mersenneforum.org  

Go Back   mersenneforum.org > Math Stuff > Tales From the Crypt(o)

Reply
 
Thread Tools
Old 2022-01-21, 08:33   #287
paulunderwood
 
paulunderwood's Avatar
 
Sep 2002
Database er0rr

22×997 Posts
Default

Should the $2 trillion company Apple be allowed to sell AirTags in the light that they can be used to stalk and ultimately rape women?
paulunderwood is offline   Reply With Quote
Old 2022-01-27, 23:27   #288
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
República de California

5×2,339 Posts
Default

Quote:
Originally Posted by kriesel View Post
Wired article on the 2011 RSA network penetration, now that the 10-year nondisclosure period has expired https://www.wired.com/story/the-full...nally-be-told/
Late to reading this post - so, long story short, the data security experts who set up RSA's key-distribution infrastructure don't understand the concept of "air gap" (bolds mine):
Quote:
RSA executives told me that the part of their network responsible for manufacturing the SecurID hardware tokens was protected by an “air gap”—a total disconnection of computers from any machine that touches the internet. But in fact, Leetham says, one server on RSA’s internet-connected network was linked, through a firewall that allowed no other connections, to the seed warehouse on the manufacturing side. Every 15 minutes, that server would pull off a certain number of seeds so that they could be encrypted, written to a CD, and given to SecurID customers. That link was necessary; it allowed RSA’s business side to help customers set up their own server that could then check users’ six-digit code when it was typed into a login prompt. Even after the CD was shipped to a client, those seeds remained on the seed warehouse server as a backup if the customer’s SecurID server or its setup CD were somehow corrupted.
I love the "through a firewall that allowed no other connections" woo-woo, which seems to be implying "OK, not air-gapped, but just allowed to connect to one outside server, and via a *firewall*, so still pretty gosh-darn secure." And said connection was set up to offload chunks of data every 15 minutes to be written to CD and mailed to SecureID customers, but was not even monitored to spot unusual network traffic.
ewmayer is offline   Reply With Quote
Old 2022-01-28, 00:20   #289
kriesel
 
kriesel's Avatar
 
"TF79LL86GIMPS96gpu17"
Mar 2017
US midwest

17FB16 Posts
Default

Also:
Code:
The building was swept for bugs. Multiple executives insisted that they  did find hidden listening devices—though some were so old that their  batteries were dead
RSA was redundantly compromised.
kriesel is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cause this don't belong in the milestone thread bcp19 Data 30 2012-09-08 15:09
GPU TF vs DC/LL data bcp19 GPU to 72 0 2011-12-02 16:41
Opinions/Suggestions for Data Collection thread kar_bon No Prime Left Behind 19 2008-11-27 09:27
Data available? Prime95 LMH > 100M 10 2007-06-22 23:55
Deutscher Thread (german thread) TauCeti NFSNET Discussion 0 2003-12-11 22:12

All times are UTC. The time now is 23:24.


Fri Jan 28 23:24:54 UTC 2022 up 189 days, 17:53, 1 user, load averages: 2.73, 2.11, 1.97

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.

≠ ± ∓ ÷ × · − √ ‰ ⊗ ⊕ ⊖ ⊘ ⊙ ≤ ≥ ≦ ≧ ≨ ≩ ≺ ≻ ≼ ≽ ⊏ ⊐ ⊑ ⊒ ² ³ °
∠ ∟ ° ≅ ~ ‖ ⟂ ⫛
≡ ≜ ≈ ∝ ∞ ≪ ≫ ⌊⌋ ⌈⌉ ∘ ∏ ∐ ∑ ∧ ∨ ∩ ∪ ⨀ ⊕ ⊗ 𝖕 𝖖 𝖗 ⊲ ⊳
∅ ∖ ∁ ↦ ↣ ∩ ∪ ⊆ ⊂ ⊄ ⊊ ⊇ ⊃ ⊅ ⊋ ⊖ ∈ ∉ ∋ ∌ ℕ ℤ ℚ ℝ ℂ ℵ ℶ ℷ ℸ 𝓟
¬ ∨ ∧ ⊕ → ← ⇒ ⇐ ⇔ ∀ ∃ ∄ ∴ ∵ ⊤ ⊥ ⊢ ⊨ ⫤ ⊣ … ⋯ ⋮ ⋰ ⋱
∫ ∬ ∭ ∮ ∯ ∰ ∇ ∆ δ ∂ ℱ ℒ ℓ
𝛢𝛼 𝛣𝛽 𝛤𝛾 𝛥𝛿 𝛦𝜀𝜖 𝛧𝜁 𝛨𝜂 𝛩𝜃𝜗 𝛪𝜄 𝛫𝜅 𝛬𝜆 𝛭𝜇 𝛮𝜈 𝛯𝜉 𝛰𝜊 𝛱𝜋 𝛲𝜌 𝛴𝜎 𝛵𝜏 𝛶𝜐 𝛷𝜙𝜑 𝛸𝜒 𝛹𝜓 𝛺𝜔