- Joined
- Jan 1, 2015
- Messages
- 7,950
- Likes
- 7,908
fb twitter mein log hugte bhi hai toh post daal dety hain... ghanta bc privacy leak ho gayi ??
adhaar se zada to SM ne ki hai...
adhaar se zada to SM ne ki hai...
I've used it a few times primarily to get free skype phone calls. Anyway, my question was general and not tor specific. How does it matter how many nodes are involved in the context of https?How many times you have used Tor ???
At a time data passes thru 3 nodes. Tor encrypts all data irrelevant of https. At a time there are around 350 to 400 nodes available. Plus it automatically changes 3 nodes at a certain time. So maybe vulnerable are the only nodes that doesn't have https.I've used it a few times primarily to get free skype phone calls. Anyway, my question was general and not tor specific. How does it matter how many nodes are involved in the context of https?
In the context of tor, only the exit node can unecrypt your connection but how does it matter how many others are involved?
The three nodes are rotated every ten minutes like you said. The first two in the chain don't matter because the connection is encrypted through them. However, if the exit node is compromised then your data could be decrypted even if you are using https (only for the ten minutes). Rule of thumb is not to use tor for anything where you're giving up sensitive information like bank passwords and sure as heck don't use it for something illegal.At a time data passes thru 3 nodes. Tor encrypts all data irrelevant of https. At a time there are around 350 to 400 nodes available. Plus it automatically changes 3 nodes at a certain time. So maybe vulnerable are the only nodes that doesn't have https.
Come on, who use tor for something like bank transactions.Rule of thumb is not to use tor for anything where you're giving up sensitive information like bank passwords and sure as heck don't use it for something illegal.
Correct, the system is anonymous as long as the exit node isn't a honeypot.Also USA gov seize tor nodes many times, if they find exit node is used for any illegal activities. But there's no way to find out the first node because second node doesn't give up to exit/third node about first one.
I think in USA, its even illegal to host a tor node.
Once you have the key you have everything since it is a symmetric key algorithm. Doesn't matter how many "packets" are being generated. If you are implying that each packet is encrypted using a new key, then why not use a more secure encryption system since you have all that memory for multiple keys in the first place?
Theoretically, you could rotate the keys every x seconds or something. But evidently, it can now be broken in near realtime. Why use an obsolete encryption method when newer ones are available?
A chosen-plaintext attack utilizing a rainbow table can recover the DES key for the specific plaintext 1122334455667788 in 25 seconds. This allows DES-based challenge-response authentication systems, such as MSCHAPv1, to be broken in real time.[21][22]
As for why the Brazilian Army bought a billion dollar system with DES, I don't know. They are stupid? Corrupt? Poor and can't afford newer hardware? They are using it for applications that are not security sensitive? I don't have inside knowledge so I can't presume to know.
As for "reading too much internet", it is my business as a developer to read the internet. Please don't be presumptuous.
Once you have the key you have everything since it is a symmetric key algorithm. Doesn't matter how many "packets" are being generated. If you are implying that each packet is encrypted using a new key, then why not use a more secure encryption system since you have all that memory for multiple keys in the first place?
Theoretically, you could rotate the keys every x seconds or something. But evidently, it can now be broken in near realtime. Why use an obsolete encryption method when newer ones are available?
A chosen-plaintext attack utilizing a rainbow table can recover the DES key for the specific plaintext 1122334455667788 in 25 seconds. This allows DES-based challenge-response authentication systems, such as MSCHAPv1, to be broken in real time.[21][22]
As for why the Brazilian Army bought a billion dollar system with DES, I don't know. They are stupid? Corrupt? Poor and can't afford newer hardware? They are using it for applications that are not security sensitive? I don't have inside knowledge so I can't presume to know.
As for "reading too much internet", it is my business as a developer to read the internet. Please don't be presumptuous.
First of all in an brute force attack you will never get a key, in brute force attack you only get packets and every packet for an attacker will be like using a new key. Hence I told you it will takes hours just to decrypt one packets just for des.
Somehow, we're not on the same page. The property of the DES algorithm is that "decryption can supposedly only be performed by those who know the particular key used to encrypt".I hope that clears your brute force attack ?
Again when a brute force attacks takes places it looks at the packets and decrypt it and for the attacker every packet will look like as the encryption key has been changed and has to decipher each and every packet.