Conversation

Notices

1. Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:23:17 JST Foone🏳️‍⚧️

   The 37C3 talk on TEA1 encryption (used by police and military units in europe) is hilarious.
   The hackers announced they found a vulnerability in the encryption, and one of the ways the organization that standardized the TEA1 encryption downplayed the breach was by saying that it wasn't viable, because it required "high powered GPUs".

   So they ported their algorithm to a Toshiba Satellite P1 running Windows 95, and re-cracked the encryption there.

   https://www.youtube.com/watch?v=8KhbJ4pqcOY

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:24:33 JST Foone🏳️‍⚧️

     in reply to

     yeah it took 13 hours but still: this was hackable even when it was new, just /slowly/.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:25:45 JST Foone🏳️‍⚧️

     in reply to

     but that's some hilarious pettiness. "oh, this isn't really a risk because it requires new hardware, and it was sensible when it was designed back in the 90s? Well, screw you, we'll hack your shit on a 90s laptop we bought off ebay!"

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:27:12 JST Foone🏳️‍⚧️

     in reply to

     also that's a hilarious counter-argument. "it doesn't matter because it would require some high-end GPUs!"

     you don't think an organized crime outfit couldn't justify a couple RTX 4090s in exchange for being able to listen to all the police's communications?

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:38:00 JST Foone🏳️‍⚧️

     in reply to

     • Madopal

     @madopal absolutely!
     You can just cloud-source as many GPUs you want and hack this shit relatively cheap, and that comes up later in the talk.

   • Madopal (madopal@mstdn.social)'s status on Friday, 05-Jan-2024 10:38:01 JST Madopal

     in reply to

     @foone I've always wondered about this...do they even need to? Can't they just provision some GPUs for a few hours from a cloud provider of choice?

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 10:53:24 JST Foone🏳️‍⚧️

     in reply to

     • stilescrisis
     • Madopal

     @stilescrisis @madopal someday I'm gonna raise the money to get enough AWS GPUs to crack a 3DES key.

     I really, really want to watch a DIVX movie again.

   • stilescrisis (stilescrisis@mastodon.gamedev.place)'s status on Friday, 05-Jan-2024 10:53:25 JST stilescrisis

     in reply to

     • Madopal

     @madopal @foone Yup, this works! I know someone who used GPUs on AWS to crack a private key.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Friday, 05-Jan-2024 19:07:35 JST Foone🏳️‍⚧️

     in reply to

     • Haelwenn /элвэн/ :triskell:

     @lanodan sounds like something from a Charles Stross Halting State novel: the police figure out they're being spied on because they discover the AWS VM's get spun up at the same time as they use their radios.

   • Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 05-Jan-2024 19:07:39 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @foone Specially when you can *rent* those powerful machines.
   • argv minus one (argv_minus_one@mstdn.party)'s status on Saturday, 06-Jan-2024 05:38:14 JST argv minus one

     in reply to

     @foone

     Which, amazingly enough, apparently still works, rotating disk drive and all.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Saturday, 06-Jan-2024 05:38:14 JST Foone🏳️‍⚧️

     in reply to

     • argv minus one

     @argv_minus_one nah, that's just how Toshiba Satellites are. I've got several, and other than the batteries, they'll just happily keep working for 25 years. They're some hardy machines.