Article <9af21ecb5f46aa81e2ad32a1f03ac867c564ea42@i2pn2.org>

Deutsch English Français Italiano
<9af21ecb5f46aa81e2ad32a1f03ac867c564ea42@i2pn2.org>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: nntp.eternal-september.org!news.eternal-september.org!eternal-september.org!feeder3.eternal-september.org!i2pn.org!i2pn2.org!.POSTED!not-for-mail
From: Stefan Claas <stefan@mailchuck.com>
Newsgroups: sci.crypt
Subject: Re: AI's take on my cipher...
Date: Mon, 14 Jul 2025 21:19:36 +0200
Organization: i2pn2 (i2pn.org)
Message-ID: <9af21ecb5f46aa81e2ad32a1f03ac867c564ea42@i2pn2.org>
References: <1049c0q$10d0c$1@dont-email.me> <104mj60$dltj$1@dont-email.me> <4b6e233e7c3fb669fa324151f627c4addbfc9f70@i2pn2.org> <104r7eo$1i08p$1@dont-email.me> <95a6f265f6bdddcd037a7e48cf5258e77cec9b15@i2pn2.org> <104uecv$2ak1k$1@dont-email.me> <8e54a93978459bb7baa6896adc62508b9deb7d78@i2pn2.org> <104uqme$2cu71$1@dont-email.me> <1050ffb$2q09e$2@dont-email.me> <da6f83987b8b26ab31d7548607aaa6529a7a0f06@i2pn2.org> <10536me$3fgpt$1@dont-email.me> <49d6be48c0d398c0f4e4f95d0566ff9a98e94353@i2pn2.org> <1053kh8$3imh3$1@dont-email.me>
MIME-Version: 1.0
Injection-Date: Mon, 14 Jul 2025 19:19:36 -0000 (UTC)
Injection-Info: i2pn2.org;
	logging-data="627890"; mail-complaints-to="usenet@i2pn2.org";
	posting-account="ieSrCjSDShpZNyqIW52mlwIkg76Hsp+TOOO6KTdfCN8";
User-Agent: flnews/1.3.0pre31 (for GNU/Linux)
Cancel-Lock: sha1:ZHnGR9+dtEKEPLbM7QsrVT5MXDI=
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Date: It's Mon Sep 11640 09:19:36 PM CEST 1993, the September that never ends.
X-Ed25519-Pub: c0ffee5a36e581eb10f60b2831b3cdb955d2e7ef680dd282a8d43ad8b84b357a
X-Ed25519-Sig: 4ae8e07bff3fc36477d0d25c559e275eb2cc7ac2cd31e104850ef8be688e86b8
 2c7f7bbd617bceac29fd447c4de628493cd9264349561c7a65750b688d6bac05

Rich wrote:
> Stefan Claas <stefan@mailchuck.com> wrote:
> > Rich wrote:
> > > Stefan Claas <stefan@mailchuck.com> wrote:
> > > > Rich wrote:
> > > > 
> > > > > And, how accurately do you think the average person who wants to send 
> > > > > an encrypted message will be at typing this:
> > > > > 
> > > > > KqHtqbSca2hvI02pCMHtdKQLfHhW6OeN7iK1Fg45nMpoT+to8XpwpvARkW6UziY0iyZWUEgP/gol
> > > > > gz5p3XpGCe0hZbYV2IYYLDvvRjGWj1k5IHkDX4WshBZvI5fhVssJOqVI3bzqdEW3XLD4NoGKVQg3
> > > > > ZeNaSJs2hBySnkBoKGI=
> > > > > 
> > > > > That's 128 random bytes, base64 encoded.  128 bytes is right about the 
> > > > > original "tweet length" of tweets on shitter, so there is a severe 
> > > > > limit of the amount of information that can be transferred.
> > > > 
> > > > That why I have my az and ug program for people available, but it uses 2
> > > > bytes, which should be no problem.
> > > > 
> > > > $ openssl rand 128 | az | ug -g
> > > > ZMAXT OPNWC LZWIF OQIMR PNNQV BFQLC BRZDA RUFBT ROLQS GOLKA
> > > > KKNJF ULBLO WINNL IIVVK FWTEE XRGBS UJCYS DCMWH JUMAA VLLNX
> > > > MJMYS LHSKG ENKLL LUGBN YNDSP AJYMO OXUBC YQNOY QMFYW ABOPH
> > > > NUVCJ KMFCM XKDVM EEXYL LVUKO VVGAU UACYV OHKUG GTVAA MWDLO
> > > > KCPYN HOWVM DPNHA ZMGHV MFIKW DILNO FYQHK VQELK OMFNL EOLTL
> > > > ETMPL S
> > > 
> > > Yes, easier to enter than raw base64.  But in this case this "easier" 
> > > is like the fact that it is "easier" to move 10,000kg of sand 1km by 
> > > hand than it is to move one single 10,000kg rock 1km by hand.  "Easier?" Yes, 
> > > but no one will actually want to do so either by hand if they have 
> > > other alternatives.
> > > 
> > > No one, except for the very very truly determined (a tiny sized 
> > > population), will want to hand type that to maintain proper 
> > > air-gapping.  So they will use USB sticks or other methods to "move" 
> > > the data, opening up the possibility of transfer of an exploit via that 
> > > same USB stick.
> > > 
> > 
> > A 3.5 ich disk drive and disk for it come in handy, because you hear
> > every read/write process
> 
> You hope.  A NSA level attack could hide a microcontroller and several 
> GB of non-volatile memory on an otherwise normal looking interface 
> board.  Some of the read/writes could then be redirected to/from that 
> non-volatile memory.
> 
> Far fetched -- certianly not when such CPU's can be had from Amazon for 
> $10.00.
> 
> Likely to happen to any individual - well, very unlikely, unless they 
> happen to also be in the NSA's crosshairs.
> 
> > and can quickly examine the sectors with a disk editor.
> 
> The same exploited drive could perform a VW Dieselgate detection to 
> detect likely access by a disk editor (the access patterns will differ 
> vs. filesystem accesses) and return alternate contents or modify the 
> actual return from the disk surface to make you believe anything was 
> written to the sectors.  So you'd have to disk edit read on another 
> machine that itself was not compromised in some way (and hope the NSA 
> didn't swap the drive in that machine for another comprimised one).
> 
> And -- I'm ignoring the fact that buying a newly manufactured in 2025 
> 3.5" drive mechanism is all but impossible today.
> 

What you always forget. the NSA can't snoop on onffline devices in Eurasia.

They can do that with US citizens in the US.

Regards
Stefan