Please Scroll Down to See Forums Below
napsgear
genezapharmateuticals
domestic-supply
puritysourcelabs
UGL OZ
UGFREAK
napsgeargenezapharmateuticals domestic-supplypuritysourcelabsUGL OZUGFREAK

security - email thoughts

  • Thread starter Thread starter Ashamed
  • Start date Start date
A

Ashamed

Guest
if you have chosen same password for your elite hush mail based account and your elite account or you have chosen a simple short password - get a new email account and close the old one

Just a thought... hushmail is web-based... it'i's only as secure as your password... if you broadcast your email address; they only need to generate your password....I'd think about that = espesh if you are a dealer or moderator....

Now prove my points wrong....
 
Last edited:
Another thing to keep in mind: If big brother wants to read your email, big brother WILL read your email.
 
edited to make sense... suddenly my whole computer went slow... oooooooooooooo:alien:
 
Ashamed said:
if you have chosen same password for your elite hush mail based account and your elite account or you have chosen a simple short password - get a new email account and close the old one

Just a thought... hushmail is web-based... it'i's only as secure as your password... if you broadcast your email address; they only need to generate your password....I'd think about that = espesh if you are a dealer or moderator....

Now prove my points wrong....
Click to expand...

Your username is transmitted over the wire. I suspect that it is encrypted. But your private key that you type in, should not be transmitted over the wire under the hushmail/cyber-rights method.

The encrypted messages are delivered and decrypted locally on your PC.

You are only as secure as your password. So you should never store the password anyplace. I have heard about authorities getting a search warrant and then placing a keyboard recorder on the machine. This then captures the password and therefore breaks the security. I remember reading this was employed to catch a mafia figure. I doubt these methods would be employed to try to gather information on your run of the mill dealer or user.

It would have to be pretty big time for a search warrant to be issued to hack into your computer. IMO.
 
"It would have to be pretty big time for a search warrant to be issued to hack into your computer. IMO"

All it takes is probable cause an a cop that wants a bust. The cops dont pay for these stuff individually, so if thet can get a Judge to sign off they are ready to go. This stuff is becomming more and more common. You can place a keystroke recorder on the computer if they leave themselfs open on the net, you dont even have to physically be there anymore.
 
you don't need the hassle of a keystroke recorder.. you need a program that generates algorithms and keeps firing all the different permutations into the password field....
 
ALWAYS use a passphrase, NEVER a password.

Passphrases are almost impossible to crack. Single, non-complex passwords are vulnerable to dictionary attacks, whereas passphrases or complex passwords must be attacked by brute force.

As for "big brother" being able to read your email, if the system uses DES to encrypt the communication and 2048-bit RSA or a secure BlowFish algorithm to encrypt the actual data, it would take even the NSA longer than the universe has existed to crack your message by brute force. There are other methods by which they can crack messages, but they depend upon other factors.

Go to distributed.net to read about encryption standards cracking. 64-bit RC5 was only relatively recently cracked by the project bovine parallel 10+ teraflops architecture and this took quite a while to do, 1775 days testing 125 billion keys per second. 128-bit RC5 features 2^64 more combinations.

Yes, there are faster supercomputers, even petaflops-class machines, but 2^128 is 19 orders of magnitude higher than 2^64.
 
why not pick something like jizzznatch. Who the hell is gonna crack that?
 
I have just created a new account with an easy to remember (for me) sentence as a password.... my previous password was too simple...

Now I strongly suggest that if you are buying stuff that is against the law and you have details held on the hush server that could incriminate you or your source - get a new email account now and choose a long passPHRASE as advised above... then advise people you are using the new account... you know it makes sense..

Takes seconds to open a new account here or at hush or cyber-rights....
 
jubei said:
why not pick something like jizzznatch. Who the hell is gonna crack that?
Click to expand...

I chose the names of my pets all together as one word (smallest animal first)...
 
The real fear for me is the keystrokes programs.

Basically, if you open a patch, they can install a program that monitors your keystrokes

They have everything you typed on paper including your passphrases
 
Ashamed, m'man, you keep using that word "algorithms." It does not mean what you think it means.

An algorithm is just a recipe, a way to do something, and the algorithm for breaking PGP-level asymmetric keys starts with "Order 6 BILLION YEARS worth of pizza."

I'm not saying there's no way to beat Hushmail, but brute force (what you're calling "algorithms") ain't it. No one who knows squat about cracking codes would even START down that road.
 
Ashamed said:
you don't need the hassle of a keystroke recorder.. you need a program that generates algorithms and keeps firing all the different permutations into the password field....
Click to expand...

Like one member mentioned. If you pick a decent size password phrase, then technically the private key is unbreakable because of the time it would take to break it using a brute force method.
 
digger said:
Ashamed, m'man, you keep using that word "algorithms." It does not mean what you think it means.

An algorithm is just a recipe, a way to do something, and the algorithm for breaking PGP-level asymmetric keys starts with "Order 6 BILLION YEARS worth of pizza."

I'm not saying there's no way to beat Hushmail, but brute force (what you're calling "algorithms") ain't it. No one who knows squat about cracking codes would even START down that road.
Click to expand...

Listen dickface.. here it is in simple english. A password that can be found in a dictionary e.g. mighty, cat, house, etc is not a good choice as a password for elite, hush, or cyberright email account. This is because it can be cracked using software that fires words known dictionary words into the password field.

You are better off choosing a passphrase like 6millionpizzas or myhandleisdiggerandiamatwat.
 
That's "MR. Dickface, Sir" to you.

No, "1234" isn't going to work too well as a passphrase. (Go change the combination on your suitcase. We'll wait.) Sounds like we're trying to agree with each other, if you ask me.
 
I would, in every case, recommend using a passphrase that is at least as long as the encryption key length. I would expect that the encrypted email systems would be locking your private key (which MUST be at least 1024 bits, 2048 is better and 512 is worthless) under 128-bit RC5 symmetric encryption. That means, make your phrase over 16 characters long.

Also, never use any service which gives you your message in a webpage. If it doesn't maintain your messages in memory only, don't use it. Webpages are recoverable from your hard disk even after they are deleted. The only way to securely prevent recovery from a hard disk once data is written is to physically destroy the disk. If you happened to be under deep cover for the CIA and the KGB was about to sieze your computer and discover your illegal espionage activities, the only way to prevent them getting it off your hard drive would be to destroy the drive.

Keyboard monitoring is a problem, but so long as you don't let it in through a trojan horse, you shouldn't get hit with one. The authorities would need to break into your house and machine and install it. As an aside, it's possible to read the display contents of a monitor from a distance. The spooks put together a system where they analyze the RF emanations from your monitor and from that can "reverse engineer" what is on the screen. Your monitor is refreshing itself at a particular rate, and sending off radio waves as the magnets inside of it aim the electron guns across all the pixels on the screen. The signal it emits is different depending upon the combinations of pixels that are on your screen. So, by pieceing these together, they can reconstruct what you are looking at from down the street.
 
You must log in or register to reply here.

Similar threads

~Vision~
PSL Article If you are NOT receiving emails or updates about your orders PLEASE READ!
Replies
0
Views
569
~Vision~
~Vision~
~Vision~
PuritySourceLabs If you are NOT receiving emails or updates about your orders PLEASE READ!
Replies
15
Views
3K
RoySimpson
RoySimpson
B
[Source] BioPharmaUSA
Replies
13
Views
1K
the_alcatraz
the_alcatraz
Macedog24
PuritySourceLabs TRT Blend (Test/Mast 200/200) 💉🩸"WE WILL PAY FOR YOUR BLOOD WORK"💉🩸
Replies
12
Views
2K
Noah Wixx
Noah Wixx
~Vision~
PSL Sale The original inventors of the TRT blend - We did it first "TRT 200/200" 400
Replies
19
Views
2K
MUSTANG_18
MUSTANG_18
Top Bottom