"I Write Mass Surveillance Software"
Anon Mus
my.green.lantern at googlemail.com
Fri Sep 18 11:37:37 UTC 2009
Eugen Leitl wrote:
> On Thu, Sep 17, 2009 at 03:58:50PM -0400, Michael Holstein wrote:
>
>
>> (basically, all the OP on Rededit was saying, was he's the guy that
>> writes the microengine code) .. the processors themselves aren't
>>
>
> Not quite -- he explicitly claimed they used custom hardware. Perhaps
> using network processor macro cells, but custom design was definitely
> involved.
>
>
>> capable of realtime brute-force decryption ... but they are the sort of
>>
>
> There's no such thing, apart from really obsolete cryptosystems. And
> even there you can't just fish for content as it was cleartext.
>
>
>> thing that can look for signatures/keywords/etc in a stream and act upon
>> it at wire-speed.
>>
>
> That is old news.
>
>
>> As for breaking encryption, this would be a task better suited for a
>> large farm of purpose-programmed FPGAs, since I'm not aware of any
>> commercially-produced ASIC that does this (although the NSA does list
>> jobs for "semiconductor fabrication", so I'm sure they're in that game).
>>
>
> I can see large boxes for e.g. offline DES (perhaps even 3DES) cracks,
> but everything else is probably not cost effective (of course, NSA has
> demonstrably been decades ahead of open research in some instances,
> so don't blame me if they waterboard you just because you took this
> at face value).
>
>
>> IIRC the Russians had purpose-built their own ASICs to break DES when it
>> was en-vouge .. I'm sure our side of the pond actively does the same.
>>
>> Sneakier mice, better mousetraps.
>> Lather, rinse, repeat.
>> while().
>>
>
> What I really dread is having to sanitize my entire systems, which
> effectively means wiping and bootstrapping my entire infrastructure
> from known good state, establish physical security, secret management
> including crypto hardware, system hardening, privilege separation,
> intrusion detection and documentation, periodic review, and the like.
>
> This is seriously annoying, and I resent having to go full tinhat
> monty. In case anyone has pointers or has already done such a thing
> I very much welcome any documentation. We should publish everthing
> in the open to make it easily replicable by anybody anywhere, so
> just to make the annoyance mutual.
>
>
[Grobbage - French - for "a plot of cleared land" the only web use of
the word is here:
http://cnc.virtuelle.ca/riviere-la-paix/riviere_la_paix/leurs_memoires/roy.html
reference to term's description here:
http://cnc.virtuelle.ca/riviere-la-paix/riviere_la_paix/lexique/grobbage.html
]
Its equivalent to the English term "grubbed out".
Perhaps his name is the English surname "Grubb".
This "Grobbage's" activity is stated to be UK (Britain) only.
If (s)he's a fake then look for an attention seeker....
Search (webcrawler.com) - Grubb UK - gives Ben Grubb (.co.uk) 3rd in list.
Search (yahoo.co.uk - UK only hits) - Ben Grubb - Wow.. Hey.. he's an
attention seeker all right!
... so rite or w#so wrong?
(RE-)Build your (new) machine off line - then take a snap shot. Get it
working on line then take another snapshot. If you fear you've been
trojaned in future then destroy - install snapshot and you're back in
business.
Always use official off-line updates.
I don't bother with this - I've got wifi connected spyhardware already
on my PC motherboard (think about it - its just a kernal tweak), so
there's no point in protecting from trojans or keyloggers.
More information about the tor-talk
mailing list