Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 25 26 [27] 28 29 ... 249
391
Off topic / Re: The final one and only debate about CP thread, to avoid cluttering all others
« on: August 17, 2013, 12:29 am »
Quote from: titoprince on August 17, 2013, 12:06 am
Quote from: kmfkewm on August 16, 2013, 09:44 pm

Some serial killers kill people just to follow the stories on the killing in the news paper. They get off on being the center of attention and keeping the entire city in fear. Should we therefore ban newspapers from publishing stories related to serial killers, in an attempt to take away such serial killers motivation? Or would doing that be a violation of freedom of speech? Is it really the newspapers fault that the serial killer kills people, can we really hold them responsible?

I can't hear you over all the crows you've attracted with your gigantic strawman.

Not a strawman it is an argument by analogy. You think it should be illegal to look at CP because you think when people look at CP it encourages child rapists to rape children. It is well known that many serial killers kill to hear about themselves in the media, and therefor it makes sense that you should think we should ban reporting on serial killers.

Quote
It's hard to take you seriously with all of this hyperbole. Pedophilia is an illness (and yes, I'm aware that not everyone who watches is a pedophile). I don't think providing treatment and then going through their computers is 'ruining lives.'

Sure pedophilia is an illness (unlike primary attraction to those 13+ which is consistently rejected as a mental illness by the majority of mental health professionals) and pedophiles are probably pretty well off getting treated. Should they be forced into treatment? I think probably not. I think a lot of them want treatment and they will be more likely to obtain it when the current Salem Witch Trials are done with. That said yeah not everyone who watches CP is a pedophile or even suffering from a mental illness, and I don't think they should open themselves up to being forced into treatment and having their computers searched through. But really before you tell me I am being hyperbolic how about you wait until people who view CP get some treatment and a basic search of their computer instead of labeled as sex offenders for life and thrown in prison for decades where they are often raped and beaten. Because right now I am not being hyperbolic.

Quote
I do wonder, since you seem to have an issue with age cut-offs you find arbitrary, why puberty matters when we're talking about something like mutual masturbation or fondling. Puberty isn't required to enjoy this kind of stimulation and yet I'm assuming you wouldn't be okay with an adult man jacking off a six year old. Why is that?

And if you are okay with it, well then at least you're consistent.

When a six year old consents for another six year old to touch his privates, he is not really consenting to sexual activity in a conscious capacity. He does not have the understanding to do so, but he does have the understanding to say look at this. If he does the same to an adult and the adult goes along with him, the adult is then exploiting his lack of true awareness and the consent is thus only superficial. On the other hand, when a 14 year old consents for his privates to be touched, unless he is mentally retarded he understands the significance of the event and is indeed consenting to sexual activity in a conscious capacity. Also I think puberty plays a crucial if not absolutely required role in ability to enjoy sexual stimulation, and I don't think that those who have not reached puberty ever really seek out sexual interaction in a conscious sexually oriented capacity. When they appear to be doing this they are rather acting as innocent children. On the other hand you need to be naive as hell to think that a 14 year old is so naive as to not understand the significance of engaging in sexual interaction with others, and to not have an active desire to do so and ability to consent to do so with others.   

392
Security / Re: Brute forcing.
« on: August 17, 2013, 12:13 am »
Actually the quantum Grovers algorithm would result in it sometimes making more sense to attack the key directly than attacking the password, since it halves the key space of the symmetric key (turning AES-128 into AES-64, which is hopefully easier to break than many passwords). But I think direct attacks on the key only make sense in the quantum rather than classical world.

393
Security / Re: Brute forcing.
« on: August 16, 2013, 11:44 pm »
Quote
As I understand it, you can do two things.

One : Try AES keys directly.

Two : Use a dictionary. And that means, get a word from the dictionary, derive an AES key (expensive) and try it.

Yeah those are the two options, short of actual cryptanalysis. Directly guessing AES keys is always going to be the least effective way as it will have a key space of 2^128 or 2^256 whereas the effective key space of the password is not likely to have this much entropy. Even if the password has more entropy I think brute force on the password will brute force the key in no more time than it takes to brute force the encryption key directly, because of the pigeon hole principle. The KDF can produce outputs of 256 bits, if the password has 300 bits of entropy that means it will take 2^300 guesses to certainly break the password, each password given to the KDF produces a unique output if there are not collisions (there ARE collisions but they should be super rare), by the time you guess 2^256 passwords the KDF should output about 2^256 unique keys exhausting its key space, which means future password inputs can only produce a key output that has already been obtained (there are collisions but they are super rare), which means that you will almost certainly brute force the AES key prior to brute forcing the 300 bit password.

On the other hand if you brute force the AES key directly you can guess each key as soon as you generate it, if you use a PBKDF with 100,000 iterations you need to generate 100,000 keys prior to having one for testing (although you could test each key on the path to the one mapping to the password as well). You can calculate the entropy PBKDF iterations add with the following formula:

log2(2^password_entropy * pbkdf_iterations) == entropy of password WITH pbkdf iterations

so with 10,000 pbkdf iterations an 80 bit password turns into a 96 bits of security, and a 256 bit password turns into 272 bits of security. But with PBKDF or not you are still only guessing 2^256 passwords, it just takes as long to guess that many passwords as it normally would take to guess 2^272 passwords, so actually in this case I think it could be slower to brute force the password than it is to brute force the key directly, unless you guess each of the iterations the password produces when run through the PBKDF all the way up to the final iteration. In cases where a PBKDF is used this is probably the best strategy if you plan to do non stop brute force, because either it will break the key because the password is correct, or it will break the key because it has tried 2^256 unique inputs into a KDF that can only produce 2^256 outputs and which is highly collision resistant.

Please correct any of what I just said if I am wrong but I think it is correct, and it pretty much means that it is virtually always best to try to crack the password instead of the AES key directly (because not only is the password likely to be much easier to crack than the key, but even if it is not you will crack the key in the process of trying to crack the much harder to crack password, due to the collision resistance of the KDF and the pigeon hole property).

Quote
What is still missing is how many tries per second can different hardware do...

This can be answered easily in millions of hashes per second, when it comes to PBKDF you take millions of hashes per second / PBKDF iterations.

Quote
Also, there's a hashing algo  that in theory has been designed in a way to avoid efficient hardware implementation (it's the hash algo used in litecoins)

I always assume when they give figures about passwords per second that they mean hashes per second unless otherwise specified. Yeah I know TC password is not the same thing as generating a hash, it uses a PBKDF, read my post. I think litecoin tries to be RAM intensive right? That is a cool technique. PBKDF2 (the standard PBKDF and what Truecrypt uses) tries to be CPU intensive.

394
Silk Road discussion / Re: I feel it is not safe to watch the movie suggested on DPR 's movie club
« on: August 16, 2013, 10:49 pm »
Quote from: Operation Shulgin on August 16, 2013, 10:40 pm
So that means that every store that sells the princess bride is being watched by LE  ;D

When police analyze photographs trying to find where they were taken, they can take the smallest visual clue and turn it into a precise location. If you take a picture of your ten kilos of coke on a certain set of sheets in your bedroom, don't be surprised when FBI specialists determine who made the sheets, the stores they were sold at and the addresses of 100 people who bought them, and then they identify the make of the camera due to lens artifacts and gather a list of people who bought such camera and then do an intersection attack on the list of sheet buyers and camera buyers looking for a unique suspect to pop out.

You can say oh they watch every store that sells this like it is humorous but would you also say oh they find every store that sells these sheets? I can go capture all IP addresses downloading this torrent right now, torrents make IP addresses getting them public knowledge, and I am sure that if I do this I will gather tons of IP addresses of people on SR who are getting it, and then it is just a matter of using that intelligence to gather some evidence.

395
Silk Road discussion / Re: I feel it is not safe to watch the movie suggested on DPR 's movie club
« on: August 16, 2013, 10:42 pm »
Don't be too mad at colorblack, not many people grasp that intelligence leads to evidence and is bad to give the enemy even if it is not evidence in itself.

396
Silk Road discussion / Re: I feel it is not safe to watch the movie suggested on DPR 's movie club
« on: August 16, 2013, 10:33 pm »
Also noise can be filtered even by me since they have watched two movies now. Maybe there are some other not SR people downloading the movie today as well, but how many of them downloaded movie 1 on the first day and move 2 on the second day? If I monitor the torrent swarms I can gather two crowds now and an intersection attack will reveal the people unique to both, who are almost certainly SR members. At this point I can wait to see if anybody comments on it and then if they are vendors I can try to correlate their shipping location with an IP address.

The same threat risks for book ordering too unfortunately, unless you are buying the books with cash at some mom and pop book store. If you grabbing the books off Amazon don't be surprised when the FBI gets a list of everybody who ordered every book on the list of books to read, it creates a high entropy fingerprint when you match that to the timing of the posted threads and can be used to identify SR users. My biggest concern would be it narrowing DPR's crowd significantly, even if they get 100 people they detect as involved in these events they could consider surveillance on all of them if they suspect DPR is one of them.

397
Philosophy, Economics and Justice / Re: ***DPR's Book Club*** MOVIE NIGHT: "A Scanner Darkly"
« on: August 16, 2013, 10:28 pm »
http://dkn255hz262ypmii.onion/index.php?topic=202949.0

398
Silk Road discussion / Re: I feel it is not safe to watch the movie suggested on DPR 's movie club
« on: August 16, 2013, 10:27 pm »
It doesn't even require anywhere near NSA level attacker. Just requires me to go map the swarm of all the torrent sites hosting this file. Hope no vendors download and watch it and comment on it because I can see if any of the IP addresses I grabbed from a torrent swarm correlate with the known shipping location of a vendor. Certainly hope DPR doesn't download it via a torrent either. I do think this is a serious security risk.

399
Silk Road discussion / Re: I feel it is not safe to watch the movie suggested on DPR 's movie club
« on: August 16, 2013, 10:24 pm »
Thought the same thing myself. Just today I was thinking "I bet I can get a lot of people's IP addresses just by monitoring the torrent sites when they all download this movie".

400
Off topic / Re: The final one and only debate about CP thread, to avoid cluttering all others
« on: August 16, 2013, 10:04 pm »
more good arguments for legalizing CP possession and relaxing CP laws: http://beforeitsnews.com/eu/2012/09/child-porn-laws-arent-as-bad-as-you-think-theyre-much-much-worse-2449840.html

They take a different approach than I do to arguing this but their reasons are just as valid as mine. From the leader of the Swedish Pirate party and some comments from Jacob Appelbaum one of the Tor developers and member of Wikileaks.

here is the original argument from the pirate party guy but I like the first link best:

http://falkvinge.net/2012/09/07/three-reasons-child-porn-must-be-re-legalized-in-the-coming-decade/

Personally I am not sold entirely on all of his original arguments (specifically the first one, the second and third I agree on fully but the first is contrived) but they are good enough and when I add my list of arguments to his I am no less convinced than before....POSSESSION OF ANY INFORMATION MUST BE LEGAL

401
Off topic / Re: The final one and only debate about CP thread, to avoid cluttering all others
« on: August 16, 2013, 09:44 pm »
The culture of pedophiles online, lol. The people you are talking about make up maybe 1% of CP traders on the internet and probably 1% of that 1% ever actually produce anything. The overwhelming majority of people getting CP online do so on P2P networks with absolutely no social involvement with each other. Also many of the pedophile forums are totally legal because they don't allow uploading of images or videos, but they still network with each other and convince each other that pedophilia is normal. So you are doing nothing you claim to be doing by making it illegal to view CP, and all you are doing is pissing on peoples freedom to information and pretending that there is a real reason for this oppressive behavior.

Yeah a large amount of CP comes from the bl/gl people (shockingly it is not almost all snuff and torture!). They make it for free. That is pretty much what I have said all along. If you split up the groups CP comes from it would look something like: Studios in Eastern Europe, BL/GL Pedophiles, Teenagers with camera phones, sadistic incestuous fathers.

Quote
Actually contributing CP is a big part of this, but if others weren't watching, commenting on and sharing it, it would have a lot less value.

Some serial killers kill people just to follow the stories on the killing in the news paper. They get off on being the center of attention and keeping the entire city in fear. Should we therefore ban newspapers from publishing stories related to serial killers, in an attempt to take away such serial killers motivation? Or would doing that be a violation of freedom of speech? Is it really the newspapers fault that the serial killer kills people, can we really hold them responsible?

Quote
I've seen all of the studies about how letting fucked up people watch their fucked up movies results in less real life victims of their fucked up behavior. But I've also seen plenty to indicate that immersion in bl/gl culture emboldens sexual predators and makes them more likely to act on their urges.

you can be immersed in bl/gl culture without ever sharing or viewing CP there are pedophile forums that don't allow the sharing of illegal material. Also only a tiny tiny fraction of CP offenders have jack shit at all to do with bl/gl culture. 

Quote
I don't mean jail time (it is a non-violent offense) but I would see them in a program and I would definitely want their computers looked through because if they participate in these communities, they're likely to be speaking to others who do and that kind of things leads to information about where the kids are. You know, the kids getting raped in the videos.

Ah the same logic used against drug users. Bust the small time users because they are likely speaking to bigger dealers who are likely speaking to bigger dealers who are likely speaking to cartel members who kill innocent people. You know, the innocent people who get beheaded by the drug cartels? Put responsibility where it belongs and stop sacrificing human lives to meet your objectives, regardless of the fact that your objective of protecting kids is good it becomes bad as soon as you are willing to sacrifice harmless peoples lives to accomplish it.


Quote
I also think there should be a close-in-age statute for an law involving the sexuality of minors (which lots of states already do). That would take care of instances where a teenage boy gets registered as a sex offender for receiving his girlfriend's nudes.

I doubt it'll ever be legal in the US to look at kids getting raped, but I do think the best way to approach prosecuting it and determining 'guilt' will be very different.

Or we could just lower the age of consent to an age where people start being sexually active, and only ban having sex with kids. Close in age laws are kind of fucking stupid. If a 15 year old can consent to have sex with a 17 year old there is absolutely no reason why they cannot consent to have sex with an 18 year old or a 80 year old. Once you are capable of giving consent to somebody you are capable of giving consent to anybody, if you are incapable of giving consent to somebody you are incapable of giving consent to anybody. Consent rests on the person giving it there is no dynamic change involved based upon who they are giving it to.

402
Security / Re: Password creation for musicians: turn a melody into a number sequence
« on: August 16, 2013, 07:54 pm »
Patterns should be avoided when possible. They don't totally fuck you but they require you to remember more. There is absolutely no reason to remember a 50 character truly random password, anything more than 39 truly randomly generated ASCII characters is a waste of your memory since that is equal to a 256 bit random key which is what AES-256 uses anyway.

403
Off topic / Re: Russia is going to ban Tor, people lump CP offenders and drug dealers together
« on: August 16, 2013, 07:30 pm »
If you pay close attention you will notice they don't actually distinguish between drug users and CP offenders. Because as far as they care people who sell drugs are poisoning their children and people who look at CP are molesting their children. Good thing that we are more enlightened than them and know the truth, about some of these things !

Quote
The director of the Safe Internet League – a voluntary censorship group that unites several Russian ISPs – told reporters that his organization supported the idea to outlaw Tor, but added that this should be done after all pedophiles, perverts, drug dealers “and other creeps” are disclosed, caught and jailed.

Hey what do you know pedophiles perverts and drug dealers all lumped together as creeps who must be caught and jailed.

404
Off topic / Russia is going to ban Tor, people lump CP offenders and drug dealers together
« on: August 16, 2013, 06:36 pm »
http://rt.com/politics/russia-tor-anonymizer-ban-571/

Quote
The head of the Federal Security Service (FSB) has personally ordered preparations for laws that would block the Tor anonymity network from the entire Russian sector of the Internet, a Russian newspaper reported.

FSB director Aleksandr Bortnikov announced the initiative at a recent session of the National Anti-Terrorism Committee, saying that his agency would develop the legislative drafts together with other Russian law enforcement and security bodies, the widely circulated daily Izvestia reported.

The news was disclosed after the Russian civil movement ‘Head Hunters’ wrote a letter to the FSB with a request to block Tor, as it is one of the favorite software tools for distributors and users of child pornography. The FSB replied that the request was directed to the wrong body, as crimes against public health and morals fall under the Interior Ministry’s jurisdiction. The agency, however, informed the activists about possible future changes to the legal code.

The FSB official said that the agency initiated the move as internet anonymizers were used by weapon traffickers, drug dealers and credit card fraudsters, giving the FSB an obvious interest in limiting the use of such software.

At the same time, an unnamed source told the newspaper that not all Russian security specialists welcomed the idea, as various criminals often overestimated the protection provided by the Undernet, acted recklessly and allowed themselves to get caught. The blocking would require the development of some new methods of search and control in new anonymity networks that would appear soon after the Russian audience loses access to existing ones, the source noted.

The head of the Head Hunters group, Sergey Zhuk, also said that in his opinion, total blocking was not a very good idea and that he personally would prefer the networks’ owners be compelled to cooperate. At the same time, the activist said that the fact that Tor contains the largest child porn archives on the planet was a sufficient condition for demanding it be blocked. He added that if Tor is eventually outlawed in Russia this would not be the fault of the country’s legislators, politicians or activists, but solely the fault of stubborn owners of Tor.

The director of the Safe Internet League – a voluntary censorship group that unites several Russian ISPs – told reporters that his organization supported the idea to outlaw Tor, but added that this should be done after all pedophiles, perverts, drug dealers “and other creeps” are disclosed, caught and jailed.

Lower House MP Ilya Kostunov noted that the problem was important but doubted that it was technically executable. “As far as I know, it is impossible to block Tor,” Kostunov said. “The network re-tunes quickly, switches to different hubs and starts working again.”

The Tor Project administration also said that the blocking of the system was extremely difficult, adding that even Tor’s own specialists could not control the information flowing through their servers or identify users.

Russian law enforcers are not the only specialists concerned by Tor’s popularity and the seedy segment of its users.

Earlier this month security experts worldwide accused the FBI and NSA of exploiting a flaw in the Firefox browser to identify and potentially monitor Tor subscribers. The move led to the arrest of the alleged founder of the company Freedom Hosting, Eric Eoin Marques, over charges of facilitating child porn. The arrest apparently led to the shutdown of thousands of Undernet sites that comprised a large part of Tor’s total content.

405
Silk Road discussion / Re: Forbes interviews Dread Pirate Roberts
« on: August 16, 2013, 05:30 pm »
Quote from: adamiz on August 16, 2013, 02:24 pm
So many different comments, so many brainwashed opinions

Probably all from a single agent http://www.theguardian.com/technology/2011/mar/17/us-spy-operation-social-networks

Quote

Revealed: US spy operation that manipulates social media

Military's 'sock puppet' software creates fake online identities to spread pro-American propaganda


feds have the same software.

Pages: 1 ... 25 26 [27] 28 29 ... 249