[linux-elitists] [paper] RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

Timothy Tuck tek at pervasivenetwerks.com
Thu Dec 19 23:44:38 PST 2013


On 19.12.2013 14:58, Bill Bogstad wrote:
--- snip ---
>> fantastic! :/
>>
>> So ya this basically just rendered all encryption virtually useless!
>
> Not even close.   Even if one believes everything being said about 
> the
> result, all it means is that
> one shouldn't let anyone be within acoustic range of their computer
> when it is decrypting the message.
> That isn't much harder to accomplish than not letting anyone read my
> email over my shoulder.

Wow, is that some special kind of crack that your on?
Not much harder to accomplish than not letting anyone read over your 
shoulder eh?


And mind you this is with less than a 1 minute thought on what you said 
but a complete read on the paper he is quoting,
Plus they do appear to be speaking about DURING the decryption phase 
and only during that time. Plus must last 1 hours but even so.

Statistically 25 percent or by their placement around said laptop could 
view a screen required to read the screen but 100% can point a mic at 
it. Tablet even changes that perhaps.

Then jump to the next possibility.

Laptops by their nature are mobile devices so If I have a known NSA 
employee who boards the train every day who sits in the very last car 
with his back facing the tail end of the train. Then from his laptop 
VPN's into the office to get a jump start on his day, In your world he 
has zero to worry about other than what happens to the train.

Cause the first thing I thought about even before I finished reading 
this was "Israeli Intelligence Agencies" which upon finishing the whole 
article bore the fruit I had expected, as they talk about who wrote it, 
sponsored it and essentially kept it alive, putting programmers to task 
to make it so.

I will grant you that the threat to you or me is less than 1%. However 
what I am not willing to discount is the fact that this WILL be used 
against everyone they can, even if that requires them to create those 
situations in which it could be utilized.

Its not about what color you are or the country your from. Frankly I 
couldn't give a shit about those things.
What it is about is the state assuming somehow its interest of knowing 
what anyone or more importantly EVERYONE is doing, somehow let alone in 
any way superceeds our desire for privacy. Thats before we even assume 
that we expect we might ever have privacy.

Things are quickly escalating from the "no fucking way, they could read 
that" over into the "shit, can they hear me think" area.

In reality I know they can, but I question with what amount of 
fidelity, at least today if I had to bet, I would bet I'm wrong and they 
have much great fidelity than I dreamed of.
We humans are biochemical machines and as this paper points out they 
can read any leakage and deduce whats going on inside of those machines.

We stand on the precipous of a time when we will see actual thought 
crimes will likely be determined to be a prosecutable event, which alone 
should make everyone question at a bare minimum these 2 things. The 
first being why any state should have this much power or control.
And the 2nd one should be, are we really OK with it. Really?
Do we just say nothing and let it happen or do we at some point make a 
stand and say NO!

This is a window in time that once closed we will never see open again.
Thats before we even examine how, let alone why, they can use the tax 
dollars they take from us to find ways to later come after us. We really 
need to rethink this. All parts of this actually like the  whole thing 
called Government and even Country before they rethink us which I fear 
they have already done. Because if they have, sheep have more value in 
their view than us lone wolves in theirs and if Im right, any of us if 
not all of us may one day find ourself on more than just some nofly 
list.

>
> Bill Bogstad
> _______________________________________________
> Do not Cc: anyone else on mail sent to this list.  The list server is
> set for maximum one recipient.
> linux-elitists mailing list
> linux-elitists at zgp.org
> http://zgp.org/cgi-bin/mailman/listinfo/linux-elitists



More information about the linux-elitists mailing list