Article <1050gbt$2q09e$4@dont-email.me>

Deutsch English Français Italiano
<1050gbt$2q09e$4@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: nntp.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: sci.crypt
Subject: Re: AI's take on my cipher...
Date: Sun, 13 Jul 2025 14:37:49 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 21
Message-ID: <1050gbt$2q09e$4@dont-email.me>
References: <1049c0q$10d0c$1@dont-email.me>   <104mgv5$cvfq$1@dont-email.me> <047c88f47daa342fbbf7aee669a3deb8896ce6af@i2pn2.org> <104mj60$dltj$1@dont-email.me> <4b6e233e7c3fb669fa324151f627c4addbfc9f70@i2pn2.org> <104r7eo$1i08p$1@dont-email.me> <95a6f265f6bdddcd037a7e48cf5258e77cec9b15@i2pn2.org> <104uecv$2ak1k$1@dont-email.me> <8e54a93978459bb7baa6896adc62508b9deb7d78@i2pn2.org> <104uqme$2cu71$1@dont-email.me> <9540f0b46eba10d14519928b6b5a4a2bee8a7940@i2pn2.org>
Injection-Date: Sun, 13 Jul 2025 16:37:50 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="98d3fbcbb0287bbd0d73a29a092f1053";
	logging-data="2949422"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+2MHCAbNB6sebg5vOT4YrJ"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:ejm7y9wFV+FSluk0sDK1u3IGEM4=

Stefan Claas <stefan@mailchuck.com> wrote:
> Chris M. Thomasson wrote:
> 
>> Think of an offline encrypt with say, my symmetric HMAC cipher thing.
>> You save the ciphertext to a usb drive. Oh shit, say the offline
>> computer is infected with a virus, and the USB is now highly suspect.
>> Sigh... Alice gives the USB to Bob, key/viral exchange, say a new key is
>> encrypted in the ciphertext... ;^). Bob just infected his computer with
>> the virus before decrypt even occurs. 
> 
> Don't you have a Kanguru Defender 3000? I have one since many years,
> with 3 years AV license.
> 
> <https://www.kanguru.com/products/kanguru-defender-3000-superspeed-usb-3-0-fips-140-2-level-3-certified-hardware-encrypted-flash-drive>

But, you now have to trust that this device is actually 'encrypting' as 
it claims it is, and that it does not have a secret backdoor via a 
'secondary key' or via a JTAG port that can be accessed by removing the 
outer casing (or by drilling a few small holes at the correct location 
into which to insert pogo pins to access that JTAG port.