Just because everyone is out to get you, doesn't mean you're paranoid.

Hey, I just finished using my systems to break the encryption and now your bank account is funding my tool shopping spree. Thanks

Quantum computing is being played with, and inexpensive, super computer like clusters, can be made out of Playstation 3's and its cell processor. In my view, it doesn't leave the HOME network (BIG PERIOD here)

Wireless and wired, can be intercepted by those determined enough.

Maybe a little. But that's healthy -- that's my excuse anyway. The chances of actually getting data stolen and used in a way you don't want it to be used are probably less than the chances of getting burglarized, or robbed... well that's my experience anyway.

...even paranoid people can have people following them.

I am bothered that most methods of encryption use super-primes, and that the U.S. government endorses 128-bit encryption.

It is thought that 128-bit encryption will be intractable via brute-force attacks for decades to come.

But, I think there is a very real possibility that 128-bit encryption can be methodically, mathematically solved. That, it doesn't require huge networks of supercomputers. And I imagine that the key may be that so many of these encryption schemes use these huge prime numbers.

A few years ago during a Pentagon "war game," a retired general (I think he was a three or four-star general) agreed to come back and run the losing team (yes, the winner was predetermined).

Instead of relying on encrypted wireless communications, he hand-wrote communications to his field officers. These notes were delivered by motorcycle couriers.

The general's team that was supposed to lose went on to win. And he attributed his win to his method of communications.

If this general refused to use recognized forms of encryption for field communications, then it tells me volumes about what he knows that I don't. Namely, I think he was telling us that he at least as a strong suspicion, if not specific knowledge, that the government can break even 128-bit encryption.

How about the people following the people that are following paranoid people?
.

Come on David, learn to enjoy your paranoia. Play a game of hide-n-seek with the shadows. That will make it a lot more fun!

Paranoid

The question is not whether you're paranoid. The question is if you're paranoid enough!

(Former US Navy Cryptologist - Any code can be broken, given enough time and computing power)

While we won't publically have access to what formula's are used by the government (they may use new MIT or Princeton theroms in their design, etc), the cluster I am refering to, was built out of 5 playstation 3's.

The Cell processors can crunch a lot of data. Sony and Stanford's Pande group developed a client for their protien folding research that will run on a PS3. I was really impressed by the amout of data they could do.

I've heard good things about this place. No personal experience however. The bad thing about having all your data stored at home is that there's a ever a fire, flood, etc you lose that data. I suppose you could download the data to a HD and move to another location but that's kind of tedious.

http://carbonite.com/

The govt uses AES as their standard encryption and that code was released by NIST for public review some time ago as it had to pass peer review. Any encryption that can't withstand scrutiny is considered snake-oil. A quick google for AES source will return thousands of sites where it is available.

I don't think you're being paranoid - once digital data leaves your control, anything can happen, and computing power is cheap. Bad encryption can be broken, and I'm sure your co-worker hasn't audited their system to know it's solidly protected - he can only take their word for it. Good thing dot-com corporations never cut corners...

But aside from the security concerns, I don't use such services because almost every one I've seen offers a complicated user contract that, once translated into English, provides no actual guarantee that they'll have your data when and if you need it. Usually it's a "best effort" type of thing, but the contract provides you no actual legal or financial recourse if they lose your data, or if they get cracked and someone takes your private data. A well-run company will have redundant backups and solid security, so that this isn't actually a real big concern, but if my data is really as safe as they say, why not offer a guarantee?

Two Guys Go Camping...

Any question of security comes down to a story about two guys who were camping when a bear came into their campground and started rummaging through their supplies.

One of the guys started to slowly take off his hiking boots and put on his running shoes. His buddy said "That won't do you any good! If he decides to chase us, we have no chance! Do you know how fast a bear can run?"

The first guy finished tying his shoes and said "I don't need to outrun the bear. I just need to outrun you!"


You simply need to ensure that you have better security in place than the majority of people who have data that is as attractive as your own. The pentagon or a bank need to have very strong security measures because their data is very attractive. My wireless network just uses basic WEP encryption. Could it be broken? Sure, it could, but I have 1/2 dozen neighbors with unsecured networks - my running shoes are good enough.

Sorry, incomplete train of thought. I wasn't refering to the encryption, I was refering to the code breaking algorithums, things like the NSA would use.


On the paranoid side, I just came back from dealing with the post office, someone filled out a change of address form and had it sent to my address. Had to have it canceled and put them on a fraud alert notice.