Notes
Notes - notes.io |
[21:15] -ChanServ- [##security] In line with freenode channel naming policy ( http://freenode.net/policy.shtml#channelnaming ), channel management of #security has moved to ##security .... please update your autojoins! Thanks.
[21:17] == kenjoe41_afk has changed nick to kenjoe41
[21:19] == Ephexeve [[email protected]] has joined ##security
[21:19] <TurboBorland> Kryczek: as far as I know, not staged
[21:19] <TurboBorland> I think it was some news channel?
[21:20] <TurboBorland> that one dude who asked for her ip address randomly was hilarious, though
[21:21] <@Kryczek> but for example when she walks away with the whole bowl of candy?
[21:21] <nsh> precious...candies....
[21:21] <@Kryczek> I haven't done RSA but at the trade shows I've been to that wouldn't fly
[21:21] <hexhaxtron> Are there BBS still around?
[21:22] <nsh> i hear trade show candy policy is pretty srs bsns
[21:23] == sebhoss [[email protected]] has quit [Quit: sebhoss]
[21:23] == orieg [[email protected]] has joined ##security
[21:23] == sebhoss [[email protected]] has joined ##security
[21:24] <TurboBorland> I don't know about that
[21:24] == neck1 [[email protected]] has joined ##security
[21:24] == rootsudo [[email protected]] has joined ##security
[21:24] <TurboBorland> what are you going to do, yell at a random person in the middle of the sales floor at a conference?
[21:24] == hirogen1 [[email protected]] has quit [Read error: Connection reset by peer]
[21:24] <TurboBorland> like, what are your options?
[21:25] <TurboBorland> really
[21:25] == hirogen1 [[email protected]] has joined ##security
[21:25] <Majed> Hi , Me and a friend of mine were talking about security . We talked about encryption and I advised him to use veracrypt . Long story short he asked me if a thief would be able to bypass his password using a third party tools like isunshare for windows OS . I apologize in advance if this question offended anyone here. I'm a CS student and I wouldn't mind the technical details .
[21:26] == bushido_ [bushido@2600:3c00::f03c:91ff:fe18:6fd0] has joined ##security
[21:26] == bushido_ [bushido@2600:3c00::f03c:91ff:fe18:6fd0] has quit [Changing host]
[21:26] == bushido_ [bushido@unaffiliated/bursihido] has joined ##security
[21:27] == Macuser [~textual@unaffiliated/macuser] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
[21:27] == omarrr [[email protected]] has joined ##security
[21:27] == neck [[email protected]] has quit [Ping timeout: 256 seconds]
[21:28] == maitake- [~maitake@unaffiliated/maitake] has quit [Ping timeout: 264 seconds]
[21:30] == zerowaitstate [[email protected]] has joined ##security
[21:30] == Macuser [~textual@unaffiliated/macuser] has joined ##security
[21:31] <@TheJH> Majed: if the computer is powered down when the thief steals it and the computer's owner is aware that it was stolen, there should be no way for the thief to access the data without breaking the underlying crypto
[21:32] <@sartan> ser_berry: just bought google music, giving it a try. $10/mn isn't bad at all.
[21:32] <@sartan> I wonder if i can take MP3s with me to my car - my honda civic has an mp3 player but it doesn't do any of the drm stuff...
[21:32] <zerowaitstate> $10 per minute?
[21:32] == TheJH [[email protected]]
[21:32] == realname : Jann Horn
[21:32] == channels : @+##security
[21:32] == server : kornbluth.freenode.net [Frankfurt, Germany]
[21:32] == : is using a secure connection
[21:32] == account : TheJH
[21:32] == End of WHOIS
[21:32] <@sartan> month
[21:32] <@TheJH> Majed: however, if the computer is stolen while it is powered on (e.g. standby), it should be possible to extract the encryption key from RAM and decrypt the whole disk
[21:32] <ser_berry> sartan: if you have a tape player you could do it
[21:32] <ser_berry> that's what I do
[21:32] <ser_berry> google music has an android app
[21:32] <@sartan> maybe i'll look at an android app and use aux in or something too, ya.
[21:32] == kenjoe41 has changed nick to kenjoe41_afk
[21:33] == colonolGron [[email protected]] has quit [Quit: Leaving]
[21:33] <@TheJH> Majed: also, if the attacker steals the device, installs a keylogger on it, then returns it, and the victim doesn't notice any of that, the attacker could gain full access to the victim's machine, too
[21:33] <ps-aux> I don't know too much about veracrypt/isunshare, but quick look, tells me isunshare works once the machines booted/on the desktop, and veracrypt is a fork of truecrypt? If so, and you're friend is using FullDiskEncryption, then the disk would be vuln to Evil maid attakcs
[21:33] <honey> you said the K word.
[21:34] <ps-aux> @Majed: what TheJH said
[21:34] == KickAlong [~quatermas@unaffiliated/sutekh] has quit [Read error: Connection reset by peer]
[21:34] == kenjoe41_afk has changed nick to kenjoe41
[21:35] == TurboBorland [~GrandmaEu@unaffiliated/turboborland] has quit [Quit: x0ax0ax00]
[21:35] <WajidKagzi> so what are you all ip to?
[21:35] <ser_berry> good read on the Evil Maid attack https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html
[21:36] <Majed> TheJH: oh a million thanks . I really appreciate your interest . So If the system is encrypted and powered off it is safe .
[21:36] <@sartan> filing taxe, listening to tunes
[21:36] == LJT [[email protected]] has quit [Quit: Sleeping...]
[21:37] <ser_berry> a nice saturday :)
[21:37] <@TheJH> Majed: that isunshare stuff looks like it's designed to break windows password hashes (LM/NTLM) or reset them. breaking them is easier than with the kind of crypto veracrypt uses, I think, because veracrypt uses a key derivation function optimized for slowness
[21:37] <@TheJH> Majed: and resetting them is possible because the data is normally unencrypted
[21:38] == bewilled [[email protected]] has quit [Ping timeout: 272 seconds]
[21:39] == colonolGron [[email protected]] has joined ##security
[21:39] <billa> TheJH: if someone takes the laptop,installs keylogger/rootkit and returns back,can it be traced back to the person who did that?
[21:39] <honey> how?
[21:40] <Majed> ps-aux: @TheJH> : I see . Thanks 4 Ur time . ^_^
[21:40] <@TheJH> billa: I'd guess that unless the attacker does something stupid, you could only try to trace it physically
[21:41] == howsubtle [~howsubtle@unaffiliated/howsubtle] has quit [Remote host closed the connection]
|
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
