funsec mailing list archives
Re: Facebook Image Privacy
From: Blue Boar <BlueBoar () thievco com>
Date: Mon, 18 Jan 2010 14:58:32 -0800
Dan Kaminsky wrote:
I am saying operating systems are not like passwords. I don't think this exactly controversial.
Who was talking about operating systems? That smells like at attempt to redefine the argument. We were talking about secret URLs, keys passwords and the like. I think that makes a much better playing fields for the moment.
I can quantify this with the rate of change of complexity of a system. If you add one kilobyte of complexity to Windows (consuming literally 8192 bits extra space on the DVD), you have not done much to the difficulty of breaking Windows. If you add one kilobyte of complexity to an RSA key (literally, adding another 4096 bits to p and q respectively), you most assuredly have done much to to the difficulty of breaking this particular RSA key.
So is it the relative change then? How about change over time?
I will grant that we could use better words than "obscure" and "secret" to represent the difference. But I consider "obscure" fundamentally different than "utterly unknown". An obscure band is not a secret band. An obscure illness is not a secret illness.
Mixing it real-world analogies has never been terribly helpful when dealing with purely digital security. Let me attempt some examples: -Is XOR'd with a 4096-bit key obscure or secure? -Is RSA-encrypted with a 40696-bit key obscure or secure? -Is a crypt(3) password obscure or secure? Has that changes over time? -Is a URL with a random 4096-bit component obscure or secure? BB _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Facebook Image Privacy, (continued)
- Re: Facebook Image Privacy Imri Goldberg (Jan 17)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 17)
- Re: Facebook Image Privacy Larry Seltzer (Jan 17)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 17)
- Re: Facebook Image Privacy Vaughn, Randal L. (Jan 17)
- Re: Facebook Image Privacy Alex Eckelberry (Jan 17)
- Re: Facebook Image Privacy Blue Boar (Jan 18)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 18)
- Re: Facebook Image Privacy Blue Boar (Jan 18)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 18)
- Re: Facebook Image Privacy Blue Boar (Jan 18)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 18)
- Re: Facebook Image Privacy Blue Boar (Jan 18)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 18)
- Re: Facebook Image Privacy Blue Boar (Jan 18)
- Re: Facebook Image Privacy Larry Seltzer (Jan 18)
- Re: Facebook Image Privacy Valdis . Kletnieks (Jan 19)
- Re: Facebook Image Privacy Dan Kaminsky (Jan 19)
- Re: Facebook Image Privacy der Mouse (Jan 18)
- Re: Facebook Image Privacy Imri Goldberg (Jan 17)