- #246
Mathnomalous
- 83
- 5
CAC1001 said:
Misstatements, I suppose.
WikiLeaks reveals sites critical to US security
- News
- Thread starter Evo
- Start date
-
- Tags
- Security
In summary, the conversation discusses the release of sensitive information by WikiLeaks and the potential consequences of their actions. There is a debate about the benefits of this release and whether it is justified or harmful to national security. Some speculate that the intention of WikiLeaks is to harm the USA, while others believe it is a means to demonstrate the fatal weaknesses of a powerful military force. The conversation also touches on the arrest of WikiLeaks founder Julian Assange and the possibility that it is politically motivated. The conversation ends with a debate about the punishment of Pfc Manning, who leaked the information to WikiLeaks.
Misstatements, I suppose.
- #247
nismaratwork
- 359
- 0
Mathnomalous said:
Carefully chosen ones!
CAC1001:Yes, statements made with the intent to be truthful, but somehow ended up being about nonexistent weapons programs. I hate when I slip up and concoct a cause for war... I mean the last time I was just yachting in The Gulf of Tonkin, and then all hell breaks loose...
- #248
CAC1001
They weren't lies or mis-statements, they were what the administration thought were statements of fact. A guy like General Colin Powell, one of the most respected men on the planet at the time, wasn't going to just go and "lie" to the United Nations and the world, over such an issue.
- #249
Hurkyl
Staff Emeritus
Science Advisor
Gold Member
- 14,983
- 28
I can factor large prime numbers in my head.nismaratwork said:
- #250
nismaratwork
- 359
- 0
Hurkyl said:I can factor large prime numbers in my head.
Oh thank god, I have this supposedly one-way hash function I need cracked, and you're just the brain- er... man... I need to put in a jar in my new machi- ahhh... to operate my new computer. Here... drink this while I get a striker saw and a jar...
CAC1001: You're entitled to your religious beliefs. Wait, wrong response, but it applies pretty well.
- #251
CAC1001
nismaratwork said:
I would say it is a "religious belief" among the people who claim President Bush lied the nation into war.
- #252
jobyts
- 227
- 64
nismaratwork said:
Factoring large prime numbers? I'm sure you will run into problems. I tried even smaller ones, but didn't succeed.
- #253
Proton Soup
- 223
- 1
rhody said:
sure, not exactly a 1/1000-th mind you, but same order of magnitude.
http://cryptome.org/0003/wikileaks-lash.htm
- #254
WhoWee
- 219
- 0
Proton Soup said:
These WikiLeaks people sound like little kids sitting in an upstairs closet, planning to sneak down the stairs to listen to an adult conversation taking place around a card table (a 1950's or 1960's retro example). Then once they hear something they run back to the closet and giggle, then maybe tell their friends about it the next day.
The difference is that while a story including Bob's dad said a bad word, and Matt's dad had gas, and Bill's mom wanted another drink might have been entertaining, it didn't really injure anyone.
If your link is real, maybe the hackers should start to worry about ALL of the players. Everyone will not be restricted by the rules applicable to the US. Personally, I'll find it ironic and even humorous if the unintended consequences of this leak is the retaliation onto the hackers themselves - by their "info hosts".
Bragging often gets people into more trouble than the act itself - IMO.
- #255
Proton Soup
- 223
- 1
WhoWee said:
wikileaks isn't even the story. the real story is that you've got a hacker mafia in russia breaking in everywhere getting dirt on everyone off public networks. and i guess chinese too. and nobody cares about that, or dealing with it. the only thing anyone cares about is the appearance, the public relations aspect. Assange is a convenient scapegoat that you can publicly flay while conveniently ignoring that the barn door is wide open.
- #256
nismaratwork
- 359
- 0
This isn't hacking... it's script-kiddy bull****. They're just saying they watch the activity of people who DO have the talent to enter databases, and then packet sniff them! Our security is SO BAD, that it just takes a bunch of script kiddies being supported by a handful of talented and generally anonymous black-hats.
- #257
nismaratwork
- 359
- 0
Proton Soup said:
Proton, we have the NSA and Echelon, and more... we do the same thing. This isn't hacking, as I mentioned previously, just another form of semi-active sigint. The issue isn't that this is being done, but that we're sucking at it.
- #258
Proton Soup
- 223
- 1
nismaratwork said:
i'm not sure whether you're saying our security is good or bad.
- #259
rhody
Gold Member
- 681
- 3
misnara,nismaratwork said:
Since Proton did not address my original question in Post https://www.physicsforums.com/showpost.php?p=3032729&postcount=242" I will pose the question to you, to separate fact from fiction, isn't that what PF is supposedly all about ?
I respect your opinion and insight hopefully backed by multiple, verifiable sources...
Thanks in advance...
Rhody...
P.S. BTW from the information I have been able to obtain even if they were to crack thehttp://www.popsci.com/technology/article/2010-12/how-secure-julian-assanges-thermonuclear-insurance-file" , and text is scrambled and would be of no use anyway.
see text from the link:
Last edited by a moderator:
- #260
Proton Soup
- 223
- 1
nismaratwork said:
that's the same thing
- #261
nismaratwork
- 359
- 0
Proton Soup said:
Our security is wretchedly bad.
I think you need to check what 'hacking' originally meant, came to mean, and really means in practice; there's no way that someone using someone else's programs to scan ports or sniff packets is a hacker... they are a script-kiddy. Hacking is actively creating your own code, and entering where you're not welcome... not managing botnets, not packet-sniffing, and not even massive signal intercepts. It may be that this is a semantic issue, I'm not sure.
- #262
nismaratwork
- 359
- 0
rhody said:
Well that's a tough question, although it strikes me as a bad idea to torture such a (newly) public figure for a passcode. Anyway, on the technical side AES256 is extremely secure, and if you're saying that beyond that he may have used PGP encryption or more hash functions on the cleartext...
...The bottom line is that as I said, that file is only going to be opened if:
1.) There's a flaw found in the encryption scheme used (collision errors, doubtful)
2.) Computers or methods advance beyond current expectations allowing for a means to bypass the protection.
3.) Luck on an astronomical scale.
Personally I think the major flaw here is that I'm not clear that Assange or anyone else knows what's in that file. If it's meaningless crap, then what a waste, right? On the other hand, if it's terribly sensitive and clearly gets people killed... whoops. No, this isn't something the US is looking to open, it's a fail-deadly device for Assange to use in a manner he's yet to make clear.
Last edited by a moderator:
- #263
Proton Soup
- 223
- 1
nismaratwork said:
yeah, not really interested in that debate. and as i understand it, hacking originally had to do with hardware reverse engineering. and wasn't even a negative term i think until people started building phone "blueboxes" or whatever kind of boxen they were called. blah blah blah 2600 blah...
- #264
nismaratwork
- 359
- 0
Proton Soup said:
Yes... exactly...
*goes off to cry nerd-tears alone*
- #265
CAC1001
From my understanding of it, hacking is refers to people who like to solve problems and build and create things, and applies to people who have an obsession with learning everything about something. So a person may learn to program in all the major languages, they will read technical manuals, they will learn electronics to an advanced level, they'll learn the telephone and Internet infrastructure, they'll load individual operating systems up onto their computer and read the manuals to each operating system and study them to find the holes, etc...a hacker is not interested in doing anything malicious or destructive (unless maybe defending their country by doing bad things to foreign countries trying to do the same to their country).
"Hacking" got a negative connotation when people started using these skills for destructive and criminal purposes however. From what I have read, the term for such malicious hackers is/was actually "crackers."
However, outside of the hacker culture, the general term used by the media and so forth is "hacker" and also cracker is known as being a racist term to others, so one can see how people would be reluctant to use it. Today it seems more the terms are White Hat hacker and Black Hat hacker (white hat is good, black hat is bad).
Although referring to technology, the hacker philosophy can really apply to any art or science. If you study music and learn everything you can about music, all the instruments, all the major works, etc...then you are applying the hacker philosophy to music. Or if you learn everything there is to know about automobiles, you're applying it to autos. If you are obsessed with economics and learn everything there is to know about how economies work, you're basically applying it to economics as well. Hacking is about figuring out how things work.
Script kiddies are just people who download software that has already been written by others and use these tools to perform malicious activities. But a script kiddie has no real knowledge of how to actually program or how things actually work. The really dangerous "hacker" is the kind who knows in-depth all about the technology, and has no qualms about doing bad things.
"Hacking" got a negative connotation when people started using these skills for destructive and criminal purposes however. From what I have read, the term for such malicious hackers is/was actually "crackers."
However, outside of the hacker culture, the general term used by the media and so forth is "hacker" and also cracker is known as being a racist term to others, so one can see how people would be reluctant to use it. Today it seems more the terms are White Hat hacker and Black Hat hacker (white hat is good, black hat is bad).
Although referring to technology, the hacker philosophy can really apply to any art or science. If you study music and learn everything you can about music, all the instruments, all the major works, etc...then you are applying the hacker philosophy to music. Or if you learn everything there is to know about automobiles, you're applying it to autos. If you are obsessed with economics and learn everything there is to know about how economies work, you're basically applying it to economics as well. Hacking is about figuring out how things work.
Script kiddies are just people who download software that has already been written by others and use these tools to perform malicious activities. But a script kiddie has no real knowledge of how to actually program or how things actually work. The really dangerous "hacker" is the kind who knows in-depth all about the technology, and has no qualms about doing bad things.
- #266
nismaratwork
- 359
- 0
CAC1001 said:
I could hug you if your conservative ideology didn't irk me so much. Oh what the hell, let's hug it out you big galoot!
edit: "And my orders are to weed out all non-hackers who do not pack the gear to serve in my beloved Corps!" (R. Lee Ermy as Drill Sgt. Hartman, 'Full Metal Jacket')
- #267
rhody
Gold Member
- 681
- 3
I offer you: http://www.schneier.com/blog/archives/2009/09/real-world_acce.html"
"[URL
Schneier on Security[/URL]
I used to get his Crypto-Gram Newsletter forwarded by a friend at work and this month has started again.
Interesting, and I might add very credible expert on security issues:
From the link above:
http://mba.tuck.dartmouth.edu/digital/Research/ResearchProjects/DataFinancial.pdf"
A sample of credible research, with background, assessment, and risks, clearly laid out, which for me is critical in separating fact from speculation or fiction.
I will keep my eye open for insight, information missed or overlooked by mainstream media and toss it over the fence for review and discussion.
Fox News talking heads Oreilly et al frequently quote information cited in the News Letter, but that is about all the attention it gets in mainstream media. IMHO Schneier is worth following, and frequently is weeks and in some cases months ahead of developing security issues and trends.
Rhody...
"[URL
Schneier on Security[/URL]
I used to get his Crypto-Gram Newsletter forwarded by a friend at work and this month has started again.
Interesting, and I might add very credible expert on security issues:
From the link above:
http://mba.tuck.dartmouth.edu/digital/Research/ResearchProjects/DataFinancial.pdf"
A sample of credible research, with background, assessment, and risks, clearly laid out, which for me is critical in separating fact from speculation or fiction.
I will keep my eye open for insight, information missed or overlooked by mainstream media and toss it over the fence for review and discussion.
Fox News talking heads Oreilly et al frequently quote information cited in the News Letter, but that is about all the attention it gets in mainstream media. IMHO Schneier is worth following, and frequently is weeks and in some cases months ahead of developing security issues and trends.
Rhody...
Last edited by a moderator:
- #268
Proton Soup
- 223
- 1
Schneiner is great. I've got his 1st ed. Applied Cyptography laying around someplace.
that RBAC stuff sounds like they're trying to make things as complicated as possible. and yes, it's a lot of work and costs a lot of money. and no, nobody wants to pay for it.
that RBAC stuff sounds like they're trying to make things as complicated as possible. and yes, it's a lot of work and costs a lot of money. and no, nobody wants to pay for it.
- #269
Galteeth
- 69
- 1
nismaratwork said:
What would lead to you to believe Assange doesn't know what's in the file? The purpose to me seems pretty clear. He said he would only release the password if he were killed or imprisoned for life. It's leverage against that happening. The file could be pictures of cats for all we know. The point is, that if people believe it could be something that might damage them (which is why you don't say what's in it, because you're not sure who might want to jail or kill you) it might dissaude them from jailing or killing Assange.
- #270
nismaratwork
- 359
- 0
Galteeth said:
You expect me to believe that beyond this overview, Assange has read the vast number of documents described as being in this file? You can't go around assuming that every gun isn't loaded, so the 'cats' concept is probably wishful thinking. Here is what is claimed to be in the file, at least:
I'm sure he watched the video and read some of it, but unless he's smuggling HD movies in the original 720-1080 he could have a LOT of pictures of cats in a compressed file of that size.
- #271
Galteeth
- 69
- 1
nismaratwork said:
No, that is stuff that he has either already released or is planning to release. The insurance file wouldn't be that.
- #272
nismaratwork
- 359
- 0
Galteeth said:
That was a quote from the NY Post, and represents the only CONFIRMED files that he has. Given however that he hasn't bluffed yet I'm shocked that you feel you can predict his behaviour so confidently.
- #273
Galteeth
- 69
- 1
nismaratwork said:
I'm not saying he's bluffing. I think you misunderstood my post. People were asking what the point of the insurance file was. It probably is something damaging. I was explaining why he hasn't explicitly stated what's in it. The video of the civilian deaths has already been released, and the other stuff the NY post mentioned wikileaks has said they are going to release. It wouldn't make sense for the insurance file to contain stuff he already released or was planning on releasing (unless it was a bluff).
The idea of an insurance file is you don't know who might be after you. It could be a government of some country or a corporation or criminal organization who thinks you have info they don't want to get out. If they think killing you may cause a release of that info, it is disincentive to kill you. Hence insurance. I wasn't seriously suggesting it was a bluff. The point is, as you accurately realized, people can't assume he's bluffing, so the threat of an "insurance file" seems to serve its purpose.
Pointing out that it could be a bluff was only to illustrate the psychology behind its purpose.
- #274
nismaratwork
- 359
- 0
Galteeth said:
Yes, that's exactly why I initially referred to this file as a 'fail-deadly device', which it is! Whether it's Semtex or soap, if a guy claiming to be wearing a bomb has a dead-man's switch, it's a very difficult situation.
There is a flaw here however, which is that Assange seems very intent upon maintaining a particular image in the media, an that one doesn't fit with such a blatant threat. He can claim self-defense, but he also wants to release the truth right? If there is something in that file that 'the world needs to know' under the Wikileaks philosophy, then using it as a fail-deadly is counter to that philosophy. Really, this only works if they're UNEDITED versions of documents already released, or if he just took a chunk of what he believed to be meaty material, compressed and encrypted it without ever having the time to look through it.
A bluff or not, the people who love him and this site (who are now the keepers of this file!) are going to want to know what's in it, don't you think? How is it going to look for Assange's crusade when he uses secrets that important as a means of blackmail to save his rear, and that such secrets could die with him! No, I think he just took a chunk of unfiltered or edited cables that would be damaging, but not necessarily interesting or "criminal" in the way he feels the air-strike was. Anything else, and he'll have no friends left at all, and file or not he'll be a dead man.
- #275
WhoWee
- 219
- 0
Galteeth said:
On the other hand, an enemy of someone he holds "insurance" against might kill him to trigger the release. Wouldn't that be ironic?
- #276
nismaratwork
- 359
- 0
WhoWee said:
You know, I hadn't considered that? Hmmmm... I could see someone obsessed by curiosity alone doing at some point in this whole mess, never mind something international!
- #277
Galteeth
- 69
- 1
nismaratwork said:
The secrets don't "die with him," the encryption key is released (a few of his wikileaks people have it) if he dies. It's pretty speculative to say what will happen to the data eventually. He seems to think of himself as a historian, so at this point it would seem like he would make some plan for its eventual release, but who knows what the years will bring?
'Anything else, and he'll have no friends left at all, and file or not he'll be a dead man" I'm still bit confused here by what you're saying. If the file is decrypted, he's already dead.(or maybe in jail for life with no possibility of parole)
- #278
nismaratwork
- 359
- 0
Galteeth said:
My point is that he's in a bind... he has to have something amazingly damaging in that file, is making a HUGE bluff, or it's just a dump for random files. If it's the first then the element of blackmail using stolen material is fairly obviously criminal. No government is going to accept this kind of threat and set such a precedent, and it's pretty likely that he's going to end in a prison, if not for life then a very long time.
In the meantime, what of the file? He's likely to be in prison, not dead, so how does a site dedicated to disseminating 'truth' justify using something so potent as a secret for leverage? I'm saying that as WhoWee has pointed out, he's really screwed no matter what he does at this point, and having created and spread the file it's only a matter of time before the very people who support him demand to know what's in the file.
This file has made him LESS safe, but more notorious... that's all. Given what he's said about his love of attention I suspect that he cares more for fame than safety.
- #279
Proton Soup
- 223
- 1
if it's a bluff, i think it would never be released.
otherwise, whatever is in there would likely be released at some future date no matter what happens. that is the whole purpose of wikileaks, after all.
otherwise, whatever is in there would likely be released at some future date no matter what happens. that is the whole purpose of wikileaks, after all.
- #280
nismaratwork
- 359
- 0
Proton Soup said:
If it's going to be released anyway, how is it a deterrent? Wikileaks isn't about waiting 50 years for declassification, and neither are their followers. If this is bound to be released, why make a locked file at all, and if it isn't... how DO they square that with their purpose?