由买买提看人间百态

topics

全部话题 - 话题: decrypting
首页 上页 1 2 3 4 5 下页 末页 (共5页)
p*********w
发帖数: 23432
1
email用户要小心了,很快你可能被套上新枷锁zz
Feed Over E-mail
from GFW Blog by GFW BLOG 功夫网与翻墙
来源:译言
这个九月,又一个新工具加入审查规避军火库。
Feed Over E-mail (FOE) sends restricted content, in the form of RSS
feeds, via email. The tool can't help a user browse censored sites or obtain
large files. But its creator, Sho Ho, says that FOE could be particularly
hard to block and could work in concert with other circumvention
technologies. Ho, who is a researcher with the federal government's
Broadcasting Board of Governors, gave a ... 阅读全帖
s******a
发帖数: 40
2
的确,密码学里每次重大的进步都是因为某位科学家攻破了当时最权威的加密算法。从
技术上讲,encryption和decryption的算法是相辅相成的
u****n
发帖数: 7521
3
卫报:维基解密创始人称强奸指控是诽谤
http://www.sina.com.cn 2010年08月23日 14:56 新浪尚品
“维基解密”创始人朱利安-阿桑奇的支持者已指责美国情报部门是阿桑奇遭强奸
指控事件的幕后黑手。他们表示,在阿桑奇在网上公布驻阿美军77000件战争文件后,
他们就预计美国情报部门会对阿桑奇采取诽谤行动。
朱利安-阿桑奇8月21日晚成为阴谋论的主角。检察官在此之前撤消了以阿桑奇涉嫌
强奸和猥亵为由发出的逮捕令。斯德哥尔摩检察官办公室的一位发言人20日证实,已签
发了对阿桑奇的逮捕令,呼吁阿桑奇“联络警方以便就涉嫌的罪行进行对质。”瑞典《
快报》称,39岁的阿桑奇涉嫌两起罪行,一名斯德哥尔摩女子指控阿桑奇对其实施了猥
亵。另一名来自斯德哥尔摩以西恩雪平的妇女则指控阿桑奇强奸了她。
阿桑奇声称,他是一场诽谤运动的受害者,他在“维基解密”网站的推特网页上否
认了强奸指控,称这些指控是毫无根据的,在此刻提出这些指控“令人深感不安”。
据信阿桑奇很熟悉那两名妇女。瑞典的消息人士称,她们一直不太愿意向警方报案
。但瑞典警察调查这一事件的消息被泄露给了《快报》,从而引发了外... 阅读全帖
s*******a
发帖数: 21
4
去听了她给的talk, 个人觉得把她当成卖国求荣的典型对人家不公平。1. 人家的工作
是decoding, 而不是decrypting, 解码不是破解密码 2.民用而非军用 3.同时解码了
Galileo,用的是同样的数据分析分法,而不是从参与北斗的经历中获取的先验知识。4
.人家与中国北斗官方、专业人士有很好的关系。
x********v
发帖数: 2535
5
来自主题: Military版 - 有人看了最新的喂鸡揭密吗?
看看卫报的新闻:
http://www.guardian.co.uk/world/2011/sep/01/unredacted-us-embas
Unredacted US embassy cables available online after WikiLeaks breach
Guardian denies allegation in WikiLeaks statement that journalist disclosed
passwords to archive
Tweet this
reddit this
James Ball
The Guardian, Thursday 1 September 2011
WikiLeaks
A screensaver from the WikiLeaks website. Unredacted US embassy cables have
been made available online after a security breach. Photograph: Karen Bleier
... 阅读全帖
h*****d
发帖数: 244
6
Your English is problematic, decrypted is not 公布
m********3
发帖数: 3280
7
http://blog.seattlepi.com/techchron/2013/06/07/technically-spea
In the wake of revelations around the extent of the NSA surveillance
programs it’s worth asking how such a program would operate, from a
technical standpoint. The feds have been collecting cell phone, Internet and
credit card data and to detect — and ostensibly stop — crimes.
Recently leaked document and previous court cases indicate much of that data
comes from Internet companies and telecom providers we use every day like
Google, ... 阅读全帖
h******t
发帖数: 872
8
http://www.sfgate.com/news/article/Secret-to-Prism-success-Even
"
In that way, Prism helps justify specific, potentially personal searches.
But it's the broader operation on the Internet fiber optics cables that
actually captures the data, experts agree.
"I'm much more frightened and concerned about real-time monitoring on the
Internet backbone," said Wolf Ruzicka, CEO of EastBanc Technologies, a
Washington software company. "I cannot think of anything, outside of a face-
to-face conversation, t... 阅读全帖
h******t
发帖数: 872
9
This should be '863' project:
"One unanswered question, according to a former technology executive at one
of the companies involved, is whether the government can use the data from
Prism to work backward.
For example, not every company archives instant message conversations, chat
room exchanges or videoconferences. But if Prism provided general details,
known as metadata, about when a user began chatting, could the government "
rewind" its copy of the global Internet stream, find the conversatio... 阅读全帖
O*******d
发帖数: 20343
10
这一段最精彩
Deep in the oceans, hundreds of cables carry much of the world's phone and
Internet traffic. Since at least the early 1970s, the NSA has been tapping
foreign cables. It doesn't need permission. That's its job.
But Internet data doesn't care about borders. Send an email from Pakistan to
Afghanistan and it might pass through a mail server in the United States,
the same computer that handles messages to and from Americans. The NSA is
prohibited from spying on Americans or anyone inside the U... 阅读全帖
w*********g
发帖数: 30882
11
预防网络珍珠港事件。
===========================================
战争临近?中国加紧对关键技术的控制
来源: 笨狼 于 2015-03-02 22:03:22 [档案] [博客] [旧帖] [给我悄悄话] 本文已被
阅读:377 次 (28513 bytes)
字体:调大/重置/调小 | 加入书签 | 打印 | 所有跟帖 | 加跟贴 | 当前最热讨论主题
近日流传美国对中国加紧对关键技术的控制反应强烈,这是一份总结:
2015.02.28观察者
奥巴马内阁要求中国取消银行业信息安全新规
我把纽约时报的原文附录在下。这报道是针对中国就银行技术设备的要求而言的,其中
引用的参考消息的报道在此:
2015.02.28参考消息
外媒:美施压中国银行业技术新规 却严审中国投资
英媒:欧美企业上书政府 吁阻止中国网络安全新规
港媒:中国投资者并购美国企业 受审查最多
外媒关注中国启动网络安全审查 美国早有先例
中国人占美投资移民申请近九成 投资超百亿美元
参考消息相关资料较齐全,一并附上,但不确定华尔街日报原文出处。
然而这只是中国政府的第一步。目前中国... 阅读全帖
S*********g
发帖数: 24893
12
【 以下文字转载自 StephenKing 俱乐部 】
发信人: StephenKing (金博士), 信区: StephenKing
标 题: 不系安全带,John Nash今天车祸死了
发信站: BBS 未名空间站 (Sun May 24 11:17:59 2015, 美东)
John Forbes Nash, Jr.
Born June 13, 1928
Bluefield, West Virginia, U.S.
Died May 23, 2015 (aged 86) [1]
Residence United States
Nationality American
Fields
Mathematics
Economics
Institutions
Massachusetts Institute of Technology
Princeton University
Alma mater
Princeton University
Carnegie Institute of Te... 阅读全帖
d**z
发帖数: 3577
13
来自主题: Military版 - 破解通信加密是什么原理?

————————————
破解和理解是两回事。
Decrypt != Interpret
破解的内容够多,才能理解。
b*********3
发帖数: 1709
14
Britain Passes the Snooper Charter Ending ALL Privacy
https://www.armstrongeconomics.com/world-news/taxes/britain-passes-the-
snooper-charter-ending-all-privacy/
The “snooper’s charter” requires internet, phone and communication app
companies to store records for 12 months and allow authorities to access
them whenever they demand. That data will include anything you look at or
search on the internet as well as all your telephone calls and text messages
. Meanwhile, security agencies will be able... 阅读全帖

发帖数: 1
15
来自主题: Military版 - 池步洲是怎样破译日本密码的?
池步洲1979年捅出破译日本密码的故事同一本书出版有关
这本书是在2年前的1977年出版,书名是《The Man who broke Purple》(《那个破了
紫码机的人》)。
然后池步州就出现了。池可能参与过国军破译日本密码的工作,估计成效不大。看了这
本书,就可以依样画葫芦了。
破译密码不是中国农耕经济的手工操作的人可以想象出来的,美国破译紫码是依赖反向
工程了日本紫码机后才加快了破译速度。
下面是1945年从日本驻德大使馆缴获的紫码机部分残骸:
而美国密码破译机构早在在1939-1940年就构建了仿真紫码机(Purple analog machine
):
可以看出两者之间的类似性。
由于这些机器,美国比日本大使馆还要早就翻译完了有14个部分的日本终止与美国谈判
的密电。(U.S. cryptanalysts decrypted and translated Japan's 14-part
message to its Washington Embassy (ominously) breaking off negotiations with
the United States ... 阅读全帖

发帖数: 1
16
来自主题: Military版 - 池步洲是怎样破译日本密码的?
池步洲1979年捅出破译日本密码的故事同一本书出版有关
这本书是在2年前的1977年出版,书名是《The Man who broke Purple》(《那个破了
紫码机的人》)。
然后池步州就出现了。池可能参与过国军破译日本密码的工作,估计成效不大。看了这
本书,就可以依样画葫芦了。
破译密码不是中国农耕经济的手工操作的人可以想象出来的,美国破译紫码是依赖反向
工程了日本紫码机后才加快了破译速度。
下面是1945年从日本驻德大使馆缴获的紫码机部分残骸:
而美国密码破译机构早在在1939-1940年就构建了仿真紫码机(Purple analog machine
):
可以看出两者之间的类似性。
由于这些机器,美国比日本大使馆还要早就翻译完了有14个部分的日本终止与美国谈判
的密电。(U.S. cryptanalysts decrypted and translated Japan's 14-part
message to its Washington Embassy (ominously) breaking off negotiations with
the United States ... 阅读全帖
a***m
发帖数: 5037
17
来自主题: Military版 - 这位女程序员该逮捕吧
Shadowsocks is a user-written package developed by a female Chinese
programmer in her spare time with the purpose of helping Chinese, especially
those who are educated, to overcome the barrier that is induced by GFW for
achieving full access to Internet Freedom
Unlike conventional ways of crossing, e.g. proxy or VPN, this way of
crossing comes with no or very limited unique characteristic in the way of
transmission as well as ports that are used for communications. This is
because both encryptio... 阅读全帖
g****y
发帖数: 2810
18
来自主题: Military版 - 这位女程序员该逮捕吧
用的人多了就可以封了
[在 arcam (arcam) 的大作中提到:]
:Shadowsocks is a user-written package developed by a female Chinese
:programmer in her spare time with the purpose of helping Chinese,
especially those who are educated, to overcome the barrier that is induced
by GFW for achieving full access to Internet Freedom
:Unlike conventional ways of crossing, e.g. proxy or VPN, this way of
:crossing comes with no or very limited unique characteristic in the way of
:transmission as well as ports that are used for com... 阅读全帖
B*****e
发帖数: 9375
19
我打个岔
牛顿的力学理论/微积分 爱因斯坦的相对论
当然都很牛X 都是划时代
但都是有前奏 有铺垫 甚至有同行人:
在他们之前 已经有其他牛人 或多或少地 或强或弱地
提出了不少猜测 提到了不少可能 已经逼近问题的核心关键
呼之欲出 呼之欲出 最后牛爱这两人出来一锤定音
但另有一项划时代的大发现
(或者应该叫发明? Invention, or discovery?)
是横空出世 事前没有啥预兆的
Claude Shannon's information theory
1948年那篇文章出来 大家才被教育了
原来通讯交流 -- 在时间上的储藏 或 在空间上的传递 -- 是该这么搞的......
entropy, source coding/decoding, channel coding/decoding, encryption/
decryption,
Holy Crap.
p*******m
发帖数: 20761
20

WPA2: Broken with KRACK. What now?
BY ALEX ON OCTOBER 15, 2017 IN MISC, PROPRIETARY
On social media right now, strong rumours are spreading that the WPA2
encryption scheme has been broken in a fundamental way. What this means: the
security built into WiFi is likely ineffective, and we should not assume it
provides any security.
The current name I’m seeing for this is “KRACK”: Key Reinstallation
AttaCK. If this is true, it means third parties will be able to eavesdrop on
your network traffic: wh... 阅读全帖

发帖数: 1
21
池步洲1979年捅出破译日本密码的故事同一本书出版有关
这本书是在2年前的1977年出版,书名是《The Man who broke Purple》(《那个破了
紫码机的人》)。
然后池步州就出现了。池可能参与过国军破译日本密码的工作,估计成效不大。看了这
本书,就可以依样画葫芦了。
破译密码不是中国农耕经济的手工操作的人可以想象出来的,美国破译紫码是依赖反向
工程了日本紫码机后才加快了破译速度。
下面是1945年从日本驻德大使馆缴获的紫码机部分残骸:
而美国密码破译机构早在在1939-1940年就构建了仿真紫码机(Purple analog machine
):
可以看出两者之间的类似性。
由于这些机器,美国比日本大使馆还要早就翻译完了有14个部分的日本终止与美国谈判
的密电。(U.S. cryptanalysts decrypted and translated Japan's 14-part
message to its Washington Embassy (ominously) breaking off negotiations with
the United States ... 阅读全帖
v**e
发帖数: 8422
22
【 以下文字转载自 Military 讨论区 】
发信人: shenghuaa (升华), 信区: Military
标 题: 今天见到了被Kayaker整天念叨的Grace Gao
发信站: BBS 未名空间站 (Fri Aug 26 19:50:17 2011, 美东)
去听了她给的talk, 个人觉得把她当成卖国求荣的典型对人家不公平。1. 人家的工作
是decoding, 而不是decrypting, 解码不是破解密码 2.民用而非军用 3.同时解码了
Galileo,用的是同样的数据分析分法,而不是从参与北斗的经历中获取的先验知识。4
.人家与中国北斗官方、专业人士有很好的关系。

发帖数: 1
23
来自主题: Military2版 - 池步洲是怎样破译日本密码的?
池步洲1979年捅出破译日本密码的故事同一本书出版有关
这本书是在2年前的1977年出版,书名是《The Man who broke Purple》(《那个破了
紫码机的人》)。
然后池步州就出现了。池可能参与过国军破译日本密码的工作,估计成效不大。看了这
本书,就可以依样画葫芦了。
破译密码不是中国农耕经济的手工操作的人可以想象出来的,美国破译紫码是依赖反向
工程了日本紫码机后才加快了破译速度。
下面是1945年从日本驻德大使馆缴获的紫码机部分残骸:
而美国密码破译机构早在在1939-1940年就构建了仿真紫码机(Purple analog machine
):
可以看出两者之间的类似性。
由于这些机器,美国比日本大使馆还要早就翻译完了有14个部分的日本终止与美国谈判
的密电。(U.S. cryptanalysts decrypted and translated Japan's 14-part
message to its Washington Embassy (ominously) breaking off negotiations with
the United States ... 阅读全帖

发帖数: 1
24
来自主题: Military2版 - 池步洲是怎样破译日本密码的?
池步洲1979年捅出破译日本密码的故事同一本书出版有关
这本书是在2年前的1977年出版,书名是《The Man who broke Purple》(《那个破了
紫码机的人》)。
然后池步州就出现了。池可能参与过国军破译日本密码的工作,估计成效不大。看了这
本书,就可以依样画葫芦了。
破译密码不是中国农耕经济的手工操作的人可以想象出来的,美国破译紫码是依赖反向
工程了日本紫码机后才加快了破译速度。
下面是1945年从日本驻德大使馆缴获的紫码机部分残骸:
而美国密码破译机构早在在1939-1940年就构建了仿真紫码机(Purple analog machine
):
可以看出两者之间的类似性。
由于这些机器,美国比日本大使馆还要早就翻译完了有14个部分的日本终止与美国谈判
的密电。(U.S. cryptanalysts decrypted and translated Japan's 14-part
message to its Washington Embassy (ominously) breaking off negotiations with
the United States ... 阅读全帖
l****u
发帖数: 8729
25
来自主题: RuralChina版 - 活动气球信息
初步选定三十个气球, 如果征文超过30篇再追加。 号码从一号到三十号, 球里除了奖
金外,可能还有一张纸条, 纸条上秘密。 所有内容都在下面这个网站被加密了。
气球里纸条上涉及的人物基本是本版资深ID,如下(不愿意上纸条的同学请与版务联系
, 我们好及时调整。 ID们如下,不分先后。
ADOMET8, 短头发,pingan222,kaylaxu, shopper2,不言 MM,greentee,anniee,
geon 以及RC版五位版务。
密文如下,等气球公开后我会再公布一个密码, 就可以看到气球内的东西了。
To decrypt this message use http://infoencrypt.com/

VzyAIduvvXfuizcUEF4xzVtTS1XmD4Dv7umJtzkYtY6N/DcElIZgBzNlptHwQymCNCNrFFLV3+gW
br8lwmK7oU+si/e4fa9tg/TvH0YL2UEAxjDFofE53T9YbUniodPZRY4f+gmOfVRKjXVpx8VwMAoY
GLwBKgdYjDhYq+lH/5MWHKE... 阅读全帖
l****z
发帖数: 29846
26
来自主题: USANews版 - 来弄我这下搞大了,脸被狂扇
Lenovo shows us why we need to reinvent Web security
What was Lenovo thinking? We can only hope the company's disastrous decision
to install adware on laptops that includes man-in-the-middle code will
inspire the industry to revamp SSL security
InfoWorld | Feb 19, 2015
I suppose we should thank Lenovo. The bald incompetence it has displayed in
both concept and execution with the SuperFish fiasco underscores the real
problem of Web security -- that is, it’s still quite fragile, and there’s
simply... 阅读全帖
l****z
发帖数: 29846
27
这里现讲怎么fix.
IE已经fix了.
用最新版firefox V38.01的可以很简单的fix.
Chrome和其他的不知道. 因为我基本不用.
=====
jscher2000 wrote:
Disable the insecure ciphers here:
(1) In a new tab, type or paste about:config in the address bar and press
Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste ssl3 and pause while the
list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch
it from true to false (this usually would be the first item on the list)
... 阅读全帖
A****r
发帖数: 41
28
The debate over iPhone encryption started in September 2014, when Apple
released iOS 8. That was the first operating system to encrypt iPhones by
default, giving customers the only means of decrypting their phones. That
means the only way for police to retrieve a suspect's photos, messages,
email, contacts, call history, iTunes content, notes and reminders is with a
passcode.
The FBI has been up in arms about Apple's encryption tactics, arguing that
it will impede its investigations. It has been... 阅读全帖
g********2
发帖数: 6571
29
来自主题: USANews版 - NSA has all of Hillary's deleted emails!
PHILADELPHIA – The National Security Agency (NSA) has “all” of Hillary
Clinton’s deleted emails and the FBI could gain access to them if they so
desired, William Binney, a former highly placed NSA official, declared in a
radio interview broadcast on Sunday.
Speaking as an analyst, Binney raised the possibility that the hack of the
Democratic National Committee’s server was done not by Russia but by a
disgruntled U.S. intelligence worker concerned about Clinton’s compromise
of national security s... 阅读全帖
T**********2
发帖数: 341
30
来自主题: USANews版 - Guccifer2.0放出新的一批DNC文档
Another download link to that 678.4 MB DNC archive: http://mega.nz/#!uwBGyCoQ
Decryption key: !ZSPbUeUjmeSt0GEovBrEYV9V_3CX09hROm3JQJmr0HU
a******e
发帖数: 5411
31
Hi John, The realtor found a handkerchief (I think it has a map that seems
pizza-related. Is it yorus? They can send it if you want. I know you're busy
, so feel free not to respond if it's not yours or you don't want it.
*******************
decrypted version by me
hey john guy, you cum on the sheet when you fucked the girl.
you need to pay for the sheet, and we will send you a bill.
S*******h
发帖数: 7021
32
来自主题: USANews版 - WikiLeaks 解密CIA监听系统
WikiLeaks published 1000s of CIA documents from the CIA's Center for Cyber
Intelligence, a dramatic release that appears to give an eye-opening look at
the intimate details of the agency's government spy activities across the
world.
Use a 'torrent' downloader on:
https://file.wikileaks.org/torrent/WikiLeaks-Year-Zero-2017-v1.7z.torrent
And '7z' to decrypt "SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds"
https://twitter.com/wikileaks/status/839100031256920064?ref_src=twsrc%5Etfw
S*******h
发帖数: 7021
33
来自主题: USANews版 - WikiLeaks 解密CIA监听系统
密码在此:
MoreRELEASE: CIA Vault 7 Year Zero decryption passphrase:
"SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds"
f*******e
发帖数: 3433
34
LONDON — A senior British lawmaker has blasted messaging platforms like
WhatsApp for using end-to-end encryption, which stops security services
monitoring messages.
It comes as it emerges the London terror attacker Khalid Masood used the
messaging service moments before he killed an American tourist, a police
officer and two others outside the U.K. Parliament.
British Home Secretary Amber Rudd told the BBC it was "completely
unacceptable" for messaging services to encrypt communication.
"We need... 阅读全帖
S*********g
发帖数: 24893
35
【 以下文字转载自 StephenKing 俱乐部 】
发信人: StephenKing (金博士), 信区: StephenKing
标 题: 不系安全带,John Nash今天车祸死了
发信站: BBS 未名空间站 (Sun May 24 11:17:59 2015, 美东)
John Forbes Nash, Jr.
Born June 13, 1928
Bluefield, West Virginia, U.S.
Died May 23, 2015 (aged 86) [1]
Residence United States
Nationality American
Fields
Mathematics
Economics
Institutions
Massachusetts Institute of Technology
Princeton University
Alma mater
Princeton University
Carnegie Institute of Te... 阅读全帖
S******e
发帖数: 299
36
来自主题: Faculty版 - weird. please advise.
So strange. You may want to be a little bit careful. Of course, assume your
syllabus followed the decryption of the catalog ... No need to worry too
much though. There are always some weirdos.
c********l
发帖数: 8138
37
【 以下文字转载自 Programming 讨论区 】
发信人: coupondeal (Coupon Deal), 信区: Programming
标 题: 纽约法院强制封杀DVDFAB
发信站: BBS 未名空间站 (Sun Mar 16 22:10:27 2014, 美东)
摘要:DVDFAB,一款备份DVD的软件,广受消费者欢迎
然而,由于AACS(版权协会)的暗箱操作,纽约州法院封杀了DVDFAB的域名、
网站主机,以及中止了其Paypal和银行账户
网民们对纽约州法院的作法表示强烈不满
U.S. COURT ORDERS SEIZURE OF “DVD RIPPING” SOFTWARE DOMAINS AND FUNDS
BY ERNESTO ON MARCH 10, 2014 C: 302
BREAKING
A New York federal court has granted the seizure of several domain names,
bank funds and social media accounts belonging to DVD ripp... 阅读全帖
s********n
发帖数: 1962
38
来自主题: Investment版 - mint.com
Isn't that good enough if 这种方式在平时不可实现?
I am not some important people or have billion dollars in my account,
why should I worry that some hard-to-find genius uses some extremely
sophisticated tools to hack into my account? For what?
BTW, the security is not only about the encryption algorithm itself,
but also about all of the peripheral policies to make sure that the
decryption cannot be tried.
b***m
发帖数: 5987
39
来自主题: JobHunting版 - 正在等待M家面试
随便说说吧。今天比较tough,虽然只有4个人(包括大boss)面我。
第一个貌似是个俄罗斯人,SDE2,英语口语不错,直接考各种数据结构,这也没什么,
关键是都刨根问底,问到我说不出话为止。特别是hashtable,问了个底儿掉。然后是
分布式大系统的design,load balancing,disaster robust,redundant system……
只能根据自己的理解和经验瞎掰了。关键是后来跟第三个面试官出去吃饭时,碰到了这
位老兄,人家说今天只问了一些“极其简单”的东西……无语。
第二个是个中国人,Senior Development Lead,面试直接用中文,还是清华计算机系
的校友,不过比我低几届。闲聊一会儿之后,让我inplace mirror一个binary tree,
我用BFS解决后,又让用DFS解决,并且recursion和iterative都写一遍。
第三个是个印度人,Senior SDE,直接出去吃饭,去了附近的泰餐Bai Tong,吃得不错
。吃饭期间问了我一些基本的数据结构知识,以及原来做的项目的情况,让我列举了原
来项目中用debugging技... 阅读全帖
a**********t
发帖数: 631
40
来自主题: JobHunting版 - Security 面試問題
Not a security expert but here's my thought.
Signing guarantees the integrity of the source data. If encryption is done
after signing, then you have to always perform decryption before knowing
whether the data is reliable or not. In such case if the encryption
algorithm is not strong enough it will be more susceptible to brute force
attack.
a**********t
发帖数: 631
41
来自主题: JobHunting版 - Security 面試問題
Let me try it one more time.
Both schemes have their pros and cons.
In the real word Signing is usually implemented with asymmetric key and
encryption (of large data) usually uses symmetric key.
The reason is that signing is usually performed on the hash of the message
only thus it can afford the low efficiency of asymmetric algorithm, while
encryption is performed on the entire message and symmetric algorithm is
much faster.
Signing after encryption
pro: the receiver of the message doesn't ha... 阅读全帖
a**********t
发帖数: 631
42
来自主题: JobHunting版 - Security 面試問題
I don't think in the real world it will be a problem as long as both schemes
are implemented properly.
But there could be chance in the bad implementation that the encryption key
is connection based thus the receiver still decrypts the message but is made
believe that the message is from B instead of A.
n********r
发帖数: 92
43
我试着回答一些,期望能抛砖引玉
比较高级一些的技术目前有
Identity Management(IdM)
Identity Federation
Identity and Access Management (IAM)
Single Sign On(SSO)/Single Log Out(SLO)
Mutli-Factor Authentication (MFA)
SAML/OAuth/OpenID/Secure Token-STS
基础一些的知识有
Authentication/Authorization/Entitlement/Encryption/Decryption
Message Integrity
Non-Repudication
Message Digest
Digital Certificate
Digital Signature
SSL/TLS
PKI
n********r
发帖数: 92
44
我试着回答一些,期望能抛砖引玉
比较高级一些的技术目前有
Identity Management(IdM)
Identity Federation
Identity and Access Management (IAM)
Single Sign On(SSO)/Single Log Out(SLO)
Mutli-Factor Authentication (MFA)
SAML/OAuth/OpenID/Secure Token-STS
基础一些的知识有
Authentication/Authorization/Entitlement/Encryption/Decryption
Message Integrity
Non-Repudication
Message Digest
Digital Certificate
Digital Signature
SSL/TLS
PKI
S*******h
发帖数: 7021
45
【 以下文字转载自 USANews 讨论区 】
发信人: MrGoogle (冬眠的蛇), 信区: USANews
标 题: Guccifer2.0放出新的一批DNC文档
发信站: BBS 未名空间站 (Tue Sep 13 20:02:09 2016, 美东)
理面有主党收贿款卖官位的资料, 连捐款人的信用卡资料跟捐款数目都有.
678.4 MB of new "DNC documents" from @Guccifer_2
http://mega.nz/#!uwBGyCoQ
Decryption key: !ZSPbUeUjmeSt0GEovBrEYV9V_3CX09hROm3JQJmr0HU
https://twitter.com/wikileaks/status/775823293781794816
f****o
发帖数: 15
46
支付宝诚聘iOS/Android开发工程师
工作地点:San Mateo, CA
岗位要求:
1. 计算机相关专业,本科以上学历;拥有很好的设计模式和思维, 熟悉面向对象编程
,图形界面开发;
2. 学习能力强,强烈的责任心,具有较强的沟通能力,需要与经常与国内团队沟通,能
回国出差。
3. 三年以上iOS和Android软件开发经验;精通Objective-C, C/C++和JAVA。
4. 熟悉Cocoa开发框架,包括UI、网络等方面;
5. 熟悉iOS和Android开发工具和相关开发测试工具的使用;
6. 跨平台/多终端开发经验,有encrypt/decrypt、http client/server、 graphics等
开发经验者优先;
有兴趣者请将简历发到[email protected]/* */,邮件Subject
请写上:
Senior iOS/Android Developer --
比如:
Senior iOS/Android Developer -- Xiao Zhang
p*******m
发帖数: 20761
47
你的wifi 分分钟被黑 我的路由电脑都补丁了你的呢?
US government announces that your Wi-Fi is vulnerable to hacks
By Paul Hill · 7 hours ago 30
Everybody’s internet is public today. WPA2, the go-to Wi-Fi security option
, has been cracked by Belgian researchers. The US Computer Emergency
Readiness Team (CERT) has issued a warning in response and is due to release
more details about the vulnerability later today. The warning issued is
stark, saying that almost all implementations are affected. Now there are
calls for a... 阅读全帖
f**********n
发帖数: 3081
48
decrypted message,have to decipher
w**f
发帖数: 7794
49
来自主题: Parenting版 - 问个DVD播放的事 (转载)
电脑上下载安装DVD Decrypter
把dvd rip 下来,
如果想用dvd机放就把镜像文件重新刻盘,
如果想在电脑上放, 安装虚拟光驱软件播发镜像文件
或者安装dvd to avi类似的软件把dvd转换成视频文件
D*******R
发帖数: 3
50
来自主题: Stock版 - 问个MAC run股票软件的问题
For MAC Users:
1. Go to http://aws.amazon.com and Sign Up for the EC2 web services. If you are an existing
Amazon user, you need to login and subscribe for the services. If you are
not an Amazon user,
then sign-up for it as a New User. Subscription requires you to put a credit
-card on file for billing
of the usage above the Free 750 hours monthly at a nominal rate.
2. Once you have your EC2 instance created, you will just need to run Remote
Desktop on your
system, input in the Public IP address... 阅读全帖
首页 上页 1 2 3 4 5 下页 末页 (共5页)