m********3
发帖数: 3280 | 1 http://www.washingtonpost.com/blogs/wonkblog/wp/2013/06/10/five
By Timothy B. Lee, Updated: June 10, 2013
If recent reports are to be believed, the National Security Agency has broad
powers to capture private information about Americans. They know who we’re
calling, they have access to our Gmail messages and AOL Instant Messenger
chats, and it’s a safe bet that they have other interception capabilities
that haven’t been publicly disclosed. Indeed, most mainstream
communications technologies are ... 阅读全帖 |
|
b********n
发帖数: 38600 | 2 http://www.forbes.com/sites/jameslyne/2014/05/29/open-source-cr
Encryption is a silent, unsung hero of our modern connected society . From
protecting your sensitive details when you log on to Internet banking to
protecting data on your laptop or mobile phone if it is lost or stolen, ‘
crypto’ (the oft used shortened version of encryption) is a supporting
pillar of the global economy and most of the digital world we all touch day
to day. Establishing trust in crypto (and thus in technology as a w... 阅读全帖 |
|
m*t
发帖数: 7490 | 3 转:
谷歌打不开 google打不开,与中国大陆封杀有关,但是主要是因为最近google服务器
在全球范围内重新进行了布局调整。
解决办法是只要修改用户本地计算机hosts文件就可以了。
一、Windows系统修改hosts文件的方法
windows系统hosts文件在本地电脑C盘,路径是:C:WindowsSystem32driversetc
用记事本txt文件打开hosts文件。
(如果提示没有管理权限的话,可把hosts文件复制,粘贴到电脑的桌面。在电脑桌面
上双击hosts文件,用记事本打开,添加代码修改,保存,再把桌面上这个hosts文件复
制,粘贴到C:WindowsSystem32Driversetc 文件夹里,电脑提示“是否替换”,点击“
是”,替换原来的hosts文件。)
(如果没找到hosts文件,可在本帖末尾下载一个新hosts,复制到C:
WindowsSystem32Driversetc 文件夹里。)
在hosts文件中把鼠标光标移到最下面那行代码末尾,回车换行,再添加进如下代码(
代码前面不加 # ):
203.208.46.176 0-focus-open... 阅读全帖 |
|
w*********g
发帖数: 30882 | 4 预防网络珍珠港事件。
===========================================
战争临近?中国加紧对关键技术的控制
来源: 笨狼 于 2015-03-02 22:03:22 [档案] [博客] [旧帖] [给我悄悄话] 本文已被
阅读:377 次 (28513 bytes)
字体:调大/重置/调小 | 加入书签 | 打印 | 所有跟帖 | 加跟贴 | 当前最热讨论主题
近日流传美国对中国加紧对关键技术的控制反应强烈,这是一份总结:
2015.02.28观察者
奥巴马内阁要求中国取消银行业信息安全新规
我把纽约时报的原文附录在下。这报道是针对中国就银行技术设备的要求而言的,其中
引用的参考消息的报道在此:
2015.02.28参考消息
外媒:美施压中国银行业技术新规 却严审中国投资
英媒:欧美企业上书政府 吁阻止中国网络安全新规
港媒:中国投资者并购美国企业 受审查最多
外媒关注中国启动网络安全审查 美国早有先例
中国人占美投资移民申请近九成 投资超百亿美元
参考消息相关资料较齐全,一并附上,但不确定华尔街日报原文出处。
然而这只是中国政府的第一步。目前中国... 阅读全帖 |
|
g********2
发帖数: 6571 | 5 September 4, 2016
Analysis of FBI Reports: China more likely to have Hillary’s emails, not
Russia
By Richard Henry Lee
From an analysis of the FBI document dump (Part 1, Part 2) concerning
Hillary’s email use and her foreign travel schedule, it is apparent that
the Chinese are more likely to have gained access to Hillary’s emails than
Russia. Other countries would have had opportunities as well.
Hillary’s email server was most vulnerable from mid to late January to late
March 2009, when the emai... 阅读全帖 |
|
a**********t
发帖数: 631 | 6 Let me try it one more time.
Both schemes have their pros and cons.
In the real word Signing is usually implemented with asymmetric key and
encryption (of large data) usually uses symmetric key.
The reason is that signing is usually performed on the hash of the message
only thus it can afford the low efficiency of asymmetric algorithm, while
encryption is performed on the entire message and symmetric algorithm is
much faster.
Signing after encryption
pro: the receiver of the message doesn't ha... 阅读全帖 |
|
w********2
发帖数: 632 | 7 Alert (TA13-207A)
Risks of Using the Intelligent Platform Management Interface (IPMI)
Original release date: July 26, 2013 | Last revised: October 07, 2016
Print Document
Tweet
Like Me
Share
Systems Affected
Any system connected to the internet running the Intelligent Platform
Management Interface (IPMI) may be affected. IPMI is resident on many server
platforms, and provides low-level access to a system that can override
operating system controls.
Overview
Attackers can easily identify and acce... 阅读全帖 |
|
c******a
发帖数: 4400 | 8 早球的很,而且可以防范性更新
https://futurism.com/bitcoins-security-quantum-computers/
The researchers found that the application-specific integrated circuits (
ASICs) currently used by most cryptocurrency miners should be able to
maintain a speed advantage over quantum computers for the next 10 years, so
miners likely won’t be able to use quantum systems for nefarious purposes
in this manner for at least a decade.
While conventional computers don’t possess the necessary computational
power to derive a privat... 阅读全帖 |
|
M****e
发帖数: 3715 | 9 http://www.apple.com/pr/library/2011/04/27location_qa.html
Apple would like to respond to the questions we have recently received
about the gathering and use of location information by our devices.
1. Why is Apple tracking the location of my iPhone?
Apple is not tracking the location of your iPhone. Apple has never done
so and has no plans to ever do so.
2. Then why is everyone so concerned about this?
Providing mobile users with fast and accurate location information while
preserving their secu... 阅读全帖 |
|
r*****l
发帖数: 2859 | 10 My JavaOne topic is about security :)
DBAs have to know the password to perform DB operations. This is no easy way
to go around DB passwords. If you really need security, you can split the
password to two or more parts and give each part to one or more person. No
one knows the complete password.
The general rule is: never store the encryption key/password with the
application and DB. The key should be stored in an isolated environment. You
only need to expose it when you start the application an... 阅读全帖 |
|
r*****l
发帖数: 2859 | 11 My JavaOne topic is about security :)
DBAs have to know the password to perform DB operations. This is no easy way
to go around DB passwords. If you really need security, you can split the
password to two or more parts and give each part to one or more person. No
one knows the complete password.
The general rule is: never store the encryption key/password with the
application and DB. The key should be stored in an isolated environment. You
only need to expose it when you start the application an... 阅读全帖 |
|
|
l*******g
发帖数: 28502 | 13 ☆─────────────────────────────────────☆
lxinzh (头发5毫米) 于 (Sat Mar 10 23:14:21 2012, 美东) 提到:
这个好看不,据说每100楼奔一次,前2次没赶上。
☆─────────────────────────────────────☆
EIIiottJr (Froglet) 于 (Sat Mar 10 23:15:02 2012, 美东) 提到:
性格开朗大条
讲义气外人总比家人重要
不照顾LD面子
生长于北方寒冷之地,如东北内蒙
恋爱中主动,喜欢小白脸
☆─────────────────────────────────────☆
EIIiottJr (Froglet) 于 (Sat Mar 10 23:16:13 2012, 美东) 提到:
强势,男士小一两岁融洽
☆─────────────────────────────────────☆
lxinzh (头发5毫米) 于 (Sat Mar 10 23:16:49 2012, 美东) 提到:
你相面的结果?
☆... 阅读全帖 |
|
A****r
发帖数: 41 | 14 The debate over iPhone encryption started in September 2014, when Apple
released iOS 8. That was the first operating system to encrypt iPhones by
default, giving customers the only means of decrypting their phones. That
means the only way for police to retrieve a suspect's photos, messages,
email, contacts, call history, iTunes content, notes and reminders is with a
passcode.
The FBI has been up in arms about Apple's encryption tactics, arguing that
it will impede its investigations. It has been... 阅读全帖 |
|
p*******m
发帖数: 20761 | 15 Access control bypass in Hikvision IP Cameras
From: Monte Crypto
Date: Tue, 12 Sep 2017 04:19:00 +0200 (CEST)
Access control bypass in Hikvision IP Cameras
Full disclosure
Sep 12, 2017
Synopsis:
---------------
Many Hikvision IP cameras contain a backdoor that allows unauthenticated
impersonation of any configured user account.
The vulnerability has been present in Hikvision products since at least 2014
. In addition to Hikvision-branded devices,
it affects many whi... 阅读全帖 |
|
a******n
发帖数: 206 | 16 先声明:我没有站边, either pump or dump btc. 只是读到了自己觉得不错的文章,
分享过来,想听听大牛怎么说。
链接在此:https://blog.chain.com/a-letter-to-jamie-dimon-de89d417cb80?from=
singlemessage&isappinstalled=0
原文很长。总结如下。
Cryptocurrencies (which I prefer to call crypto assets) are a new asset
class that enable decentralized applications
Decentralized applications enable services we already have today, like
payments, storage, or computing, but without a central operator of those
services
This software model is useful to people who need c... 阅读全帖 |
|
|
O**n
发帖数: 649 | 18 Sensitive Military Encryption Technology to China – On Sept. 13, 2010, Chi
Tong Kuok, a
resident of Macau, China, was sentenced in the Southern District of
California to serve 96 months
in prison for his efforts to obtain sensitive defense technology used in
encrypted U.S. military or
government communications and to cause them to be illegally exported to
Macau and Hong
Kong. On May 11, 2010, Kuok was convicted at trial of conspiracy to export
defense articles
without a license and to smuggle go... 阅读全帖 |
|
w********1
发帖数: 3492 | 19 Thu, 05 Jul 2012 06:31:17 PDT
Instapaper developer Marco Arment notes that Apple's App Store is apparently
pushing out corrupted app binaries of a number of different applications to
users. The issue, which renders the apps unusable, has apparently been
triggered on app updates approved over the past few days.
Characterizations of this issue:
- The app crashes immediately on launch, every time, even after a delete and
reinstall as long as the corrupt file is being served by the App Store.
- It ... 阅读全帖 |
|
发帖数: 1 | 20 对于一个严肃的密码系统是不会采用对称加密算法的,sys.symmetric_keys里没东西正
常。这也是为什么你不能去银行问到自己的旧密码,而只能重置新密码的原因。
加密的方法组合起来不下千万种,无头绪就解密基本不可能,而且正常也不会有这需求
吧。
以我做过的项目而言,都是HSM, 硬件级别的加密。你可以试试查下以下返回,碰碰运
气。
SELECT [provider_id], [guid], [provider_version], [sqlcrypt_version], [
friendly_name], [authentication_type], [symmetric_key_support], [symmetric_
key_persistance], [symmetric_key_export], [symmetric_key_import], [
asymmetric_key_support], [asymmetric_key_persistance], [asymmetric_key_
export], [asymmetric_key_import]
FROM [mas... 阅读全帖 |
|
y********o
发帖数: 2565 | 21 I have never encrypted the connection string. Would you please give more de
tails?
1. Do we encrypt the connection string with an encryption algorithm of our
choice?
2. And then put the encrypted connection string, presumably something like
"AE0139FADDE2AD009EADFEEAA23EAE61F329882E3F", in web.config?
3. Suppose it is the case that 2 is true, then don't we have to decrypt it
in the code behind like below?
SqlConnection conn =
new SqlConnection(DecryptMyConnectionString(myEncryptedConnection |
|
|
j**z
发帖数: 109 | 23 SHA is hashing, and lots of people like to call it one-way encryption.
However, calling it "encryption" actually causes a lot of misunderstanding,
and personally I always hate to call it encryption, because when you think "
encryption", you will naturally think about "decryption". SHA is design to
do one-way hashing, basically you can't "decrypt" a SHA value, otherwise, it
is a algorithm or implementation flaw.
goodbug's suggestion is a good one to make your application look with better
security... 阅读全帖 |
|
m********3
发帖数: 3280 | 24 http://blog.seattlepi.com/techchron/2013/06/07/technically-spea
In the wake of revelations around the extent of the NSA surveillance
programs it’s worth asking how such a program would operate, from a
technical standpoint. The feds have been collecting cell phone, Internet and
credit card data and to detect — and ostensibly stop — crimes.
Recently leaked document and previous court cases indicate much of that data
comes from Internet companies and telecom providers we use every day like
Google, ... 阅读全帖 |
|
t***h
发帖数: 5601 | 25 12.43pm ET
Final question from Glenn Greenwald:
Anything else you'd like to add?
Answer:
Thanks to everyone for their support, and remember that just because you
are not the target of a surveillance program does not make it okay. The US
Person / foreigner distinction is not a reasonable substitute for
individualized suspicion, and is only applied to improve support for the
program. This is the precise reason that NSA provides Congress with a
special immunity to its surveillance.
12.41pm ET
Q... 阅读全帖 |
|
t*******y
发帖数: 21396 | 26 Researchers from the University of California at San Diego delivered a paper
at the FAST-11 Conference in San Jose, Calif., last week that shows it's
almost impossible to reliably erase data from a solid state drive.
The tome, "Reliably Erasing Data from Flash-Based Solid State Drives" (PDF),
goes through all of the known techniques for erasing data and comes up
short in every case. The study's method is straightforward: They put
repeating data on an SSD or USB drive, tried using various erasing... 阅读全帖 |
|
m********5
发帖数: 17667 | 27 审计估计过不了,于是干脆停了
大家安了吧,在NSA面前没有秘密
http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website
Several readers sent word that the website for TrueCrypt, the popular disk
encryption system, says that development has ended, and Windows users should
switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt
is not secure as it may contain unfixed security issues. ... You should
migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk
images supported on your platf... 阅读全帖 |
|
r***y
发帖数: 248 | 28 【 以下文字转载自 Security 讨论区 】
发信人: reedy (怒放的神明), 信区: Security
标 题: 如何格式化一个安装了mcafee endpoint 加密的电脑
发信站: BBS 未名空间站 (Sun Oct 18 23:32:33 2015, 美东)
我从auction买了一个工作站,看机型指标不错,拿回来一看,安装了mcafee endpoint
encryption软件,里面的用户名和密码我一无所知,我打算重装系统把硬盘重新格式
化就可以让这个工作站为我所用。结果发现WINDOW安装盘根本无法启动,还是原来的XP
系统,我估计就是mcafee endpoint encryption软件加密了整个硬盘不让我重装系统,
这样可以起到保护数据也不丢失数据的目的,这样一来,问题的重点就是如何格式化一
个安装了mcafee endpoint encryption的电脑,只有彻底格式化硬盘,我才可以重装系
统,我试着用dban这样的软件,ISO光盘塞进去启动也不管用,请教大人有什么高见?
谢谢! |
|
a***m
发帖数: 5037 | 29 Shadowsocks is a user-written package developed by a female Chinese
programmer in her spare time with the purpose of helping Chinese, especially
those who are educated, to overcome the barrier that is induced by GFW for
achieving full access to Internet Freedom
Unlike conventional ways of crossing, e.g. proxy or VPN, this way of
crossing comes with no or very limited unique characteristic in the way of
transmission as well as ports that are used for communications. This is
because both encryptio... 阅读全帖 |
|
g****y
发帖数: 2810 | 30 用的人多了就可以封了
[在 arcam (arcam) 的大作中提到:]
:Shadowsocks is a user-written package developed by a female Chinese
:programmer in her spare time with the purpose of helping Chinese,
especially those who are educated, to overcome the barrier that is induced
by GFW for achieving full access to Internet Freedom
:Unlike conventional ways of crossing, e.g. proxy or VPN, this way of
:crossing comes with no or very limited unique characteristic in the way of
:transmission as well as ports that are used for com... 阅读全帖 |
|
p*******m
发帖数: 20761 | 31
What You Should Know About the ‘KRACK’ WiFi Security Weakness
Researchers this week published information about a newfound, serious
weakness in WPA2 — the security standard that protects all modern Wi-Fi
networks. What follows is a short rundown on what exactly is at stake here,
who’s most at-risk from this vulnerability, and what organizations and
individuals can do about it.
wifi
Short for Wi-Fi Protected Access II, WPA2 is the security protocol used by
most wireless networks today. Researche... 阅读全帖 |
|
g**1
发帖数: 10330 | 32 Authorities said that Zheng allegedly circumvented that restriction by
encrypting GE data files on his computer and then hiding those files in the
data code of a digital photograph that he sent to his private Hotmail
account.
The company finally took steps to begin monitoring Zheng's activities last
year, after they discovered another 400 digital files on his company-issued
laptop that had been encrypted with a software program not used by GE.
"GE installed monitoring software on Zheng's compute... 阅读全帖 |
|
|
|
|
|
l****z
发帖数: 29846 | 37 One of the most popular password security companies just admitted it was
hacked
Cale Guthrie Weissman
Jun. 15, 2015, 3:27 PM
LastPass, a popular password manager program, just admitted it's been hacked.
In a blog post published today, LastPass’s Joe Siegrist writes, "The
investigation has shown ... that LastPass account email addresses, password
reminders, server per user salts, and authentication hashes were compromised
."
LastPass works by having users choose one strong master pass... 阅读全帖 |
|
l****z
发帖数: 29846 | 38 Trump is at it again… kicking butt and taking names. The Donald is knocking
yet another giant to their knees with his unfiltered soapbox…
GOP presidential front-runner Donald Trump is insisting that Apple
unlock the iPhone of one of the shooters in the San Bernardino, Calif.,
terrorist attack.
“To think that Apple won’t allow us to get into her cellphone,” Trump
said on “Fox and Friends” Wednesday morning. “Who do they think they are
? No, we have to open it up.”
The FBI has been una... 阅读全帖 |
|
p*******m
发帖数: 20761 | 39 Jealous of PRISM? Use "Amazon 1 Button" Chrome extension to sniff all HTTPS
websites!
tldr: Insecure browser addons may leak all your encrypted SSL traffic,
exploits included
So, Snowden let the cat out of the bag. They're listening - the news are so
big, that feds are no longer welcome at DEFCON. But let's all be honest -
who doesn't like to snoop into other person's secrets? We all know how to
set up rogue AP and use ettercap. Setting up your own wall of sheep is
trivial. I think we can safely... 阅读全帖 |
|
p****u
发帖数: 2422 | 40 Dear eBay Member,
To help ensure customers' trust and security on eBay, I am asking all eBay
users to change their passwords.
Here's why: Recently, our company discovered a cyberattack on our corporate
information network. This attack compromised a database containing eBay user
passwords.
What's important for you to know: We have no evidence that your financial
information was accessed or compromised. And your password was encrypted.
What I ask of you:
Go to eBay and change your password. Changi... 阅读全帖 |
|
y*****0
发帖数: 402 | 41 帮朋友发个简历这里, 欢迎指正,拍砖, 甚至推荐,
Personal Information:
Last Name: First Name:
Gender: Date of Birth:
Place of Birth: Nationality:
E-mail: Telephone:
Mailing Address:
Research Interests:
Network Security, Network Performance, Wireless Networks.
Educational Background:
M.S. in Software Engineering
December 2006
Huazhong University of Science & Technology (China) (Overall GPA
B.S. in Electronic Science and Technology... 阅读全帖 |
|
r*****e
发帖数: 30 | 42 Not quite understand what is going on here.. please help --
你說
con: if there are 2 legitimate users on the same network and user B can
intercept user A's encrypted message and replace user A's signature with
user B's then send it out to impersonate user A.
但如果
Let say the 2 legitimate users in communication are A and C. A is sending
MAC(encrypted package) and the encrypted package to C. B received it and
took off A's signature. Replacing by B's own signature.
How can B impersonate user A ? B o... 阅读全帖 |
|
C*******n
发帖数: 193 | 43 Let's say you have a binary string such as the following:
011100011
One way to encrypt this string is to add to each digit the sum of its
adjacent digits. For example, the above string would become:
123210122
In particular, if P is the original string, and Q is the encrypted string,
then Q[i] = P[i-1] + P[i] + P[i+1] for all digit positions i. Characters off
the left and right edges of the string are treated as zeroes.
An encrypted string given to you in this format can be decoded as follows (
u... 阅读全帖 |
|
k*********5
发帖数: 1417 | 44 新手上周刚申请了BLUEBIRD
收到卡在网上激活之后就尝试把在staples买的MASTERCARD load到账户里去
不过在网上加了卡之后转了两次都不成功
显示bluebird的卡没有激活
还没来得急打电话激活就收到了两封warning的邮件
请问这该怎么处理?
打电话告诉他看到买的卡上有debit的标志就觉得可以冲了么
还是??
第二封要是不把ID给他们会怎么样?
第一封:
During a recent review of your account we noticed you have linked a prepaid
card that is not a permitted funding source. The acceptable card funding
sources is a bank debit card.
Please contact us immediately at 1-800-660-2454 so we can discuss further
details on this matter.
第二封:
During a recent review, ... 阅读全帖 |
|
l****z
发帖数: 29846 | 45 【 以下文字转载自 USANews 讨论区 】
发信人: lczlcz (lcz), 信区: USANews
标 题: lastpass被黑了,用的人赶紧去改密码吧
发信站: BBS 未名空间站 (Mon Jun 15 19:09:40 2015, 美东)
One of the most popular password security companies just admitted it was
hacked
Cale Guthrie Weissman
Jun. 15, 2015, 3:27 PM
LastPass, a popular password manager program, just admitted it's been hacked.
In a blog post published today, LastPass’s Joe Siegrist writes, "The
investigation has shown ... that LastPass account email addresses, password
reminders,... 阅读全帖 |
|
H*******d
发帖数: 2394 | 46 另外你看看最近的消息,好不容易有个不受政府控制加密的软件,你的主子马上不高兴
了,强制让别人的公司办不下去了。要不你评价评价你主子吧
http://www.mitbbs.com/article_t/WashingtonDC/31975071.html
My company, Lavabit, provided email services to 410,000 people, and thrived
by offering features specifically designed to protect the privacy and
security of its customers. I had no choice but to consent to the
installation of their device, which would have provided the government with
access to all of the messages, for all of my customers, as they travelled to
and from o... 阅读全帖 |
|
|
t******g
发帖数: 17520 | 48 gold loot chest 地点是固定的
解释一下
Engram
From Destinypedia, the Destiny wiki
Example of an Engram. In this case, the golden color indicates it is Exotic.
Engrams are crystals;[1] that are encoded with the patterns of armor,
weaponry and other as-yet-undisclosed items. There are two known types of
Engrams: Encoded and Encrypted.[2]
Encoded Engrams are sold by the Cryptarch, and are coded with the patterns
of known items, such as a particular section of armor or class of weaponry.
Once purchased by the ... 阅读全帖 |
|
