

So I'm not planning to freak.