British green (24-08-17), M_C (24-08-17)
There's little worry as long as you put nothing out in cyber you wouldn't mind seeing in a newspaper article.
If you do, well then, you've got security issues. And probably other, bigger issues as well.
M_C (24-08-17)
Not wishing to burst your bubble, but HTTPS was cracked 4 year ago (Or at least that's the first time they admitted it) & there are tools available, via a quick google search, that will crack HTTPS in 30 seconds or less
An extract form The Register:-
That's only one of the tools that the Black Hats have.... makes you wonder what the NSA & GCHQ haveStep into the BREACH: HTTPS encrypted web cracked in 30 seconds
Online banking, webmail, shopping hacked and slurped in new crypto attack
By John Leyden 2 Aug 2013 at 15:57
SHARE ▼
Black Hat 2013 A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic, say researchers.
Secret data crucial to securing online banking and shopping can be lifted from an HTTPS channel in as little as 30 seconds, we're told.
BREACH (short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) attacks the common Deflate data compression algorithm used to save bandwidth in web communications. The exploit is a development of the earlier Compression Ratio Info-leak Made Easy (CRIME) exploit, which also involved turning compression of encrypted web requests against users.
The code-breaking research behind BREACH was unveiled by security researchers Angelo Prado, Neal Harris and Yoel Gluck during a presentation at the Black Hat hacking conference in Las Vegas on Thursday.
All versions of TLS/SSL are at risk from BREACH regardless of the encryption algorithm or cipher that's in play, the trio said.
It's Not What You Know, It's What You Can Prove
British green (24-08-17), Bud Lightyear (24-08-17), Trex (25-08-17)
BREACH didn't crack SSL keys, it exploits compression. The exploit only worked if specific conditions were met. It's a chain of vulnerabilities that make up the exploit. It's easy to defend against that.
Trust me, it's impossible to crack AES 256. Here's a quote:
Breaking a symmetric 256-bit key by brute force requires 2128 times more computational power than a 128-bit key. Fifty supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space.
Last edited by Smokeful; 24-08-17 at 06:30 PM.
M_C (24-08-17)
More recently from The Register...
AES-256 keys sniffed in seconds using €200 of kit a few inches away
Trex (25-08-17)
But anyway, it's all getting a little geeky for the average member... suffice it to say, if the authorities want your data, then they will get it
British green (24-08-17), Trex (25-08-17)
well this is the purpose of just doing 10 plants or under..im pretty sure old bill isnt gonna want to get us nearly as bad as the big cash croppers,then u got the darknet markets that is throwing out weed and other drugs by the pounds..as already said if they want to bust u it dont matter what u got vpn,tor and fake user names they will get u
When the snows fall and the white winds blow, the lone wolf dies, but the pack survives.
2018 Outdoor extravaganza https://www.thctalk.com/cannabis-foru...r-extravaganza
2017 outdoor guerilla grow https://www.thctalk.com/cannabis-foru...tdoor-escapade
2016 guerilla grow finished https://www.thctalk.com/cannabis-foru...adventure-2016
British green (24-08-17), M_C (24-08-17), Trex (25-08-17)
The NSA do have backdoors nobody else knows about (0days) - and I'm willing to bet they put some of them there.
But, to be on their hit list you're a serious criminal that they're specifically targeting. That's not what I was getting it. Without HTTPS on the site you're allowing Government agencies to sift through users data at any time they like and it's all there in plain text. With HTTPS that becomes impossible.
It was just a suggestion anyway. I work in security, and it's standard practice on every web server I provision to use SSL. It would definitely be more beneficial to use HTTPS than it would to not use it.
M_C (24-08-17)
M_C (24-08-17)
All I ask is they don't use a mod/admin size hammer to open my door. I'd be happier to leave it open or open it for them . My conclusion is the more you hide stuff or try not to be seen the more people wanna find you or look at you . The best you can't see me burglar costume is a hi viz jacket steel toe caps hard hat and a clip board 😃😃😃😃 lol
Sent from a green pleasant land
Last edited by British green; 24-08-17 at 07:14 PM.
THCtalk.com Disclaimer - You must be over 18 years old to view/use this site .THCtalk.com does not encourage growing Cannabis or possessing Cannabis. Learning how to grow Cannabis instructions should be for educational purposes only. All Information contained in this web site is for: Historical reference, Scientific reference and Educational purposes only. Visitors to this website are advised against breaking the law as It is illegal to smoke, grow, or possess cannabis in the UK and some US States
Bookmarks