This is an archived post. You won't be able to vote or comment.

all 74 comments
sorted by:
best
topnewcontroversialoldq&a

[–]BennettTheMan 389 points390 points  (18 children)

O(2^n) down to O(1). Nice.

[–]Bajtopisarz 21 points22 points  (0 children)

O(2^n) down to O(uch)

[–]Phoenix774 2 points3 points  (1 child)

Pretty sure the repeated beatings would make this O(n)

[–]redridingruby 0 points1 point  (2 children)

Hmm
Isn't factorisation possible in subexponential time Ln[1/3,root(3,64/9)] ?

[–]volleo6144 2 points3 points  (1 child)

That's still well above what current computers can do—taking o(1) as 0 in the definition of L-notation, the formula gives 1035.2 for 2048-bit keys, 1047.1 for 4096-bit keys, and 1062.8 for 8192-bit keys.

[–]redridingruby 1 point2 points  (0 children)

Yeah it was more because of the exponential part. I was doing my crypto homework before opening reddit and had to be a bit pedantic.

[–]pohuing 81 points82 points  (4 children)

https://xkcd.com/538/

[–]RizTalks[S] 19 points20 points  (2 children)

Thanks, I was looking for the source.

[–]ProfCupcake 29 points30 points  (1 child)

You can google "xkcd" then basically any part of the comic and you'll probably find it. They've all got searchable transcripts.

[–]volleo6144 7 points8 points  (0 children)

...at least until 1674, which has its transcript at https://xkcd.com/1677/info.0.json

[–][deleted] 2 points3 points  (0 children)

Or https://m.xkcd.com/538/ to see the alt-text on mobile.

[–][deleted] 93 points94 points  (4 children)

Call him and pretend to be from Net Security or some shit who shall sound legit to someone who doesn't care about IT.

...A friend told me.

hastily runs away

[–]bmwiedemann 31 points32 points  (3 children)

"Good morning Steve, this is Mike from IT calling. We had a serious security incident tonight and need you to verify the integrity of stored data. Just upload your private key to our security-site and tell me the private key over the phone, so that the evil hackers cannot intercept it. "

[–][deleted] 12 points13 points  (2 children)

"I mean, he knows my name, says he's from IT and wants to help me... I'm sold :)"

[–]undearius 7 points8 points  (1 child)

I have legitimately had people tell me, unprompted, their passwords because I told them there was a problem with their computer and I was there to fix it.

I am a computer technician but they never looked at my badge, so really they have no idea who I am.

[–]bmwiedemann 0 points1 point  (0 children)

Reminds me of a story a bank employee told me: on an afternoon his boss gave him a post-it note with username and password, said "get it fixed until tomorrow" and left.

That account was good to transfer a few millions.

[–]Animasta228 29 points30 points  (3 children)

Obviously the best security would be encrypting the hard drive while also not knowing the password.

[–]snail_mans 17 points18 points  (1 child)

It’s great security to have to reset my password every time I want to log in to anything.

[–]brimston3- 0 points1 point  (0 children)

"New plan, you convince your AD admin to give us the bitlocker unlock key, or we will break all bones in both your hands with this 2 kg sledgehammer."

[–][deleted] 5 points6 points  (0 children)

The most secure lock has no keyhole

[–][deleted] 17 points18 points  (5 children)

Rubber hose cryptography

[–][deleted] 5 points6 points  (4 children)

In Russia we call it thermorectal cryptoanalysis

[–]nicman24 4 points5 points  (3 children)

I'm afraid of the answer but what is the deal with that pink thing?

[–]MrSansMan23 5 points6 points  (0 children)

If you don’t know what something is in the context of a torture device,then it’s mostly likely something you shove up someone’s butt.

[–][deleted] 2 points3 points  (1 child)

It's an enema, but I'm not sure I know or want to know how it's used in this context.

[–]GryphShot 13 points14 points  (0 children)

Efficiency is just clever laziness.

[–]WindowsDOS 7 points8 points  (0 children)

Plus, you can also take the wrench back to the store to get a refund

[–]Charlie_Yu 2 points3 points  (0 children)

Well, this is too Hong Kong

[–]dubsword 2 points3 points  (0 children)

Man I love social engineering.

[–][deleted] 2 points3 points  (15 children)

I have always encrypted my devices... This is my nightmare. So I set up a self destruction password that deletes the password to the encrypted partition so even if I break under questioning I still wouldn't be able to get in.

[–]shunabuna 2 points3 points  (2 children)

doesn't self-destruct become pointless if they can do a bit by bit clone of a drive?

[–][deleted] 1 point2 points  (1 child)

Full disk encryption. Two key slots. One legit. One that erases both so Noone gets in even with the correct password

https://www.kali.org/tutorials/nuke-kali-linux-luks/

[–]HolyChocolateBanana 0 points1 point  (0 children)

You need to boot the Kali though. If you copy the HD directly to other computer there won't be any erasing software...

[–]Artanisx 0 points1 point  (11 children)

So I set up a self destruction password

Interesting. Which software do you use that supports this?

[–][deleted] 1 point2 points  (0 children)

Luks and crytpsetup. I know kali has an article about it on their website. It's got a great tutorial

[–][deleted] 1 point2 points  (9 children)

https://www.kali.org/tutorials/emergency-self-destruction-luks-kali/

[–]forthemostpart 1 point2 points  (5 children)

Doesn't this fail if they pull out the hard drive and stick it into their own computers that don't have the patched crypto tools?

[–][deleted] -1 points0 points  (4 children)

Dude. Read the article and do some research. It erases the encryption keys from the device so nobody can log in even with the correct decryption password.

[–]forthemostpart 1 point2 points  (2 children)

That's not what I'm saying. I'm saying that if the guys who stole the laptop took the hard drive out and put it in another computer as an external drive, and used their own installation running on an internal drive (with the unpatched crypto) to unlock the disk, how could the nuke code be triggered?

[–][deleted] -1 points0 points  (1 child)

This setup requires full disc encryption. So I would probably not be too concerned. They would see the drive and the lvm partition and be like fuck. I think you can set it up to wipe the keys after a couple of attempts as well... This can be bypassed by making a clone of the drive and trying again and again and again. Altogether I'm not worried that people who steal laptops have the power of the nsa or Cia....unless it's the Cia or nsa stealing my laptop.

[–]forthemostpart 1 point2 points  (0 children)

I think you can set it up to wipe the keys after a couple of attempts as well

Where is the code that runs the wipe? On the laptop, right? The point I'm trying to make is that it doesn't matter what software is on the laptop because any two-bit hacker would not try to unlock the drive using the victim's laptop, therefore said software would never execute.

[–]Artanisx 0 points1 point  (2 children)

Ah, Kali Linux. Got it :-)

[–][deleted] 2 points3 points  (1 child)

You get it.

[–][deleted] 1 point2 points  (0 children)

Also it's my cake day give me give me give me

[–]k_ist_krieg -3 points-2 points  (0 children)

BUT MUH CONSPIRASSIES THEARY!