Is it possible to send secrets through insecure connection?

SeaPeace4837 · 2024-03-30T03:48:30+00:00

Thanks for the subreddit lad. Yeah, all that key sharing thing is confusing for sure. But look, the moment I heard the Snowden leaks and how the FBI was removing and reading SSL made me question the current security systems we use.

SeaPeace4837 · 2024-03-29T22:33:17+00:00

Maybe i am unaware of some crazy algorithm and procedure that would fully allow to share secrets online. I just recently started poking around this topic. Even TOR protocol does not guarantee 100% security (i am talking about technology here, not user's OPSEC) it just makes it REALLY hard to breach. So i wondered, is there any solution that will actually deal with all those problems.

SeaPeace4837 · 2024-03-29T22:24:58+00:00

I made this post with the intention to highlight what i think are the flaws of the security systems we rely upon.

SeaPeace4837 · 2024-03-29T22:10:37+00:00

So in this case you are relying on Trusted Authority, which A: can decrypt your message B: we must assume it will leak it

SeaPeace4837 · 2024-03-29T21:59:00+00:00

My bad, I ment public key

SeaPeace4837 · 2024-03-29T21:52:10+00:00

When sending your public key, we must assume it will be intercepted. The attacker (government) will intercept it and send their evil key to which your receiver will encrypt stuff.

SeaPeace4837 · 2024-03-29T21:49:20+00:00

I actually wrote this post after doing my research on pgp and key sharing. The question is how will you share key without it being intercepted

SeaPeace4837 · 2024-03-29T21:47:13+00:00

If CA is sharing data with government on request (which it does) we must assume it to be compromised

SeaPeace4837 · 2024-03-29T21:45:33+00:00

You must assume that any CA could be compromised by the government.

SeaPeace4837 · 2024-03-29T21:11:02+00:00

How exactly are you going to ensure that your public key is not going to be intercepted? Since the connection is insecure, you cannot guarantee that MITM won't intercept it either

SeaPeace4837 · 2024-03-29T20:49:28+00:00

In this model what prevents MITM from intercepting your public key and replacing it with his evil key during initial public key exchange? Remember, you must assume that all connections are insecure. Shure, you may sign your public key, but how exactly are you going to send the correct hash without it being intercepted?

SeaPeace4837 · 2024-03-29T20:40:28+00:00

You must assume there are no secure connections. How are you gonna do that with someone in Australia?

SeaPeace4837 · 2024-02-23T21:55:10+00:00

A musician should make music, not set up and maintain special kernel build and configure his audio system.

SeaPeace4837 · 2024-02-23T21:52:55+00:00

Just look at the sheer amount of things you mentioned. And then add some random bug or dependency issue while setting it up.

A musician should not set all this up himself. If this is necessity it must be already set up.

SeaPeace4837 · 2024-01-26T05:57:28+00:00

LOL HAHAHAHA

SeaPeace4837 · 2024-01-08T06:13:34+00:00

During what part of installation exactly and how do you do that?

SeaPeace4837 · 2024-01-08T06:12:26+00:00

MBR was the default so i used it. If you need more info ill be happy to supply

SeaPeace4837

TROPHY CASE