#cybersecurity

off-topic but it's really mind-bending how much money google must make on ads in order to justify serving all this stuff for free and still making huge profit

doubt

as long as some parts are highly profitable, others can make loss and just exist for PR, basically

I'd guess most money comes in from enterprise cloud business and stuff like that, which carries free public services like youtube

that too. but there was a time where they werent making money on cloud and enterprise

or at least not as much as now

theyre public, i guess one could go thru their annual reports and see

@grizzled lake I use Firefox

Are you talking 3 "Find the item"s? Because yes, I do that as well. I thought you meant more as in, you'd complete a captcha and you'd have to do another one after you've sent the last one

Poor understanding on my part 😄

Thought it would be of interest in this channel.

@late hound Has this been fixed?

I have no idea, the reddit post along with the article is hinting to me that it hasn't been fixed yet.

Then we don’t allow such discussion here, thank you for understanding

Oh my bad, I just thought it was an interesting and important piece of news.

It is, but until it’s been patched and rolled out there’s still a potential security risk and we don’t want to be part of that

Of course, I understand. I wouldn't want to be messing with Valve either haha

Probably never gonna be fixed, unless all the attention forces them to fix it. They have several similar CVEs dating back years that are still working.

Actually? I didn't know that they just didn't care at all...

@thorn obsidian Sorry to bother you again. I changed my mind on sharpops being able to be connected externally. I'm making it so you can only trigger updates to already running services.

But I found this today:

# Re-direct to remote environment.
export DOCKER_HOST="ssh://my-user@remote-host"

# Run your docker-compose commands.
docker-compose pull
docker-compose down
docker-compose up

# All docker-compose commands here will be run on remote-host.

# Switch back to your local environment.
unset DOCKER_HOST

Is this a unsecure idea?

The ssh key would be hidden behind circleci in my case.

It's not something I would do, personally.

What reasons do you have?

I want you to be able to deploy sharpops a bit like how you deploy heroku

But I can't see how I can make it secure

I wouldn't use anything through root

A single mistake and the system is hosed at that point

I don't know how I can avoid it and give the functionality I want

Docker being the main problem

The docker dameon is root

Do you not think that is a problem?

I think that having a server send commands to root is questionable.

And just a quick question: if I was to make it its own sharpops user, do I start the service as root, and they it "changes" itself down to sharpops user?

Cause i want to make that process seemless

So just a os.system(su sharpops)

Well, I'd hope you wouldn't use os.system() for one.

Is that actuallly moving the process down to sharpops perms?

I'm coding in golang

Oh, I have no idea the proper way of execution then if it's not Python.

You mean like how Apache/Nginx/etc works?

I don't want the user to have to do sudo su sharpops

Wait

I use a systemd service

I can just make it non-root

can't I?

Is that sutiable?

https://i.mcaq.me/1n0x.png

Try it out and see

Cause then its just a case of dealing with this

I might just analyse compose files before they run

And if its trying mount a volume to host

Error

But that's again relying on my filter programming skills

@thorn obsidian If it is a non-root user, I think I can accept that needs to happen

What other security things Do i have to think of?

Proper escaping of SQL, XSS, CSRF, just to name a few

Theres no SQL anywhere

XSS is a issue

Im not going to allow you to run commands remotely#

I am going to allow for a docker-compose file to be downloaded and run

So i need to add filters to that

For example, you can specify what locations it can download from

For example, only your github

@cedar pelican apparently nginx works like that, where it starts as root and then de-privileges itself to run as the nginx user

no idea how that works but its possible

I'm assuming it runs su in some way

But I'm pretty sure I can use the service

yeah you can tell systemd to run as a specific user, if you don't need it to start as root

https://unix.stackexchange.com/a/447329

take heed

you can specify the runas-user in systemd units, and you can also deescalate privileges via setgid() and setuid()

additionally, umasking and chrooting are also good practices after dropping privs

anyone wanna try solve my cipher for the memes

yes

AFDDGGFXGFDDFADAADXAAAFAGDGFDADDXGXX GXFDDAXGAGDX GGAFXDAGGD

@finite idol lol have fun

So that's interesting

yeah @quiet viper i upgraded it again

and was a bit nicer by giving a hint in the solvable part

Oh what I was actually going to say was that your cipher triggered our token alarm

bahahaha

lmaoo

Gave me a bit of a chuckle

how does the token alarm work

yeah mayo, if you can crack that bad boy then you are a true god

I'm thinking it's just a regex

Mostly cause the word fag is in it

yeah i noticed that part Floppy, gave me a good chuckle

Oooooooo THAT regex alarm

:P

I for some reason thought it was the like

Bot token one

I'm not awake

Would delete it then

Yeah I was wondering

I know nothing about cryptography so i probably wont be able to solve it, but can you tell me how many characters long the output will be?

if any of you can solve that bad boy and tell me the pass phrase ill give ya $100

also for people to be able to solve it and figure out what the passphrase is, you'd have to tell them what the pass phrase does / how the algorithm works i think

the output is 18 not inc spaces

ok

well ill give you this, the two pass keys can be solved through 2 ciphers

the actual phrase needs 3 but you need to do them in the right order and you need to do them the correct way

hence why i said my cipher was a big boy secure one

and i have to do it by pen and paper because no software can encode/decode using my custom method. That is untill i can work out a way to write a script to do it for me

AFDDGGFXGFDDFADAADXAAAFAGDGFDADDXGXX GXFDDAXGAGDX GGAFXDAGGD

those two at the end are the pass keys

thats another clue

hence why they are seperate from the rest of the cipher base

oh i thought those were seperate words that would be decoded

nope

the actual pass phrase words are all joined together and only get separated once you have solved the 3rd cipher type

ill give you another clue

AFDDGGFXGFDDFADAADXAAAFAGDGFDADDXGXX GXFDDAXGAGDX GGAFXDAGGD

that is 4 words

so the answer is an english string?

yes

4 english words

ok cool

those are short words

4.5 letters on avg

actually thats about average for english i think

this wouldnt be solvable in another language unless the language shared the same alphabetical characters with no fancy ones

latin

i think?

yeah mayo the key is to keep the words short and limit words with repetitive letters, it makes it harder to brute force through the 3rd cipher

cool

harder than it already is considering i eliminated the pattern factor

i could make the cipher even tougher to solve which i might end up doing in the future but by that stage i would only do that if i made myself an executable to encode and decode for me

because its already hard enough to do by paper, takes 5-10 mins

another trick is to use a traditional cipher but mix up the way you use it which is what ive done for 2 of the 3 ciphers, means that when brute forcing its harder because you wont always know what exactly you are trying to brute force and if the result it pumps out will be correct or not

as you might be able to tell i love puzzles, hence why i want to learn python and get into the web development/cryptography side of things

im planning on throwing all this out the window

and brute forcing the hell out it

lol have fun with that

ty

im not even sure it would be possible to brute force this (knowing my luck it will be easy as heck to brute force)

oh its possible

id be interested to see if it is/how long it takes just so i know for future

i think that no matter how long the string, the absolute maximum possibility of attempts it will take with my method is 4.0329146e+26

but im bad at this stuff so theres probably a way better method

cracking a code with so few samples is pretty hard
compared to that finding a fast way to bypass it once you know the algo is relatively easy

yeah

true

if you gave me a 100 character string i'd be done i think

do we have any context at all though?

or just several random character strings?

i mean i could do that, the question is do i have the effort or time to handwrite that out

if you can do the encryption by hand you can get a program to do it

that's what Sully came here to learn how to do lol

icic

@gentle heron the pass phrase is 4 words that are apart of the english language and can be found in the english dictionary and are comprised in a proper sentence

yeah but thats not really much info about the algo

yeah im learning python to make an encoder/decoder for my cipher

he gave some info on the alg earlier

it is 3 cipher types that are all personally customised to through people off

can it throw computers off though?

last two strings are the passkeys which are only 2 ciphers to solve but now that i think about it i used the pass key of one of the ciphers to cipher the passkey for that cipher fug

in order to figure out the cipher we would need some examples that include the plaintext tbh

right now its just a bunch of random characters

i mean one cipher seems pretty obvious by looking at it

with a long enough sample i was planning on mapping each two character pair to a random character and doing a character frequency analysis to convert that to english

but we only have 18 character output

all the letters are 1 of 5

rn

oh shit thats wild

anywyas i gtg

A, D , F , G, X ....... that means one of the ciphers is an ADFGX cipher

the thing is i ciphered the passkey for that cipher using that cipher so i kinda messed up there

so pretty much just exclude the last two strings and thats all you are able to solve, you will just have to try work out the passkeys using luck

AFDDGGFXGFDDFADAADXAAAFAGDGFDADDXGXX

thonks that maybe i can use a new cipher to cipher the passkeys

you’ve posted that code four times already, for the next one please just link to a previous one rather than pinging every moderator again thanks

sorry @latent kelp

lmao the alarms

Where do I start with security @ me if you have some good resources

Really depends on where you are at, programming wise. Look into encryption, OWASP's top 10 vulnerabilities, certificates, google any vulnerabiliies you hear about, practice with websites like hackthissite, hackme etc, practice with web applications like bWAPP, "damn vulnerable application" or what's its face, that should get you going @dawn bluff

Ok

Is the Michael Bazzell OSINT book still valid

Never heard of it, look at tracelabs.

192.168.1.6    ba:33:2b:87:e1:16    (Unknown)
192.168.1.8    ba:33:2b:87:e1:16    (Unknown)

Is this possible? 1 device with 2 IP Addresses?

Yes, if you have more than 1 ethernet driver

I see

Interesting thx robin

you dont need more tha none driver, in most operating systems you can just straight up assign as many ips as you want @thorn obsidian @wanton rune
I use it all the time at work since I might need to be able to access multiple subnets in a few minutes
Eg when I give new devices an IP itll almost always be on a different subnet than the default one so I just put in an IP on both subnets so I dont have to change any settings while im working

I see

at one point i had 8 ips on my work laptop

What teh

lol I had a bunch of jobs going on so i left the ip i needed for each site in so i didnt have to mess with it

Did a scan on those ips, found out they were running netbios

sounds like windows machines then

Yeah that's what I'm wondering. I'm dual booting windows and linux. But I rarely use windows. And there's only one computer here

So I'm trying to figure out where those 2 are coming from

The MAC vendor can't be identified

:/

is that your computers mac address?

Nop.

hmhmh

can you log in to the router?

My computer's ip's different.

Yeah

The router page's messy

I did that today

i assume those are from dhcp, it might have given the router a hostname

i often use wireshark to try to identify systems

They say workgroup

I don't really know that much about netbios

it also can tell you the manufacturer based on a lot of mac addresses

So I'm trying to learn right now

Really?

yeah its nice

I took the mac address online, none of them could give me any results

i use it to identify our hardware when they didnt let me pre-configure devices and now i need to know what stuff is actually installed and whats not working

or to ID stuff thats existing that i need to move over to the new one

eg like I know we are installing samsung cameras but I see some axis already there

Hm. I see.

and wireshark knows their mac address range 👍

or when the guys dont WRITE DOWN THE MAC ADDRESSES 😡

so i gotta find it

I was also wondering, what are TCP fingerprints?

See them in nmap scans

Can't understand them

um, sounds like when you look at how a system builds its packets and use that to identify the operating system

like some operating systems would use sequential packet ids

so you could watch for that

I see

now how does it work in nmap? sorry id have to look it up and im working on some other stuff and dont have room in my brain for that right this sec lol

lol, that's ok

check out their big tutorial pages though https://nmap.org/book/man-os-detection.html

I was going to ask that as well, but I decided not to.

Oh, thanks man.

@gentle heron thank you for the info

I’ll try to mess around with subnet later!

if you are on windows :
control panel-> network and sharing center-> the interface you want to edit-> properties-> IP v 4 properties ->advanced

lol

huge pain in the butt

Anyone have any scam emails sent to them recently asking for you to sign into something?

nope

I have a program to search a specific WIKIA for information and do some filtering with them then display the info to user. Except I have to login as a bot through username/password which I do not want to hard-code per common sense. How should I store the credential?

Pack it in a file somewhere, load the file at runtime and put the file it .gitignore?

most operating systems these days have systems to securely store user credentials and ask for them at runtime, requiring user confirmation

How hard is it to implement a simple authentication system for 1 route on a web server?

you could just slap some nginx with http basic auth in front of it and be done 🤷

The flask server is using nginx

but I'm running sapper for the frontend, which needs the auth

@silent pier Did my solution not work?

Just nginx proxy it through

No idea how to implement that with a svelte app 😬

/sapper

Lemme give you a hand then

@silent pier You choose the chat, mention me and I'll help you out :D

I'll hit you up tomorrow, I'm currently trying to bore myself to sleep @cedar pelican

Hahahha ok

Any way to fingerprint what framework does the website running on nginx use?

Don't Angular, Django or React for instance leave any sort of traces on the source code of the page itself?

I mean, you could maybe guess by reading the HTML code to a point

Each framework will have a "trademark" printing layout etc

This is more of a question: is that actually a valid way of finding something like this?

nvm, apparently https://builtwith.com was what i needed

I know there's an addon that does what you want

• lists all tools, might just be that one from all i know

@sacred elm I was getting spoofed e-mails saying they had hacked my account

Which is trivial to get rid of if you verify the Return-Path is the same as the From header if it says it's from your own account.

Which, since implementing that, funnily enough, I've gotten no e-mails saying they've hacked my account 😄

The funny thing here is that spoofing the From header is trivial to do. Maybe 10~ lines total to send a spoofed e-mail, if not less. Which is why verification of headers is so important.

@thorn obsidian I was getting the same thing but it was “Apple” telling me my account has been disabled and I needed to verify my details to re-enable it. I got the email 6 times in a week but I dealt with them by running my script to send them fake emails and passwords and confuse them on which details were legit

Eh... I wouldn't do that.

The easiest way to tell it’s a scam is by reading the email address

Common sense is the biggest tool in revealing scams

true

Any level of "hacking back" is wrong, and at worst, illegal.

It’s not really hacking, it’s just sending them a heap of fake emails and passwords. I could do the same thing without a script it would just take me longer

I read it wrong because of the script part.

ahaha all g

https://seclists.org/nmap-announce/2019/0

Neat

hey guys, I have a question / challenge. given the /etc/passwd and /etc/shadow files of a machine, how would you go about breaking into said machine? is it even feasible?

here are some example files (they're not anyone's actual /etc/passwd or /etc/shadow files) if anyone's interested

with these? you can't use them to break into the machine. You can try throwing the hash into a cracker but if it's strong enough, you will not crack it in any feasible timespan, considering it's a sha-512 hash

cool, thanks

googling part of that hash shows it's part of a CTF and apparently a weak easily cracked password according to this writeup https://github.com/mzfr/ctf-writeups/tree/master/picoCTF-2018/Cryptography/ HEEEEEEERE'S Johnny!

so basically doing exactly what xx said will work, but don't expect it to work in the real world with strong passwords

That's neat, i've never heard of the John the Ripper tool before

@simple orchid good catch! should've googled the hash :p

i've actually even done that exact same picoctf task

Of course, that's only implying there's a password between you and login.

That doesn't allow you to break into, say, FDE or 2FA ( https://github.com/google/google-authenticator-libpam Google Authenticator PAM for example )

can anyone imagine what kind of hash is this 2272fc5d5c4a170baf20bbe7f489e09ad74627c1

or what is the best way to find algorithm of unknown hashes?

look at the length

you have 40 characters in hex notation, means 20 bytes, means 160 bits

That's usually SHA1

actually you can just throw it into duckduckgo and it will tell you what kind it is - plus a wikipedia link 😄

even google doesn't do that

@mellow steeple

yep gulugulu didnt helped me...

and thnx..
so i cant decrypt it

@mellow steeple What's this from?

from a online game they use this kin of hashes to encrypt there links to game assets

Which game?

not a popular one and its {deleted}

What's the name?

{deleted} do you know?

I don't, but I'm curious where you got the hash from. Can you link it?

why tbh? (i'll send)

{deleted}
this is an old one

did copied it?

i have to remove this....

I didn't get it, no.

{deleted}

got it?

Wait, that's not what you think it is.

yep its just a link there is another part after that hash its the assest

sorry but i think its illegal sharing them...

if u really really want it let e know

So, question

If you download the file that links to, and check it's sha-1 hash - does it, by chance, equal 2272fc5d5c4a170baf20bbe7f489e09ad74627c1 ?

Because I think you believe it's some kind of encryption, when it's probably just the sha-1 hash of that file.

Which is why it comes up as a sha-1 hash

Sort of a strange way to do the check, but I've certainly seen worse.

they use base64 to encrypt their files but these just links ( links to the files )

base64 isn't encryption

oh...yep sorry

you run sha1sum on the file, and it should come up with the same hash as it was linked with

ok here is one of files if anyone interested http://assets.millennium-war.net/9b53a542a0a8a852326c198e02f91f587c5b5065/1fp32igvpoxnb521p9dqypak5cal0xv0

834c19cb19981796a3b1cbfa683dfde78474140c is the hash, so no clue.

I'm not in the mood to binwalk the file

high entropy

i think it actually might be encrypted

isnt 9b53a542a0a8a852326c198e02f91f587c5b5065 a hash then?

actually, wait, no

what is this garbage

...

it might not be base64 i just believe its base64

it's definitely not base64 as there are no ascii characters

and i was worng, entropy was low

what is that?

a visualisation of the entropy of the file

i really dont know tbh

there are no 0x00 bytes, no 0xff, no ascii bytes, no low bytes

it might be shift-JIS encording

bc its Japan

it's non-iso extended ascii

huh

what that mean?

can i convert it to ascii?

wait, nvm

that's just because it doesn't have null bytes

is there any way to decrypt hashes w/o brute force?

no

that's the point of hashes

...

time to give up current method and try another method...
thnx

btw could you decrypt that file?

no, but there's tonnes of interesting repeating patterns

https://asciinema.org/a/4C5cD6ee4ZIq4FhgdQeGoro0n

i'm not sure what the hell this is

can u explain what are those blue and black backgrounded text means if u have enough time plz?

that's just converting it to characters i can display in my terminal

some of the characters still can't be displayed, which my pager program less then displayes as that blue highlighted unicode

there was a script that could decode those files someone have made...

there is a link that gets updated every time game updates and its really a file list
that link is also a encrypted one
i needed to make a script to trace that link
that link is showed when we send a get request ( not us the game )

first part and last part are same but middle part get changed of the link

just reverse engineer the thing that uses it

probably yes.... if i could check each get request and the thing that does when i pressed the start Butten of game ..... thank u very much for the idea

So anyone got any code that detects or scrapes proxy servers?

oh

@spiral turtle you mean socks sorta proxies

funnily enough, i do have one, i will send it in dms

https://thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html

gg

rip

any ideas how an ability to sign up without providing the password at all can be exploited? To my understanding, blank string can also be hashed, so flaw doesn't make big difference hash wise.

a blank password isn't inherently a security issue implementation wise, it's just a dumb idea to let users not input any password

and @ your hash comment, any platform worth a damn also salts the password beforehand, so in this scenario the entirety of the password would be the salt

@thorn obsidian salt can be random and not random right, I've heard there were 2 different approaches, but in case i am aware of what the libraries the web server uses, is there any chance that the prevalent modules in those libraries that are related to salt/hashing could be worth looking into?

they're never "random", you need to be able to reproduce the salt when you're checking password hashes

they're randomly generated, sure, but they can be reproduced

i see

often, the salts are saved in the database in plaintext

what if the server tends to disclose exceptions of the library itself on the webpage, including variable names and such, is there any way to provide such password that would cause an error

or is completely based on sanitization on the code side

are there any fundamental character blacklists defined by hashing algos? Or am i allowed to use any symbol in any encoding

algos don't hash characters, they hash bytes

otherwise, they couldn't hash eg files

to be technical, they hash bits

but for all intents and purposes, you don't need to know that

so yeah, it's totally up to the sanitisation of the site itself what it decides to feed into the hashing algo

thanks

np dude

Hi.
So I had my first case of someone registering an account using a email from my domain.
I emailed the company asking for the account to be closed, but basically I wanted to check. Am I responsible for what happens on accounts like these?

yes

I need help with reading this data

from the response

I need to pick out each bit without all the brackets then convert it to a dictionary

but idk how to remove the brackets

Target IP: 104.27.200.92
Target Port: 443
{'OCSP': ('http://ocsp.comodoca4.com',),
 'caIssuers': ('http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt',),
 'crlDistributionPoints': ('http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl',),
 'issuer': ((('countryName', 'GB'),),
            (('stateOrProvinceName', 'Greater Manchester'),),
            (('localityName', 'Salford'),),
            (('organizationName', 'COMODO CA Limited'),),
            (('commonName',
              'COMODO ECC Domain Validation Secure Server CA 2'),)),
 'notAfter': 'Nov  7 23:59:59 2019 GMT',
 'notBefore': 'May  1 00:00:00 2019 GMT',
 'serialNumber': '8B298ABE2131F3A53B8E55F6A667AF45',
 'subject': ((('organizationalUnitName', 'Domain Control Validated'),),
             (('organizationalUnitName', 'PositiveSSL Multi-Domain'),),
             (('commonName', 'ssl382558.cloudflaressl.com'),)),
 'subjectAltName': (('DNS', 'ssl382558.cloudflaressl.com'),
                    ('DNS', '*.luxelifescape.com'),
                    ('DNS', '*.mediabase.ga'),
                    ('DNS', '*.openmany.tk'),
                    ('DNS', '*.plusone8.com'),
                    ('DNS', '*.spigotmc.org'),
                    ('DNS', 'luxelifescape.com'),
                    ('DNS', 'mediabase.ga'),
                    ('DNS', 'openmany.tk'),
                    ('DNS', 'plusone8.com'),
                    ('DNS', 'spigotmc.org')),
 'version': 3}
TLSv1.2```

@spiral turtle Just make it a string, remove the brackets

mk

from ast import literal_eval

python_dict = literal_eval("{'a': 1}")

Then do this

@spiral turtle

k

Can I make the perms of the docker-compose executable 775 safely?

If docker itself is rooted?

why would you?

I want two users to have access to docker-compose

And only those 2

why executable then though?

Without using a unix group

User 2 is a automated user

So it can't sudo

Do I just chmod it in its name?

And sudo for other users?

it could, if you configure sudo appropriately

or that, make sure always the same user is used

I still don't see what anything of that would have to do with executable/775 tho

well 700 would mean only the owner could execute it

755 is what a executable should be in theory

But I need 775 for my usecase

Or 755 with user 2 being the owner, and user 1 using sudo

but you never execute a yaml file

or am I understanding this all wrong

OH, you mean the actual executable command file, not a docker-compose.yml

Oh, yeah sorry hahahha

That would have been really confusing hahaha

7 means writable though

Well 7 means all 3

4=read, 2=write, 1=execute

Read write and execute

I have no problem with all 3, sorry

so with 755 everyone can run it anyway

nobody (except root) should be able to modify executables run by others

so... I'm only more confused now, I think

Oh Ok i misunderstood that

So I do want 755

Ok

Thanks!

@cedar pelican Which site did they register with?

So I had my first case of someone registering an account using a email from my domain.

Freelancer.org

Just a random string as the email and username

There's no e-mail verification?

Wait, random string as the e-mail?

🤔

@thorn obsidian There is email verification.

And by random string as a email I mean euaisnidnsjajs@mcaq.me

But my point is a lot of companies let you use the account even if the email ain't verified

Huh. That's interesting

I don't really have a recommendation outside of not having catch-all addresses/only allowing mail to specific addresses, but that doesn't really solve the problem.

what could a 5 letter space separated encryption be?

Le1hr Ewnrj L4aEv

Looks like a substitution cipher

I'm not sure if we have anyone trained/qualified for cryptography/encryption here. I'd recommend #crypto on Freenode for that

@thorn obsidian Again, not all companies do a "email verification" check, even to check if it's real in my case

So having a catch-all is useful for me to deal with events like this

But do you think I can still safely remove the catch-all?

Ok so i'm trying to make a url filter : it will only be true if a url matches a filter url

Here is the code:

package main

import (
    "strings"
    "fmt"
)

func main() {
    string1 := "raw.githubusercontent.com/Sharpz7"
    string2 := "https://raw.githubusercontent.com/Sharpz7/mcadesigns/master/docker-compose.yml"
    string2 = strings.ReplaceAll(string2, "https://", "")
    string2 = strings.ReplaceAll(string2, "http://", "")
    string2 = string(string2[:len(string1)])
    fmt.Println(string2)
    
    if string1 == string2 {
        fmt.Println("Correct URL")
    } else {
        fmt.Println("WRONG LOCATION ERROR ERROR")
    }
}

sharp zis is not your golang server :p

This is its true position, where string2, the user data, is what you edit

And string1 is the filter

Is this a secure way of doing it? Is there any weird internet tricks to bypass this?

Huh, removing locksettings.db from /data/system disables the lock screen in Android Oreo. TIL

Pre-8, just remove the .key files from /data/system 😄

You need access to USB Debugging or a Recovery of course..

@cedar pelican "any weird internet tricks to bypass this?"

yes

basic auth

raw.githubusercontent.com/Sharpz7:pw@evil.com

still connects to evil.com, while supplying the "correct" url as an username

@thorn obsidian requires root or just debugging?

@thorn obsidian No clue, I go the recovery route

recovery has the issue of crypto, though

Crypto?

yep, android version 7 (IIRC?) encrypts the data partition using the lock screen pin by default

so you'd need the pin itself to disable the lock screen

which kind of defeats the point

You sure?

I don't think that's forced.

https://source.android.com/security/encryption/full-disk

so it was 5, not 7, my bad

Yeah, I definitely haven't seen that.

I don't think that's forced. Very much optional.

i'm... pretty sure it isn't

otherwise, stuff like forceencrypt disabler tweaks etc wouldn't be so prevalent in the modding community

i can ask my colleague, he's an android security expert

¯_(ツ)_/¯

I haven't seen them in the devices I've worked on

@thorn obsidian Thanks a lot. I knew there was something like that. To fix that, can I just remove all colons from a URL string?

do anyone know what is the network traffic type of discord text messages?

Websockets and REST?

thnx...

the traffic is not showing in wire shark

@mellow steeple What are you trying to do with Discord messages?

gg

Did what?

Explain

Then why bring it up?

scott,
track someone's IP?

I'm not sure that's possible. My understanding is that discord does not do any kind of peer-to-peer connections. So, if you did find the traffic with wireshark, you'll only be able to see IP of discord servers, afaik. @mellow steeple

You can read about the discord architecture here: https://blog.discordapp.com/how-discord-handles-two-and-half-million-concurrent-voice-users-using-webrtc-ce01c3187429

In relevant part:

Routing all your network traffic through Discord servers also ensures that your IP address is never leaked whether you use text, voice, or video — preventing anyone from finding out your IP address...

yea...i read it before..
but i saw a vid about tracking ip of discord user when they getting a voice call
so i just needed to try

If that's true, to me that sounds like it'd be a bug/vulnerability with discord.
Unfortunately, we probably wouldn't be able to help with exploiting that (even if just for testing/poc) -- per rule #5 of the server.

yea..i understand just needed to know

@mellow steeple That's not how Discord works at all

Whatever you read/saw is wrong, as everything is done through the servers.

probably i have a misunderstanding about what i saw

Hey guys i had a question i am trying to build an application and i want to have an auth server so when it launches its prompts the user to enter a key if they key is invalid then the app won't run if it is valid the app will run and the keys can only be used one time so people can't share keys if that makes sense any suggestions on where to start

Are you trying to describe what is basically a licensing system

Yes @orchid notch

How do I make self-signed certificates that will work on my hosts IP localhost?

I want to make them automatically... I know this isn't ideal, I was hoping to get some help coming up with a solution

Why self-signed?

Let's Encrypt is a much better solution

@thorn obsidian How do I go around getting them up with a single command?

I need them to be created automatically with no user involvement

Gimme a sec

btw after hours of trying to get sharpops off of root I did it

https://certbot.eff.org/instructions

@fathom wadi uuid check + server check

but i think that my grandma can break licensing in python

I'm asking here since it seems this is the better place to do so:

if a web server uses cookies for something like a login system, and these cookies are signed, and the session is stored in the client side, is there anything that prevents someone to copy and use those cookies from a different client? (I know there are ways to prevent cookie stealing from a different page in the browser itself, but I'm talking about manually grabbing the cookie)

I'm trying to figure out what I could share (or not) in a cookie, since sometimes there's information that is private but not strictly sensitive, I'm wondering if I could keep something like that temporally stored in the client's side

@thorn obsidian Certbot needs to have a valid domain attached

So that's not a option

well, nerdwaller's answer was what I was looking for, among other things: https://www.reddit.com/r/flask/comments/5l2gmf/comment/dbtjjzn

@cedar pelican Was under the impression you were using a domain.

@thorn obsidian I am, but this bit of software cannot. I am going to make docs for this eventually, letting people know that certbot is the best way to do this.

The software doesn't need to be the one that sets up the domain. You just have to have a domain and then have the software used on the server..

I imagine the software is using nginx/apache or something?

@quick venture I honestly don't mind if its possible for someone to be able to break the license do you know where i should start with uuid check + server check ?

@thorn obsidian No... I actually got https working natively with golang.

The only thing I need is encryption, I can let users setup the bot themselves.

Ill have sharpops setup with nginx and docker-compose, they just have to configure it manually

Cause I can't find any way to make it automatic by default without forcing users to buy a domain

Can I ask, does a self-signed certificate actually offer that encyption? Im guessing it does but I want to make sure.

@fathom wadi well, u need to get hwid of user's machine. you can check md5(md5(hwid)+secret)), and if it correct you can do a request to your web server with user's license and if it's correct send true to client

it's just an example

What server would you recommend using

@cedar pelican a self signed certificate is not at all different form a regular one except that it has another CA

Yeah so its all good

you can write your own server with sockets

aws have 12 month free period

self-signed isn't good

@cedar pelican ^

How are you going to check if a self-signed cert has been revoked?

@thorn obsidian The certificate is there to deal with encryption. You only ever connect to your own server, with your own services.

I honestly can't think of a better way to do it.

Again, hopefully I can make it clear in the docs self-signed isnt the way to go, but I'm not going to stop users doing it, as its what I need for my usecase

@cedar pelican https://letsencrypt.org/docs/certificates-for-localhost/ details what you need to do, in essence you need to generate your own certificate, and add it to the clients locally trusted certs. This is the only right way of setting up https for localhost/127.0.0.1.

Why do you need https for localhost? Is it for development purposes or is it just to be "secure"?

I'm using it for consistency. My app is a daemeon that runs commands for you, a bit like tmux, but you can send commands remotely.

Since my client location changes, and i cant release the private key, using that for this isn't the ideal usecase, but I can definitely try and think about it.

im not sure how using https on localhost helps though

¯_(ツ)_/¯

Seems a tad bit like overkill

https://matrix.org/blog/2019/07/24/data-portability-tooling-bug/ Ouch.

@cedar pelican It sounds that https might not be the right way for the problem since the client changes, and there being no domain. If remote clients forward traffic over SSH you do not need https, but the traffic will still be encrypted OtW.

SSH might work, but i can't send automated requests like a webhook.

I need to send encrypted "POST like" data. If there is a way to do this with SSH then that's great

But I still feel like this won't reach the automation level i'm aiming for

I'm making sure people know that nginx + certbot is the way to go

But for what I'm using my software for, I control my nginx certbot setup with

Yeah, you can forward http traffic over SSH, so the client uses SSH as a proxy, and then sends the traffic over that.

But I still need the user to setup the private and public keys, move the private key to all the places you use it.... its just not ideal

I prefer just having tokens

@cedar pelican ok so

draw me a graph or something of exactly what the fuck you want happening and encrypted

@thorn obsidian It's all open source, if you understand golang, thats what it's written in

It's all working, I just want to harden it a bit

I'll draw a graph later

https://github.com/Sharpz7/sharp-ops

https://github.com/Sharpz7/mcadesigns

My website currently uses sharpops to deploy, so if you read the circleci config and the .sharpops.ini, you will understand what's going on

if you understand golang

lmao my good friend

i wrote my final dissertation in golang, i think i'm ok with it

Usually people here hate golang, that's why I said it hahaha

Nice to know there's another golang fan in the house

(The code is crap, I know, I'm going to go back and make it better)

nah i like golang

it's fun to write, which is pretty important to me

i've got some public projects in go as well iirc

https://github.com/neonsea/iopshell

there are some things i like about it, i just dont think its very fun to program with

I think that the ssl module is nuts.

So I'm creating some sort of chatting system with websockets, would encrypting the text to the server be a good idea? what steps should i take to making this secure, this is my first time making this type of thing

I'd work with things that already exist like Signal if I was setting it up.

@thorn obsidian Signal?

@tepid venture https://en.wikipedia.org/wiki/Signal_Messenger

Specifically https://en.wikipedia.org/wiki/Signal_Protocol

There's a C, Java, and JavaScript implementation

Then what about Python? @thorn obsidian

you have to make your own implementation

is what is he's trying to get across

Oh

I see

your best bet is probably to bind to the C implementation using python's CFFI

So I'm reading the Java docs on github, cause I'm more experienced with Java than C

but

IdentityKeyPair    identityKeyPair = KeyHelper.generateIdentityKeyPair();
int                registrationId  = KeyHelper.generateRegistrationId();
List<PreKeyRecord> preKeys         = KeyHelper.generatePreKeys(startId, 100);
SignedPreKeyRecord signedPreKey    = KeyHelper.generateSignedPreKey(identityKeyPair, 5);```

like why do these need to be generated?

and what is done with these

cause I think I'm just gonna use cffi and rather not create my own implementation

Probably crypto stuff

I'm not qualified to answer

Cause that's under Install time

it doesnt give a reason why it needs to generate that stuff

`At install time, a libsignal client needs to generate its identity keys, registration id, and prekeys.

`

Presumably they are used later in the application?

im not sure cause its not used when creating the session

SessionStore      sessionStore      = new MySessionStore();
PreKeyStore       preKeyStore       = new MyPreKeyStore();
SignedPreKeyStore signedPreKeyStore = new MySignedPreKeyStore();
IdentityKeyStore  identityStore     = new MyIdentityKeyStore();

// Instantiate a SessionBuilder for a remote recipientId + deviceId tuple.
SessionBuilder sessionBuilder = new SessionBuilder(sessionStore, preKeyStore, signedPreKeyStore,
                                                   identityStore, recipientId, deviceId);

// Build a session with a PreKey retrieved from the server.
sessionBuilder.process(retrievedPreKey);

SessionCipher     sessionCipher = new SessionCipher(sessionStore, recipientId, deviceId);
CiphertextMessage message      = sessionCipher.encrypt("Hello world!".getBytes("UTF-8"));

deliver(message.serialize());```

unless im blind

oh wait

IdentityKeyPair identityKeyPair = KeyHelper.generateIdentityKeyPair(); maybe this just needs to be initialized to create IdentityKeyStore identityStore = new MyIdentityKeyStore();

No clue, that's more a thing to ask in the Github or somewhere else tbh. Not sure if there's any qualified cryptographers here.

Yeah I thought, either way thanks for introducing it though

No problem 😄

Hello
I am new here

I have some general questions

Anyone here?

@primal compass What are the questions?

Ok so I am a student in network and information security, and I am entering to the final year, and I have graduation project to do.

So my questions are:

• in my university we don't take python at all, so what is the best source to study python and especially for security?

• I want my project to be in python, do you any Ideas? It must has security part of it

Do you have*

In regards to sources,

!resources

In regards to projects, that really depends on your Python level, which if you're just starting out, I'm not sure what to recommend.

I have time to learn, I have like 5 monthes before I start to implement

Well, think of an actual problem you face security-wise and tackle it

And I have experience with c++

@thorn obsidian do you have some? 😅

I don't dabble in C++, no

I did a course of C++ for 2 weeks during the summer

it was very weird for a first time especially doing complex mathematical simulations without doing the maths theory before

😂

@primal compass If it's a significant project, you should probably stick with a language you know well

https://alephsecurity.com/2017/02/08/oneplus3-bootloader-vulns/ Neat

Aleph security huh

``Valve patches recent Steam zero-days (both of them), calls turning away researcher 'a mistake'

• also updates bug bounty program rules to accept LPEs``
  https://www.zdnet.com/article/valve-patches-recent-steam-zero-days-calls-turning-away-researcher-a-mistake/

You're late on that tidbit Scotty boi

I didn't know they patched it

@spiral turtle ?

I'm curious why you're trying to detect socks proxies

I have read in reddit Windows Credential manager is about as secure as a plaintext file. How much of true there is in that sentence?

I wanted to use it to store OAuth tokens

I know git for windows uses it to store github OAuth token

(I can see its entry there)

@covert briar Where'd you read this?

here https://www.reddit.com/r/bashonubuntuonwindows/comments/bf4miw/keyring_on_wsl/

https://security.stackexchange.com/a/120001 and all of the comments on that answer tend to paint a pretty good picture

reading

So it says it is actually... insecure?

https://libra.org/en-US/bug-bounty-program/?sf218174154=1#overview

meh

CamScanner was found with a Trojan Dropper module hidden within it. Might want to get rid of it... https://www.bleepingcomputer.com/news/security/trojan-dropper-malware-found-in-android-app-with-100m-downloads/

Good chance you or someone you know probably has this installed.

(the chance is actually just aroudn 4 percent by the way)

@thorn obsidian yikes, thanks for the heads up.

@hollow prawn No problem 👍

hi

i want to learn python hacking

@sly atlas What specifically?

wdym what specifically

like is there many kinds?

@thorn obsidian

I have no clue what it is you want to know/learn

like blackhat hacking

but python language

or ethical hacking

but i want to learn hacking is the main point

@thorn obsidian ??

!resources

Probably Black Hat Python

Huh, it's not in the resources. https://nostarch.com/blackhatpython

@sly atlas To verify, this is for your own system(s), yes?

yes

Okay, neat.

where can i find tutorials

@thorn obsidian do i have to pay for the book!!!

😱

Yes. You can get it for $1 if you do Humble Bundle: https://www.humblebundle.com/books/python-programming-no-starch-books

but i dont have money

😦

¯_(ツ)_/¯

I'm not sure what to tell you

aww crap

its fine

its literally $1

even if you're a kid on allowance you've probably spent more money on dumber stuff

^

😂

hello I'm a beginner and I want to learn write a malware in python

I'm afraid no one gonna help you with that

there is some course or any other resource that teach that

?

Specifically malware writing, I don't think so.

Oh ok

Malware is a very broad term try being more specific ie. what kind of malware. Then look at what that does and how it works at that point you should have a idea on what libraries to use etc but like the other person said no one is going to tell exactly how to write that

https://twitter.com/wongmjane/status/1167463054709334017

not sure if it's the proper place for this, but the security implications could be important

@stark vortex 100% proper place for this, appreciate you posting it

More of a reason not to use Facebook 😄

what would the implications be?

Possibly breaking GDPR for one

looks like more data for them to sell. i see a lot of companies, particularly facebook, hashing data, uploading it, then comparing the hashes to a db of known similar info. it lets them upload 'anonymous' data but still know whats in it

"anonymous"

why do does the uk call grandmas "nans"

Nans ? Really ?

what?

that is what they say

why did you post that in this channel lmao

https://www.theguardian.com/technology/2019/aug/30/hackers-monitoring-implants-iphones-google-says An unprecedented iPhone hacking operation, which attacked “thousands of users a week” until it was disrupted in January, has been revealed by researchers at Google’s external security team.

https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html

https://thehackernews.com/2019/08/dds-safe-dental-ransomware-attack.html DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware.

Started reading the ios exploit one earlier, quite technical but well explained

that last one like

lmao

https://www.bleepingcomputer.com/news/security/foxit-software-discloses-data-breach-exposing-user-passwords/

``Google expanded the scope of its Google Play Security Reward Program (GPSRP) to include all Android apps from the Google Play Store with over 100 million installs.

Security researchers who report vulnerabilities in one of these apps will be able to collect rewards from Google and one from the app's developers if they also run their own bug bounty program on the HackerOne platform.``

https://www.bleepingcomputer.com/news/security/second-steam-zero-day-impacts-over-96-million-windows-users/

https://twitter.com/TwitterComms/status/1167528672523210752

The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved.

Seeing lots of SIM swapping attacks recently.

https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
Great extension to use for keeping groups of sites separated. Whether that's Banking, Shopping, etc.

anyone here going to Disobey 2020?

Who here uses security add-ons like HTTPS Everywhere, NoScript, or the Multi-Account Containers above?

NoScript + uMatrix

None of those, although I do use privacy badger

Which, is somewhat security related

With uMatrix, I set rules to default to block all the things. Any new site I visit gets a warning page from uMatrix. I then have to explicitly allow html/css/javascript/xhr/whatever before the first network request can proceed. Handy for work which sends phish email tests now and then. Accidentally clicking on one sends me to a large warning page instead of immediately failing the test.

@tough rain That's pretty smart, actually.

What security risks are there in html/css?

I suppose I have heard of some exploits before

automatically downloading pages from third party sites

And that is bad why?

increases the scope of visibility of you

it can also make pages take longer to load. not really a security issue but super annoying

I don't know what that means

Scope of visibility in this context means how many sites directly know your activities

HTML and CSS can also be used for more than just rendering the webpage. They can be used for fingerprinting who you are.

I see

I figured that was what you meant

I'm not too concerned about that

But you make a point on slower loading

You're not concerned about adversaries knowing your browsing history?

No

I don't have adversaries anyway

I'm not trying to undermine your practices

If you want to take it to that level it's perfectly fine

@tall haven HTML/CSS? Not much, really. Fingerprinting mostly. SQL injection, XSS, CSRF are mostly a JavaScript thing

@tough rain - automatically downloading pages from third party sites That's more or less just having 1x1 iframes of a million sites, lol.

For example, I can try to load local files that only work for Firefox, or Chrome, to fingerprint your browser.

Trying to load chrome://branding/content/icon32.png in Firefox obviously works, where in Chrome it doesn't

Pretty sure you can do the same thing with sites that require you to login

So you can then use that to see if they have an account there

But these are all known attacks and trivial to get around.

Also, https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/ helps for that

Indeed? I'll check it out

Your containers can't find out anything from the other containers

So if you have a Banking container, anything outside of that container has no clue you're logged into it

😄

@tough rain Now, that's only for preventing sites from seeing if you're logged in somewhere

I'm not sure how you'd prevent someone from checking to see if you have Firefox/Chrome/etc by checking something like chrome://branding/content/icon32.png other than uMatrix/uBlock Origin on advanced, and making sure it can't connect to 3rd party.

@thorn obsidian i use multi-account and ublock matrix

i actually am considering switching back to ublock origin, which allows blacklisting of individual files

so i could blacklist the tracking script from the opaque cloudflare cdn domain, but whitelist the functionality script

Wasn't aware that could be done

Actually useful cause I need to do that for Google captcha

yep

not that google isnt doing server side fingerprinting anyway

@thorn obsidian fun tidbit, the chrome:// uri scheme has been in use by Firefox for longer than Google Chrome has been around

@thorn obsidian I'm well aware. I've been using Firefox since before 2.0 - which introduced tabs! 😄

tabs were amazing when they first came out and gained popularity

Not really a chat for #cybersecurity

Is it just me that honestly doesn't give a damn whether these companies know what I do?

The line for me is my own thoughts, and what I say to friends in real life

Anything is is a bit meh

there are a few specific concerns

data compromise -> identity theft or other personal security risks

same w/ a malicious government making malicious use of collected data

those are outside risks to be fair, but that doesnt mean we shouldnt care about them

there are also more mundane things, like your medical history being used against you

private enterprises making decisions against you without your knowledge

its not 100% about "don't collect it", it's about "give me control over where, when, how much, and who it's shared with"

that's all very complicated so the default is "id rather not have you collect it in the first place"

if none of that bothers you then, your choice

I don't think it's just you who thinks that way. I do think most people who think that way don't really understand how companies knowing what you do can then influence you to benefit the company at your detriment.

It's also not just about you. What you do provides information about the people around you too.

@cedar pelican That type of thinking goes into the mindset of "I have nothing to hide so I have nothing to fear." Which can very easily be defeated with asking you for your bank account information, a copy of your ID, your address, phone number(s), asking you as to why you have a lock on your door or why you'd ever whisper anything to anyone. Because humans do have things to hide, and that's perfectly acceptable. Not everything needs to be aired to everyone, and we should be able to pick/choose who shares what, and if they even have that information to begin with.

It's more "I have some thing to hide but the consequences of it being revealed are not big enough to warrant doing anything about it"

You say that, but it's different for each person. Threat modeling helps a lot when it comes down to what you feel you should do to protect what you hold important.

I was just going off what you said

Your point was that people do have something to hide

so I adjust your quote

Or is your point that people do have something to hide and they are falsely thinking they don't have anything to fear?

Some people, yes. But that's a case-by-case basis. Some people may genuinely believe ( falsely ) they have nothing to fear/worry about.

I'm just going to come visit you every Saturday uninvited, and walk through your house, looking in every cupboard and drawer. I mean, you have nothing to hide, so what's the problem?

If I cant sense your presence and nothing is disturbed then whatever

🤔

I mean like if I'm not home while you do it 😄

I'm then going to tell my lads over at the billboard company what you have in your drawers, so they know what billboards to set up next to your house

not only that, I'm going to keep track of what you have and what might be missing - things that you need that you don't even know yet

I've wondered if the concept of targeted advertising is inherently bad

Like if we ignore any sense of violation of privacy that makes the practice feasible

Isn't it actually nicer to see ads for things you actually may be interested in, assuming you were going to see some ad regardless?

I've yet to see an ad I cared about, actually.

Yet again, I go out of my way to block ads/scripts, so not exactly the right person to ask for that. 😄

Only ads I see are those with pretty ladies on them ( ͡º ͜ʖ ͡º)

But on a serious note, I share that sentiment I suppose

Like for traditional ads

But you have things like recommended items on Amazon which could be considered targeted 🤷 Those I've found useful

Those were actually pretty hilarious recently. I got a new phone and all "repeat" buys were screen protectors. Every. Single. One.

I've never bought a screen protector in my life, so that was weird and pretty funny. Since they can't be that good if they're repeat buys 😄

That's something I admittedly miss when I ditched google search

It was nice it knew what subjects I searched for often

and prioritised results related to those subjects

at the cost of, you know..., tracking me

I ditched Google search a long time ago. Was a user of Scroogle when that was a thing 😄

Generally I think most would agree those kinds of personalised search results are good

except on the off chance you're searching for something that's not related to your common searches

I think most don't understand what they're giving up when it comes to any level of personalized search. That's not even getting into Google datamining your e-mails or anything else they do.

Yes you are right

luxury vs privacy

That's really the whole thing with the origin of this discussion

It applies to that too

Being concerned with your privacy unfortunately is the side of the coin which requires effort

Exim CVE - https://exim.org/static/doc/security/CVE-2019-15846.txt

A local or remote attacker can execute programs with root privileges. - time to patch! 😄

https://github.com/rapid7/metasploit-framework/pull/12283 BlueKeep exploit in Metasploit

I've been investigating the Exim CVE, made a poc for it (default Ubuntu 19.04)

it's quite interesting

Are there any encryption methoods form the 70s or 80s that are still safe today?

just curious if anything stood the test of time

Not really, no

Right

There is for example RSA

Which is with sufficient key length still safe

So yes there surely are

@white glen

Well technically we don't use it exactly like in the originally proposed paper anymore

There are a few constrains on some input values and we use a new prime test

But apart from that it has been pretty much the same since then

Or the first idea of the diffie Hellman key exchange, also from the 70s

And I'm pretty sure you'll find both of those still widely used

(also fun fact about RSA, whilst being officially discovered in 76 it was actually first discovered and written down by a GCHQ mathematician as a sort of side note on cryptography in 73 (which was before diffie and Hellman even published the paper which led to the hunt for RSA) but the GCHQ wouldn't publish it)

@orchid notch thank you for the insight.

If they just sacrificed computing time for convience it sounds like it could sitll hold up today.

Oh RSA and diffie hellman key exchange still hold up today and they will continue to until larger scale quantum computers become viable

neat. I don't know much about security. But I know that 256bits of something is pretty standard, did they use something like 64 bit in the past?

That's for symmetric keys

RSA secure key length is at the minimum 2048 and ideally 4096 bits nowdays

what was is back then?

I'd have to check the paper for what was initially proposed

Sec

🙂

Probably somewhere around 200 digits decimal

200 digits?

did they only use numbers?

That's around 665 bits so the original key length was proooobavly 512 or 1024

All of cryptography just uses numbers lol

Yeah I don't knwo much about it lol

It's all just math

This just made me wonder

https://www.theguardian.com/technology/2016/mar/20/dark-territory-review-ronald-reagan-matthew-broderick-war-games-american-cyberwar

What you were talking about before was probably key lengths for symmetric block cipher algorithms like AES

Yeah

And while technically 128 bit are fully sufficient as key people tend to us 256 because the number is bigger I guess?

As long as your attacker doesn't have what's probably more then all computers in the world and he actually has to brute force your key and you used a secure mode of operation 128 bit are sufficient

have any crypto theories been proven bad or wrong years later?

In the 70s we used to use DES instead of AES but that was by design horribly bad (also guess who had influence on the design and changed the original cipher to put a cap on the maximum key length, yes it is the NSA) and broken a few years later, even at its creation it was really just a matter of time

The max key length was 56 bigger, not because people could decide it but because the NSA influenced the maths behind it so it wasn't possible to make it bigger

Is AES getting "cracked" a mtter of computer becoming powerfull enough to render it useless or is it finding a loophole?

At the moment it's a matter of pretty pretty big computing power

People have found ways to attack AES easily if the encryptor does a few things wrong and the one or other way to reduce the amount of required operations by a few powers of 2 which considering its in the 2^100s isn't too bad

So for example while AES 128 bit should take 2^128 operations you can, even with perfectly implemented and performed AES still get there with "just" 2^126

I see

I mean if somebody actually found a way to break AES in general all of TLS, SSH, disk encryption and what not would be fucked over night

so much relies on AES

quality over quantity I guess

I gotta go to sleep but good talking to you @orchid notch

@orchid notch People use AES-256 as it's withstood the test of time and is used to store TOP SECRET information for the U.S. government. Which, is a pretty good indicator it works. Not because the number is bigger I guess?.

@white glen AES is fairly strong compared to, say, asymetric crypto. Considering quantum computing will destroy the latter.

Even 256 GCM is used is TLS, considering it's security we are not going to get any new any sooner. It's more or less depends on the implementation, I assume?

I can't go into the detailed specs of AES, as I'm not a cryptographer. But if you're curious about that kind of stuff for asymetric crypto, this: https://safecurves.cr.yp.to/ exists

Asymmetric? Isn't AES is symmetric?

Yes, which is why I differentiated the two.

Oh, great resource btw.

You seems to have lots of resources on your sleeves, Scott.

@orchid notch I wouldn't say that anything to do with pre-80's is still used today. Sure, Diffie-Helman existed back then ( https://en.wikipedia.org/wiki/Diffie-Helman ), but not like how it is today. Same thing with cryptography 100 years ago. It existed, sure, but it's changed dramatically 😄

@upbeat palm I've played about with security for 15~ years now 😄

How old are you? I mean as per your profile pic you look around ~25

@thorn obsidian asymetric crypto will not be destroyed by quantum computing, RSA's not the only asymetric crypto algorithm 😄

@warm abyss Citation?

Surely you know about Shor's algo?

( https://en.wikipedia.org/wiki/Shor's_algorithm for the uninitiated )

Well i didn't 😮

Quantum computing will 100% destroy asymetric crypto

Leave my ECC alone 😢

It's the entire reason Google worked/is working on New Hope - https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html

Yes, that's a Star Wars reference. Buncha nerds these Google fellas... 😄

What about the Quantum Computing's phantom menace over asym crypto ? 👻

Specifically, if large quantum computers can be built then they may be able to break the asymmetric cryptographic primitives that are currently used in TLS, the security protocol behind HTTPS.

@upbeat palm My profile picture isn't me, but that's off-topic.

Oh, no problem. But do share the resources and feel free to tag me along, so I won't miss good conversations?

Sure! 😄

@thorn obsidian there is simply no point in AES 256 over 128, both are impossible to attack as of today, that's my point

And on the diffie Hellman part, he just asked, is there crypto from the 70s which is still around today and yes it surely is

@warm abyss interestingly enough even though ECC with lower bit lengths than RSA is significantly harder to attack than RSA it is also easier to break with quantum computers than equally secure RSA algorithms

@orchid notch I beg to differ. AES-256 should be the standard if you're using AES at all.

I mean you can have the unbreakable even more unbreakable sure

But in the end the degree of security as of today is for both astronomically high

@orchid notch To your knowledge, is there any level of a significant speed decrease between using AES-128 and AES-256?

There should be one by a few nano seconds during the initial key schedule

I don't see how that's any level of significant. There also shouldn't be any level of a significant speed decrease between the two, considering hardware support within the processors on anything modern 😄

Which again, is more of a reason to use AES-256 - as you don't get a speed decrease.

@upbeat palm ^ If you're interested in AES

I am. Thanks for the tag :P

Actually, looks like hardware support goes back 11 years https://en.wikipedia.org/wiki/AES_instruction_set#x86_architecture_processors

I mean you have to generate almost one third of round keys more than 128 compared to 256

And of course it does

AES's design criteria was to be easily implementable in hardware

Have you ran benchmarks? If so, what hardware are you running these benchmarks on and are you running the benchmarks on individual files or full disks?

Every idiot who knows how to make an XOR Gate Out of Transistors could in fact build an AES ECB circuit

Full disk encryption is an eeeentirely different topic

Full disk encryption is incredibly easier to get wrong than file encryption

Well I'd hope you aren't designing your own full disk encryption schemes, software, or anything to do with it. Especially considering LUKS/VeraCrypt exist and are recommended by anyone in security.

You'll also note that these programs don't use AES-128 😄

In full disk encryption it is a lot more relevant how you do the actual encryption

Because there common things like CBC are gonna fuck you up, hard

Well, let's get into that then.

VeraCrypt supports parallelized[20]:63 encryption for multi-core systems and, under Microsoft Windows, pipelined read and write operations (a form of asynchronous processing)[20]:63 to reduce the performance hit of encryption and decryption. On processors supporting the AES-NI instruction set, VeraCrypt supports hardware-accelerated AES to further improve performance.[20]:64 On 64-bit CPUs VeraCrypt uses optimized assembly implementation of Twofish and Camellia.[9]

• https://en.wikipedia.org/wiki/Veracrypt#Performance

I don't really see how VeraCrypt/LUKS are doing any level of encryption wrong, though.

I'm also not qualified to audit either, but believe in VeraCrypt considering it was audited 😄

Either way, circling back to the initial point, AES-256 should be used every single time you use AES, and using anything else ( including AES-128 ) should be avoided and not recommend on anything made in the last 10 years.

https://sockpuppet.org/blog/2014/04/30/you-dont-want-xts/

Consider for example this article

Even though AES XTS is beloved by many it still has many flaws

Disk encryption is simply not a solved problem yet

Yes it is

At least not solved to the degree where it is fast, works and authenticated

No

Yes, it is.

Tell me how you'd authenticate your plaintext then please

Are you gonna store an hmac for every sector alongside the sector?

You're speaking to someone who has the system they're on right now full-disk encrypted.

That doesn't work out

Yeah unauthenticated full disk encryption

... What?

What does that even mean

Authenticated ciphers?

I don't know where you're going with this. How do you have unauthenticated full disk encryption?

If I type in the password to unlock my disk, that, by definition, is authenticated.

Yeah that's how you view authentication but it means something different in cryptography

Authentication - A security measure designed to protect a communications system against acceptance of a fraudulent transmission or simulation by establishing the validity of a transmission, message, or originator.

Yes but you cannot do authenticated full disk encryption without loosing a few nice things you'd love to have

In full disk encryption you usually want two things

A) ofc the authenticated part and B) you don't want to have to decrypt the entire thing for reading a single sector

How would you fix this, then?

you don't want to have to decrypt the entire thing for reading a single sector - how would you know where the information you wanted was if you didn't decrypt the entire thing?

So people came up with sector based encryption based upon tweakable ciphers (you can read more about that in the AES XTS article from above, if you want to question it's credibility, it was recommended to me from one of the people at work who contribute to the built-in cryptography of open BSD)

And that would again be a topic for itself which goes into file system design

Now where we encrypt each sector we however have the problem that once we decrypt them we can't really know wether that's actually the correct clear text as methods like XTS aren't authenticated

And with authenticated I mean, provide a way to verify that cipher text c actually got decrypted properly with key k

And yes Vera crypt does use XTS

I'm curious as to why you believe there's no way to verify the text was decrypted

Oh there is a way

Store a hash of everies sector clear text next to the sector but that's a little space consuming so we don't do that

Again, read the article from above about XTS and then you might understand that while it's the best for its job it is not perfect

Are you aware of LUKS2?

LUKS2 is a new version of header format that allows additional extensions like different PBKDF algorithm or authenticated encryption.

• http://man7.org/linux/man-pages/man8/cryptsetup.8.html

XTS was even publicly criticised by the Nist

For what I just said and othe reasons

And if you don't know the Nist

They're the ones responsible for AES so they might know what they're talking about

I'm aware of the National Institute of Standards and Technology.

Wonderful

Though, you didn't answer the LUKS2 question. Are you aware of it?

Well we're still not done with the talk about XTS and that it's while the best at the moment not a perfect solution for what it's used for

As I proved with now two sources, one actually official and the other one recommended by one of the people who actually build cryptography implementations

So what is your argument against XTS?

That it shouldn't be used?

My original statement was that full disk encryption is a not perfectly solved problem, XTS is used by at least one (I'll check up luks soon) of the implementations you tried to bring up as counter arguements and XTS is as I just proved before while the best not a perfect solution

Either way, do you use full-disk encrytion?

And for LUKS, it does have authenticated encryption but it uses exactly the mechanism of taking some additional space on the disk which arises a few problems like

If a luks header should be damaged the data gets, depending on what's damaged irrecoverable, this might be especially funny for you on an SSD

It takes up disk space, so if I have a volume limited to X GB which is filled to the brim I can't make a LUKS encrypted FS out of it

Luks does actually leak a bit of usage meta data because of it's mechanism for key slots

So while it does some things better than Vera crypt it has to do a trade off for that, just like Vera crypt does for using XTS, ideally we would want to have a solution which doesn't have a trade off into either direction

And why exactly would that be relevant?

I think that's fairly relevant. If you don't use FDE, I'm curious as to why.

If a luks header should be damaged the data gets, depending on what's damaged irrecoverable
Yes, this is well known.

Luks does actually leak a bit of usage meta data because of it's mechanism for key slots
LUKS leaks the fact that it's LUKS based off just the header.

Again, I'm confused. Have you used or are you currently using FDE? Because a lot of what you just brought up isn't new.

It seems to me that you believe there is no verification at all and things may or may not be encrypted.

FDE is also an option upon installation of most Linux distros, so it's normally enabled upon install. Setting it up after the fact isn't exactly straightforward for beginners or anyone who is worried about borking their install.

So I think that before arguing the nuances of XTS this and CBC that, I think it'd be more beneficial to actually use FDE and point out the issues/problems you can see from well established software like VeraCrypt/LUKS on a day-to-day basis.

Because we can argue theoretical all day and it'll get us nowhere.