Page 4 of 4 FirstFirst ... 234
Results 31 to 39 of 39

Thread: Confused about the logic of public key encryption

  1. #31
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,038
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: return of the bubble-popper

    Quote Originally Posted by Cu Rua View Post
    To the trained eye, how visible are back doors? Would a hacker be able to take apart whatever bits and pieces they receive to take a look?
    Also, google failed, I can't find any comments on back doors Ritchie put into C.
    I goofed; it was Ken Thompson who spoke on "Trusting Trust." And the back door he describes was theoretical, never actually in the compiler. Try this link for the text of his speech: http://cm.bell-labs.com/who/ken/trust.html Note that he gives sample code for doing this!

    By definition, a back door isn't visible at all. Sometimes they can be detected using such tools as Wireshark (formerly called Ethereal), which log all packets sent or received from a system. However normal net use involves thousands of such packets every hour or less, so finding those sent by a back door is like looking for a specific grain of sand at the beach -- assuming that the back door lets them be logged at all.
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  2. #32
    Join Date
    Oct 2011
    Beans
    52

    Re: Confused about the logic of public key encryption

    I see... So what we could really use is a program that learns to recognize a few bits of suspicious code out of some ungodly number of lines and points it out to people and demonstrates how it works, then use that to examine any program we wanted. Theoretically. It doesn't sound very difficult to do, it just would take a while, right?

  3. #33
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,038
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Confused about the logic of public key encryption

    We already have such programs -- they're called "anti-virus" packages with heuristic (learning) capabilities. Sometimes they actually work, too. However they tag innocent programs quite often, also. Within the past year there's been at least one incident in which a false positive for an AV program wiped out a critical system file, totally disabling the users' systems.
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  4. #34
    Join Date
    Oct 2011
    Beans
    52

    Re: Confused about the logic of public key encryption

    Wouldn't the best place for a back door be in critical software? Maybe the virus scan behaved exactly the way it was supposed to.

  5. #35
    Join Date
    Aug 2005
    Beans
    462

    Re: Confused about the logic of public key encryption

    i haven't read the whole thread and see you're talking about something else now.

    you could try listening to this podcast.
    http://www.grc.com/sn/sn-034.htm

    there are probably youtube videos too.
    Thanks to the forums staff for your dedication and hard work
    (the admins changed my sig to that lol )

  6. #36
    Join Date
    Oct 2011
    Beans
    52

    Re: Confused about the logic of public key encryption

    Okay, back on topic: Would a back door be able to log every key made? One would think it a very useful thing to have a database full of keys, both public and private.

  7. #37
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    4,253
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Confused about the logic of public key encryption

    Quote Originally Posted by Cu Rua View Post
    Would a back door be able to log every key made?
    The back-door would do whatever the programmer told it to do. A typical back-door would be to allow someone else to decrypt.

    Generally, open source (regardless of whether it is free or not) does not have back doors, because programmers would spot them and publicise the fact. Closed source we have to take on trust. Ubuntu and TrueCrypt are both open source.
    Problems with WINE?
    Full Circle Magazine :: Confused "allot"? :: Cheap Linux stickers
    In my day, we had outdoors in which to run, play, and socialise. Now we have computers to do those.

  8. #38
    Join Date
    Oct 2011
    Beans
    52

    Re: Confused about the logic of public key encryption

    Realistically, how many programmers go through program code line by line, looking for nasty bits?

  9. #39
    Join Date
    Oct 2009
    Location
    frisco-->native
    Beans
    324
    Distro
    Ubuntu

    Re: Confused about the logic of public key encryption

    I think it's hard for people and myself, to imagine that an equation can be generated with ease, that is very hard to factor....you pass out the cypher generating object, but that doesn't help you factor it....
    Last edited by wannabegeek; October 23rd, 2011 at 06:59 AM.
    Lenovo ThinkPad T400 Core 2 Duo 4GB Ram Mint 13 XFCE
    500 GB spinning iron and 64 GB Crucial SSD in DVD bay.

Page 4 of 4 FirstFirst ... 234

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •