• Apple
• Store
• Mac
• iPod + iTunes
• iPhone
• Downloads
• Support

On Mar 14, 2007, at 4:17 PM, Michael Pike wrote:

> Hey Michael:
>
> I am pretty paranoid, but just because I do not trust anyone
> here... I won;t go into why... but, the thing that strikes me as
> weird is why we do not have a statement saying there are no
> backdoors.... I'll experiment with some things... i could be
> overreacting, but then again, maybe i am not....
>
> Answer me this... if PGP, AES128, etc is so secure... how come they
> can intercept messages from people and decode them without issue?

While I have seen nothing about 'without issue' or that it can be
done, technically I don't see any obvious thing preventing it,
assuming a large enough budget for computers and the knowledge to not
waste time doing it.  I have no idea how long any of that takes for
PGP or AES128 given today's computers if straight brute is used,
RSA56 was breakable quit

Every encryption technique has weaknesses; however, anything beyond
about 1940's technology I don't even understand the explanations.
Weaknesses in this case just means a way to reduce the number of
possible keys in a brute force attack.  In recent years there have
been new mathematical techniques developed that help analyze
encrypted data for specific techniques.  And computer power has
greatly increased in the last 10 years and both PGP and AES are about
that old.  Not sure what differences there are between original AES
and AES128.

We're in the process of surplusing an 32-cpu SGI Origin 2400
supercomputer, 32-GB of high speed shared memory, enormous by the
standards of the day for small groups; however, today the Xserves can
handle 32-GB of shared memory I believe.  However, the 300 MHz MIPS
R12K cpu's in that machine were very effective per clock cycle such
that they are about 86% the speed of an 1 GHz G4 and about 1/4 the
speed of a Itatium2 in a 1.3 Ghz SGI Altix or AMD Opteron (so
basically clock scaled compared to those two high end CPU's for the
code I'm currently working with--I have not tested the Mac Pro yet
nor have recent code tests for our dual G5's). (ps. the memory access
of the SGI Altix is more than a factor of four faster than that in a
SGI Origin, so memory limited codes run more than four times faster
on a 1.3 GHz SGI Altix than on an 300 MHz SGI Origin)

It has been widely reported that various agencies had very large
supercomputers even ten years ago, being the largest market for the
SGI Origin 2000 supercomputer back when they came out, there is no
reason to believe any agency just had one 128-cpu Origin 2000 back
then, or that they have not upgraded to newer multiprocessor
supercomputers with higher clock speeds, lower power requirements,
and more processors.  The more computer power you have the more brute
force keys you can try, once you know the details of the encryption
wrapper you can brute force very efficiently

michael

ps. the only brute force I have done is the password hashing for the
TRS-80 Model I/3/4 disk operating system.

>   I believe that has just happened to our  disk images as well....
> Apple is now becoming more and more mainstream, so my be is the
> guys in black suits showed up in cupertino and said, "put this in
> your code... or you may come up missing."
>
> mike
>
>
> On 3/14/07, Michael <email@hidden> wrote: Mike,
>
> You're even more paranoia then I am...maybe...you should see my hand
> crafted ipfw rules--I tracked all "normal" traffic leaving my
> computer and rerouted some back to 127.0.0.1.
>
> I'm betting that your image was never unmounted by 10.4.9 before and
> there are some new flags being set by 10.4.9 to catch some possible
> problems.
>
> I remember the issue was that a carefully designed disk image could
> be put on a web site and automatically downloaded by Safari under
> certain conditions and when disk mounter attempted to mount it, it
> would overflow certain buffers and thereby execute hostile code.
>
> michael
>
> On Mar 14, 2007, at 3:57 PM, Michael Pike wrote:
>
> > This makes sense, but the drive was never unmounted improperly...
> > it would have had to have been done the night before, and my system
> > was shut down without incident... we'll never know probably, but
> > it's back to Blowfish encryption for me from an external country...
> >
> > mike
> >
> >
> > On 3/14/07, Marko Kostyrko < email@hidden > wrote:
> > The disk image mounter will do a verification and partial repair if
> > the unmounted flag in the volume header is left off (usually caused
> > by detaching a drive without unmounting it or a system crash).
> >
> > On Mar 14, 2007, at 12:49 PM, Michael Pike wrote:
> >
> >> Yes I did... which is why I am so concerned.... it prompted for
> >> the password immediately, but then did the "check" after having it
> >> being entered... and has NOT done it again, so I cannot reproduce
> >> the situation with this image to see if anything change that I can
> >> monitor.
> >>
> >> mike
> >>
> >>
> >> On 3/14/07, Rich Trouton < email@hidden> wrote: Had you
> >> already provided your password to unlock the disk image when
> >> the message popped up? It sounds like the disk image mounter was
> >> running a checksum verification check before allowing it to mount.
> >>
> >> Thanks,
> >> Rich
> >>
> >> On Mar 14, 2007, at 3:39 PM, Michael Pike wrote:
> >>
> >> > I upgraded my MacBook Pro to 10.4.9 last night... aside from
> Remote
> >> > Desktop crashing quite a bit (where it didn't before) as well as
> >> > iChat crashing... something strange happened that I have a
> concern
> >> > with...
> >> >
> >> > I typically carry around FireLite drives with me to store my
> >> > sensitive data on... I use encrypted drive image files to do this
> >> > so that the information is unusable should the drive get lost or
> >> > stolen... I do this instead of using FileVault as FileVault slows
> >> > down the performance of Parallels or other large file access
> >> > systems considerably....
> >> >
> >> > My concern:  This morning while mounting my secure drive image
> >> > 10.4.9 popped up a window and stated, "Verifying Drive Image"...
> >> > this took about 5-6 seconds....
> >> >
> >> > What did 10.4.9 just do?  With the way George W is being, was
> Apple
> >> > pressured into some type of key backdoor?  Did 10.4.9 install a
> >> > secondary key or something that lets people into my image that I
> >> > did not authorize?
> >> >
> >> > Out of all my years with OS X, I have NEVER seen this message pop
> >> > up on an encrypted R/W drive image, and now all the sudden it
> pops
> >> > up... what exactly did it do?
> >> >
> >> > This concerns me...
> >> > mike
> >> >
> >> >
> >> > --
> >> > Michael Pike
> >> > iChat/AIM: email@hidden
> >> > Jabber / GoogleTalk: email@hidden
> >> > Skype: michael.pike
> >> >  _______________________________________________
> >> > Do not post admin requests to the list. They will be ignored.
> >> > Fed-talk mailing list      ( email@hidden )
> >> > Help/Unsubscribe/Update your Subscription:
> >> > http://lists.apple.com/mailman/options/fed-talk/rtrouton%
> >> > 40mail.nih.gov
> >> >
> >> > This email sent to email@hidden
> >>
> >> ---
> >>
> >> Rich Trouton (Contractor)
> >> LAN Support
> >> email@hidden
> >> -----------------------------------------------------------
> >> National Human Genome Research Institute
> >> National Institutes of Health — Bethesda, MD
> >>
> >> Office number:
> >> (240) 643-7816
> >>
> >> NHGRI LAN Support number:
> >> (301) 402-7408
> >>
> >> The best way to get in touch with me is through email.
> >>
> >>
> >>
> >>
> >>
> >>
> >> --
> >> Michael Pike
> >> iChat/AIM: email@hidden
> >> Jabber / GoogleTalk: email@hidden
> >> Skype: michael.pike
> >>  _______________________________________________
> >> Do not post admin requests to the list. They will be ignored.
> >> Fed-talk mailing list      ( email@hidden)
> >> Help/Unsubscribe/Update your Subscription:
> >> http://lists.apple.com/mailman/options/fed-talk/marko%
> >> 40subrosasoft.com
> >>
> >> This email sent to email@hidden
> >
> >
> >
> > Marko Kostyrko
> > CEO - SubRosaSoft.com Inc
> > http://www.SubRosaSoft.com
> > skype: markokostyrko
> > email: email@hidden
> > Cell: +1 (510) 789 3187
> >
> > All information in this email is confidential information. If you
> > respond, please use an encryption protocol.
> >
> >
> >
> >  _______________________________________________
> > Do not post admin requests to the list. They will be ignored.
> > Fed-talk mailing list      ( email@hidden)
> > Help/Unsubscribe/Update your Subscription:
> > http://lists.apple.com/mailman/options/fed-talk/pike.mike%
> 40gmail.com
> >
> > This email sent to email@hidden
> >
> >
> >
> > --
> > Michael Pike
> > iChat/AIM: email@hidden
> > Jabber / GoogleTalk: email@hidden
> > Skype: michael.pike
> >  _______________________________________________
> > Do not post admin requests to the list. They will be ignored.
> > Fed-talk mailing list      ( email@hidden)
> > Help/Unsubscribe/Update your Subscription:
> > http://lists.apple.com/mailman/options/fed-talk/email@hidden
> >
> > This email sent to email@hidden
>
>
>
>
> --
> Michael Pike
> iChat/AIM: email@hidden
> Jabber / GoogleTalk: email@hidden
> Skype: michael.pike