If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#31
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On Wed, 08 Jan 2014 04:38:35 +0800, "Mr. Man-wai Chang"
wrote: BTW, I heard that Asian witches (notably Chinese and Thai ones) could curse someone using one's precise birth time in Lunar calendar format! Yeah, right. Not only Asian witches, but also Sand witches. |
Ads |
#32
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On Tue, 07 Jan 2014 16:57:18 -0500, Nil wrote:
But this alpha has only been available for a couple of days. No, it hasn't. I downloaded (and installed) this version on Dec 3 2013. -- s|b |
#33
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/7/2014 3:33 PM, Mr. Man-wai Chang wrote:
On 8/01/2014 3:03 AM, Paul wrote: It's a good thing I bought a few extra rolls of tinfoil this week, to make my tinfoil hat a bit thicker. They can't get you, if you're wearing your tinfoil hat. Can tin foil prevent God from talking to you directly? No, only medication can stop that. Tinfoil is obviously an art form... Such fun. http://f.kulfoto.com/pic/0001/0038/679Tv37606.jpg Paul |
#34
|
|||
|
|||
OT How safe is a 7-zip passworded file?
Silver Slimer wrote:
On 07/01/2014 11:59 AM, BillW50 wrote: Although todays computers, devices, etc. are totally different. The power button doesn't physically disconnect the power anymore. And there are tasks that could wake the system up (even a backdoor hack I would guess). Absolutely agreed. I would not be surprised to discover that even off, the contents of my hard disk are somehow accessible to outside parties. http://www.popularresistance.org/new...ntly-hackable/ Just sayin'. -- The wise learn more from fools than fools from the wise. |
#35
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/7/2014 11:47 PM, Auric__ wrote:
Silver Slimer wrote: On 07/01/2014 11:59 AM, BillW50 wrote: Although todays computers, devices, etc. are totally different. The power button doesn't physically disconnect the power anymore. And there are tasks that could wake the system up (even a backdoor hack I would guess). Absolutely agreed. I would not be surprised to discover that even off, the contents of my hard disk are somehow accessible to outside parties. http://www.popularresistance.org/new...ntly-hackable/ Just sayin'. I think the comment section of that page, just about covered it all. Intel shoots themselves in the foot, by not describing where the various bits and pieces are hiding. Their lousy "video animation" does nothing to allow others to analyze the implications. I have one Powerpoint slide deck on AMT. But it's dated enough now, there's no way to extrapolate where the hardware functions for that, hide today. Back at that time, Q-series chipsets had a microcontroller in the chipset, which shared code space in the BIOS chip. So the processor itself was not adulterated in that case. But seeing as SOC is the gleam in Intel's eye, I don't see any reason to assume AMT will stay in the chipset. It's where ever Intel wants it to be. I don't see any effort by AMD, to match them on this. Server computers used to be "bugged" in the past, by adding a separate controller board. That allowed the IT department to access a crashed server, and reboot it. The Intel AMT feature was intended to move that capability, to the desktop. The difference is, the need for a separate controller board, allows the end user to unambiguously control their fate. No controller board, no bug. By putting portions of the hardware needed, into *everything*, it just gives material to the conspiracy nuts. It's irresponsible of Intel, not to document this stuff properly, and put it on the same web page as that blasted video of theirs. I had to dig pretty hard, to find a copy of the Powerpoint slide deck I got, on AMT. The list at the bottom of this page, still puts some emphasis on the chipset. The reason an 82579LM and specific Centrino wireless items are mentioned, is so the AMT firmware will have a driver for them. If some other brand of comm chippery is used, there won't be a driver to make it work. https://communities.intel.com/message/175345 Paul |
#36
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On Mon, 06 Jan 2014 12:33:14 -0500, Keith Nuttle
wrote: On 1/6/2014 11:40 AM, Mr. Man-wai Chang wrote: On 6/01/2014 11:38 PM, Paul wrote: On 1/6/2014 10:11 AM, Mr. Man-wai Chang wrote: And BTW, your government could always arrest your physical body in reality for questioning! They can always use a keylogger. That is, install malwares into your PC when you were away from home? This is impossible if you turn off your computers when you are not using it. Sooner or later, you have to turn it on in order to use it. |
#37
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On Mon, 06 Jan 2014 12:33:14 -0500, Keith Nuttle
wrote: On 1/6/2014 11:40 AM, Mr. Man-wai Chang wrote: On 6/01/2014 11:38 PM, Paul wrote: On 1/6/2014 10:11 AM, Mr. Man-wai Chang wrote: And BTW, your government could always arrest your physical body in reality for questioning! They can always use a keylogger. That is, install malwares into your PC when you were away from home? This is impossible if you turn off your computers when you are not using it. Windows 8 notebooks never turn off. Unless you pull the battery. Even then, it takes a while for the internal battery to die. Most people don't realize their notebooks are constantly transmitting. //Better Connectivity The 4th gen Intel Core processor family automatically connects to wireless hotspots. Your e-mail, social media, and apps are always updated thanks to Intel® Smart Connect Technology.// //Intel® Smart Connect Technology Stay current with automatic, no-wait updates to your email and social networks, even when your device is asleep.// http://www.intel.com/content/dam/www...bile-brief.pdf http://www.intel.com/content/dam/www...tops-brief.pdf The lady in the picture is a spy. So is the dork. Note the new NSA hairstyles. []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
#38
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/9/2014 6:45 AM, Shadow wrote:
On Mon, 06 Jan 2014 12:33:14 -0500, Keith Nuttle wrote: On 1/6/2014 11:40 AM, Mr. Man-wai Chang wrote: On 6/01/2014 11:38 PM, Paul wrote: On 1/6/2014 10:11 AM, Mr. Man-wai Chang wrote: And BTW, your government could always arrest your physical body in reality for questioning! They can always use a keylogger. That is, install malwares into your PC when you were away from home? This is impossible if you turn off your computers when you are not using it. Windows 8 notebooks never turn off. Unless you pull the battery. Even then, it takes a while for the internal battery to die. Most people don't realize their notebooks are constantly transmitting. //Better Connectivity The 4th gen Intel Core processor family automatically connects to wireless hotspots. Your e-mail, social media, and apps are always updated thanks to Intel® Smart Connect Technology.// //Intel® Smart Connect Technology Stay current with automatic, no-wait updates to your email and social networks, even when your device is asleep.// http://www.intel.com/content/dam/www...bile-brief.pdf http://www.intel.com/content/dam/www...tops-brief.pdf The lady in the picture is a spy. So is the dork. Note the new NSA hairstyles. []'s The battery in a laptop replaces the CMOS battery in your desktop, but serves a similar function to keep the bootstrap programs always available. So in a sense all computers are always on. Today in most computers the CMOS Battery keep the clock correct on a computer. Even in Windows 8.1 you can set each wireless network connection to auto connect or not to auto connect. You also have the option to turn of the wireless transmitter on you laptop commuter. A spy would have to have install a program on the computer that would override the start-up circuitry. When I become real paranoid about illegal connections, I turn off the wireless router. Since the router also serves the wired connection, all of my computers are all off the web. If I become extremely paranoid, I turn off the modem. While the US government and others have spy programs, what are the odds of them targeting your computer. The probability is decreased if you only use your computer a couple of hours per day and it turned off the rest. What is the probability that your computer has something worth taking the time to hack into it? It is more profitable to target a large company, bank or store computer. |
#39
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/9/2014 8:28 AM, Keith Nuttle wrote:
On 1/9/2014 6:45 AM, Shadow wrote: On Mon, 06 Jan 2014 12:33:14 -0500, Keith Nuttle wrote: On 1/6/2014 11:40 AM, Mr. Man-wai Chang wrote: On 6/01/2014 11:38 PM, Paul wrote: On 1/6/2014 10:11 AM, Mr. Man-wai Chang wrote: And BTW, your government could always arrest your physical body in reality for questioning! They can always use a keylogger. That is, install malwares into your PC when you were away from home? This is impossible if you turn off your computers when you are not using it. Windows 8 notebooks never turn off. Unless you pull the battery. Even then, it takes a while for the internal battery to die. Most people don't realize their notebooks are constantly transmitting. //Better Connectivity The 4th gen Intel Core processor family automatically connects to wireless hotspots. Your e-mail, social media, and apps are always updated thanks to Intel® Smart Connect Technology.// //Intel® Smart Connect Technology Stay current with automatic, no-wait updates to your email and social networks, even when your device is asleep.// http://www.intel.com/content/dam/www...bile-brief.pdf http://www.intel.com/content/dam/www...tops-brief.pdf The lady in the picture is a spy. So is the dork. Note the new NSA hairstyles. []'s The battery in a laptop replaces the CMOS battery in your desktop, but serves a similar function to keep the bootstrap programs always available. So in a sense all computers are always on. Today in most computers the CMOS Battery keep the clock correct on a computer. Even in Windows 8.1 you can set each wireless network connection to auto connect or not to auto connect. You also have the option to turn of the wireless transmitter on you laptop commuter. A spy would have to have install a program on the computer that would override the start-up circuitry. When I become real paranoid about illegal connections, I turn off the wireless router. Since the router also serves the wired connection, all of my computers are all off the web. If I become extremely paranoid, I turn off the modem. While the US government and others have spy programs, what are the odds of them targeting your computer. The probability is decreased if you only use your computer a couple of hours per day and it turned off the rest. What is the probability that your computer has something worth taking the time to hack into it? It is more profitable to target a large company, bank or store computer. The large removable battery in the laptop provides: 1) Main power - the equivalent of 3.3V/5V/12V on a desktop 2) Standby power - the equivalent of +5VSB when the computer sleeps - this maintains RAM state, but can't last forever, because the power that DRAM uses in refresh, is not zero. The CMOS battery (CR2032) is for time-keeping. Some laptops use a LR2032, which is a rechargeable CR2032. An LR2032 can drain in a shorter time, but can also recharge from the main battery later. The CR2032 type, doesn't recharge. CR2032 is not meant for anything but running the RTC real time clock. ******* The SmartConnect is demonstrated here. This document is from 2012, but I suspect the SmartConnect implementation is older than that. (In other words, later versions could use functional blocks located in other chips. The architecture and design does not have to stand still.) http://www.asrock.com/support/note/I...artConnect.pdf The capability isn't explained in as many words, but it looks like: 1) Capability is enabled by installing a driver. 2) Capability relies on system being in sleep state, meaning RAM still contains an OS session. 3) Cute tuner application allows listing eligible applications. Exactly why this is necessary, isn't clear. Does that driver indicate a networking state change to selected applications only ? The document also says, the applications needing periodic network updates, should already be running before the computer is put in sleep state. Now, one other document on their site, refers to a "ME8" BIOS, which is a poor choice of terms. http://www.asrock.com/news/events/2012H61/ That's because it suggests the Management Engine is being used. And the H61 chipset on the products in question, isn't supposed to have a Management Engine (it should be disabled by Intel at the factory). To do the Smart Connect, could be implemented entirely with the regular chipset wake timer in the RTC, so really, a Management Engine is not required. Just the voluminous collection of C states Intel has now, a timer to wake the system, a driver to put the system back in sleep state after the "update" period is complete. If a Management Engine is involved, that would indeed be creepy. As it could imply operation in a very low C state (processor core powered off, DRAM powered off). Then the only question would be, what RAM is the Management Engine using and how is it powered. Of course, if the OS isn't loaded in that scenario, what can the Management Engine do on its own ? Leaving an OS in RAM is more useful, and gives the computer "Some information to steal", if you're wanting a conspiracy theory. The reason I look for non-Intel documents to explain this stuff, is in the hope they'll "let the cat out of the bag" :-) Because Intel won't explain it in a useful way. Paul |
#40
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/9/2014 12:09 PM, Paul wrote:
On 1/9/2014 8:28 AM, Keith Nuttle wrote: On 1/9/2014 6:45 AM, Shadow wrote: On Mon, 06 Jan 2014 12:33:14 -0500, Keith Nuttle wrote: That is, install malwares into your PC when you were away from home? This is impossible if you turn off your computers when you are not using it. The lady in the picture is a spy. So is the dork. Note the new NSA hairstyles. []'s The battery in a laptop replaces the CMOS battery in your desktop, but serves a similar function to keep the bootstrap programs always available. So in a sense all computers are always on. Today in most computers the CMOS Battery keep the clock correct on a computer. Even in Windows 8.1 you can set each wireless network connection to auto connect or not to auto connect. You also have the option to turn of the wireless transmitter on you laptop commuter. A spy would have to have install a program on the computer that would override the start-up circuitry. When I become real paranoid about illegal connections, I turn off the wireless router. Since the router also serves the wired connection, all of my computers are all off the web. If I become extremely paranoid, I turn off the modem. While the US government and others have spy programs, what are the odds of them targeting your computer. The probability is decreased if you only use your computer a couple of hours per day and it turned off the rest. What is the probability that your computer has something worth taking the time to hack into it? It is more profitable to target a large company, bank or store computer. The SmartConnect is demonstrated here. This document is from 2012, but I suspect the SmartConnect implementation is older than that. (In other words, later versions could use functional blocks located in other chips. The architecture and design does not have to stand still.) http://www.asrock.com/support/note/I...artConnect.pdf The capability isn't explained in as many words, but it looks like: 1) Capability is enabled by installing a driver. 2) Capability relies on system being in sleep state, meaning RAM still contains an OS session. 3) Cute tuner application allows listing eligible applications. Exactly why this is necessary, isn't clear. Does that driver indicate a networking state change to selected applications only ? The document also says, the applications needing periodic network updates, should already be running before the computer is put in sleep state. Now, one other document on their site, refers to a "ME8" BIOS, which is a poor choice of terms. http://www.asrock.com/news/events/2012H61/ The reason I look for non-Intel documents to explain this stuff, is in the hope they'll "let the cat out of the bag" :-) Because Intel won't explain it in a useful way. Paul PS: In my above post when I say turned off I mean shutdown, not standby or Hibernate. I believe my old Ambra (maybe my next computer) had a way of starting it up remotely. As I remember it was setup so the FAX modem could be used even when unattended. |
#41
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 1/9/2014 12:54 PM, Keith Nuttle wrote:
PS: In my above post when I say turned off I mean shutdown, not standby or Hibernate. I believe my old Ambra (maybe my next computer) had a way of starting it up remotely. As I remember it was setup so the FAX modem could be used even when unattended. That function is called WOR or Wake On Ring. That's so you can receive FAXes on a computer that is sleeping. It's similar to WOL or Wake On LAN on a NIC, only on the NIC you have some choices for the kind of packet that causes the computer to wake up. Both interface to PME or Power Management Event on the chipset, and that's how the wake up kicks off. To work, standby power (+5VSB) must be available for the RS232 or NIC, as well as the chipset with the PME on it. Paul |
#42
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 06/01/2014 12:18 AM, Paul wrote:
What isn't good, is if you use the same password for everything. That wouldn't be good. Neither would a dictionary word be a good choice for a password. There are no simple answers for passwords. Passwords suck. Simple enough to remember, the password will be easy to break. Hard enough to prevent breakage, impossible to remember. Not necessarily: GRC's | Password Haystacks: How Well Hidden is Your Needle? https://www.grc.com/haystack.htm Basically, you don't have to break your back to get a strong password. An extremely long password that even includes dictionary words is *more* unbreakable than a fully randomized smaller password. At some point a password is so long that all computer systems give up on dictionary attacks and go with brute force. When making a long password, just make it simple & memorable for you, and just pad it with symbols. A dictionary attack won't work on anything other than short passwords. Yousuf Khan |
#43
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 05/01/2014 11:35 PM, John Doe wrote:
Using the latest version 7z920. When you zip up some files and use the default AES-256 encryption with "encrypt file names" checked, it's safe right? Hard to say, depends on whether the NSA has broken it yet or not. NSA doesn't necessarily break it by doing long, drawn-out mathematical analysis on it. They sneak in backdoors and deliberately broken code into these algorithms, which you or I have no way of checking for. Intentional sabotage. Also some years later, some very strong encryptions were discovered to be not so strong due to vulnerabilities revealed through mathematical analysis. That's not intentional sabotage, just an unforeseen failure to see a weakness. But if you're just trying to beat a standard lone-wolf hacker, rather than the NSA, then I'm sure it's fine. Guess why we’re moving to 256-bit AES keys | Agile Blog http://blog.agilebits.com/2013/03/09...-bit-aes-keys/ Yousuf Khan |
#44
|
|||
|
|||
OT How safe is a 7-zip passworded file?
"Yousuf Khan" wrote:
Basically, you don't have to break your back to get a strong password. An extremely long password that even includes dictionary words is *more* unbreakable than a fully randomized smaller password. At some point a password is so long that all computer systems give up on dictionary attacks and go with brute force. When making a long password, just make it simple & memorable for you, and just pad it with symbols. A dictionary attack won't work on anything other than short passwords. To get a "good" passphrase you don't even have to pad it with symbols unless the password filtering logic demands it. http://xkcd.com/936/ Sadly, some systems severely limit the passphrase length and/or prohibit the presence of space characters in the password. Fidelity Investments (and probably some other firms) maps alpha characters to TouchTone buttons, so if you create the password "aBcdefGHI" it's treated as if it were 222333444 to permit customers to log on to its automated system via voice telephone. The saving grace is that there's a limit to the number of wrong passwords one can enter before the account is locked, so as long as the attacker can't get the password itself (via social engineering, keyloggers, etc.) and can't penetrate Fidelity's servers, this isn't as much a risk as it might initially appear. Joe |
#45
|
|||
|
|||
OT How safe is a 7-zip passworded file?
On 08/01/2014 1:23 AM, Paul wrote:
I don't see any effort by AMD, to match them on this. AMD is building in a full-function ARM processor into their newest processors for "secure access to their content and worry-free online transactions". It's supposed to leverage ARM's TrustZone security feature. Why would you need a full-function processor core just to do transaction processing, why not just license the algorithm and implement in your own processor? Looks like it's exactly the same thing as what Intel did. Buh-bye privacy! Yousuf Khan AMD Strengthens Security Solutions through Technology Partnership with ARM http://www.amd.com/us/press-releases...2012jun13.aspx |
Thread Tools | |
Display Modes | Rate This Thread |
|
|