ahh... I didn't realize you meant it as a joke.

Have you looked at the way that ZRTP (VoIP protocol by Phil Zimmermann) handles Man in the Middle attacks? Seems like it would be effective.

Of course, most of this is new to me. I'm working my way into the field. Getting down basic knowledge and skills while trying to get familiar with the security community.

Thanks for your response!

In reply to this comment by NordlichReiter:
All software is victim of Obfuscation in network security, and in cryptography it is better to obfuscate the passphrase. AES Encryption works, thats been proven its a government standard. However no encryption is safe from Man in the Middle. No software that you distribute is safe from reverse engineering.

Security through obscurity is a joke, ( i meant it as a joke). Once the application has made it to the testing phase it can be broken. As for as the Encryption you have to have the pass phrase to decrypt it. A 20 character pass phrase may take a while to brute force. Even though you know how the program works you still have to know the pass phrase, considering the hash is in someone else's memory.

In reply to this comment by curiousity:
I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

All software is victim of Obfuscation in network security, and in cryptography it is better to obfuscate the passphrase. AES Encryption works, thats been proven its a government standard. However no encryption is safe from Man in the Middle. No software that you distribute is safe from reverse engineering.

Security through obscurity is a joke, ( i meant it as a joke). Once the application has made it to the testing phase it can be broken. As for as the Encryption you have to have the pass phrase to decrypt it. A 20 character pass phrase may take a while to brute force. Even though you know how the program works you still have to know the pass phrase, considering the hash is in someone else's memory.

In reply to this comment by curiousity:
I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

I don't understand the left-wing argument that Bush has "alienated" the rest of the world by invading Iraq. This claim seems to have no basis in fact.

Liberals generally agree (amongst themselves) that Bill Clinton was "loved" around the world. However, when Clinton pulled the troops out of Somalia, Bin Laden did not observe, "These Americans do not want to upset us, so they are leaving!" he said, "The US is a paper tiger" (Or as they say in Tex-ass, "All hat no cattle.")

Both the old soviets and the islamofascists respect only brute force. Any attempt at empathy or compromise is derided as weakness. It has nothing to do with what the USA did or didn't do, it's part of their culture to despise what they see as weakness.

Bill Clinton not only failed to provide for national defense, he was viewed as weak and naive by failing to answer any of the minor-by-comparison terrorist attacks against the USA during his slovenly reign leading up to 9-11-2001, which was planned in 1995.

Let me add that for whatever it was worth, Clinton did sincerely try to broker peace agreements throughout the 1990s. Any positive results? None that matter now. He had to learn the hard way what conservatives already know.

Clark can babble all he likes. If he knows McCain at all, he knows America's enemies fear him. If he's honest with himself, he also knows they don't fear Obama. At all.

Brute Force FTW

this is a great, spot-on documentary and even the general pop. not just the interrogations cadets need this kind of eye-opener. I really hope it makes it to the top of #15. instant upvote from me (and yes, you should, too)!

*edit* by the way, regarding the second part, did anybody see the previous Lost episode (yes, I know I'm not getting any respect now that I've confessed I'm still watching it, but whatever)? Is it possible the producers realized the effect from over-stylization of torture and decided to use Sayid (SPOILERS follow) in this covert-relationship "interrogation", rather than just have him use brute force? I'd certainly like to think so.

There is never a good reason to do a Bubble Sort. The only reason anyone ever learns it is because it is used as an "easy" introduction to writing algorithms in Computer Science 101 courses. Bubble Sort just happens to be a brute-force method that mimics the way some people would manually sort a random list of integers given unlimited time and paper. At the very least, for a O(n^2) algorithm, you can go with Insertion Sort which is guaranteed to perform faster or equal given the same data set, with the same amount of memory usage.

As for the actual algorithm that would be used, Quicksort is probably the most obvious choice, although they did not specify what their sorting goal was, so "It depends." is probably a fine answer.

I think requeues are used entirely too much by a lot of people. Personally I think it should be limited to once per video. It defeats the point of sift if you can just brute force a video out of the queue.

jwray:

Alright, write an intelligence survival simulation for BOINC, and convince a few thousand people to run it on spare processor cycles. Given that it appears that abstract cognition only evolved once on this planet over a few billion years I think you will find that your simulation will produce very little in your lifetime, unless you strongly bound your selection criteria, which is what AI researchers do.

Cognition is the consequence of a particular grouping of solutions to smaller problems, the human brain is a composite organ, each part does its own thing, working together they solve problems. Modeling one part gets us closer to a working human brain simulator. Perhaps this simulator is not possible with the technology we are using, and perhaps it is not a very efficient way to solve the problem (AIs would have little need of most of our biological heritage).

While I do agree that artificial selection is useful, and is used for fine tuning of algorithms, the solution you propose may never be computationally feasible, and is not efficient. We do have brains that can find patterns faster then brute force, which is how evolution does it, it makes little sense to use a computer to do something it does poorly, when we have brains that do these things well. That argument can also be made against AI in general, but if we are ever going to build functional AIs the human brain still has the best shot at success.

Its a real easy fix - have all the code published under the GNU - as long as they can prove that the machine has not been tampered, GNU linux box, BIG encryption to identify itself (so it would take too long to brute force)

strip the OS down to the minimum it needs to survive.

I watch Russian television on regular basis and keep informed via their press, over the last few years you saw a systematic propaganda movement to convince the Russian population of the same things that are hit within this documentary, that service in Russia is to "Land, Church and Tsar" or specifically the former KGB cronies who now occupy all government posts headed by Putin within the Kremlin. The stability most people talk about is not stability, its fear and respect to the old ways of Russian control much the same way that has been ingrained in the population over 100 years of centralized soviet communist and previous to that Tsar rule.

There is no tradition of peaceful power passage within the Russian government, because for Russians the modus operandi has been either revolt or submission. But its very simplistic to assume that it's what Russian want or understand much in the same way it was simplistic for the Neo-cons to assume that Arabs only understand brute force.

They have not been informed or given the opportunity to see that there are other choices beyond Putin or even Yeltsin, who after a disastrous first term was elected for a second term. The press apparatus was ineffective in informing the citizens that there was another choice, and now has been wholly seized by the state, thus you see the development of anti-western rhetoric that even Legacy employs, that Kasparov and other democratic parties are 'super-western'. It's merely a revival of the age old Soviet stance of 'enemies aboard', 'western intervention' and so on, but merely is a guise for assumption of totalitarian power, much in the same way 'war on terror' and fear mongering tactics were used by the White house to justify intervention into Iraq and the dismantling of key civil liberties.

When Yeltsin assumed power it was recommended to him that he disband the KGB and former secret service apparatus, but he did not take these steps, and over the years the KGB reformed as the FSB encroached on more positions of power and control within the government. Year on year the number of high positions held by former members of the KGB/FSB increased, far in excess of even the times of Gorbachev and the USSR.

Electroal laws have been changed to create a perpetual one party state under "United Russia" - from Putin machine squeezes opponents

* Increasing the minimum percentage of votes required for a party to enter parliament from 5% to 7% and banning parties from forming coalitions in order to break through the higher threshold

* Increasing the minimum number of members a party must have in order to be officially registered by the authorities, from 10,000 to 50,000

* Banning independent candidates from running for parliament.

Russians know this and voice their views, the economic success that so many people tout as being Putins are not his really, it was merely the time when benefits of centralized market systems moving into free market reforms completed laid in by Yeltsin, and of course the benefit of high oil prices and gas prices. All development has been concentrated in Moscow, travel to the rural areas and you instantly start to wonder what had changed from 1991 other then the abundance of mobile phones.

History shows that for totalitarian rulers to come into power require the convergence of time and opportunity, and this is Putin's time, over the last 6 years he has successfully dismantled any way of opposing him, and centralized power under himself, the election that is taking place is already called he will become prime minister, the population lulled while the engine of economy purrs well seemingly, but once the oil boom stops, food prices locks are removed and the population will start to revolt against their leader, there is no doubt in my mind that Putin will use whatever means necessary to suppress the population citing western intervention, orange revolution and using the secret police that even now are breaking up opposition demonstrations.

Oh my god, can people stop labeling every damn video as fake?!? Is this some stupid in-joke that I don't understand? How much more real does it need to be? It's on multiple news sites with a congruent story spanning 2-3 years. STFU already. Can't you accept that surprising things happen outside of your bedroom? This isn't even that surprising. Some cop is a dick and threatens to make up charges against someone under the age of 25 who he assumes is too young to know any better. SHOCKING.

(OK. rant finished. onward and upward)

i think his issue is twofold. one, yes, the kid has a chip on his shoulder after being assaulted by an off duty cop. he is slightly combatant, but not aggressively. but i think his major issue is that he feels that he has a right to privacy, which is something that we as a society, IMO, are releasing without a fight. in both incidents, cops ask him what he's doing, where he's going, etc. when he isn't doing anything out of the ordinary. (i don't see stopping in a parking lot as strange. if i'm tired, or need to pull over for a few minutes, and there's a parking lot, well why wouldn't i pull in?)

so he is taking his stand by refusing to discuss his personal life with people of authority, simply because they enforce the law. your upholding the law does not entitle you to know where i am going just because i'm walking down the street and you happen to see me. if i'm walking down the street with a gun, sure, you totally have a reason to ask me where i'm going. but if i stop my car in a parking lot, don't ask me why i stopped there. i parked in a parking lot. that is not headline material. "Guy parks in parking lot. Also washes hands in sink and reads in library. Arraignment scheduled for 9/24." the why of it is inconsequential.

the same happens in the incident where he is asked to get out of the car at the checkpoint.
"where you headed tonight?" (a reasonable question. a lot of people will openly discuss their plans. those that don't wish to are often intimidated enough by cops to blabber out what they're up to, eager to prove that they are guilty of no wrong doing.)
"i don't wish to discuss my personal life with you officer." (a completely reasonable response. you asked a question that i am uncomfortable answering. it has no bearing on our current situation, which essentially involves you making sure that i'm sober. i will not be stripped of my right to privacy simply because you're wearing a badge.)
"Alright. Come on up here. As a matter of fact, just stop your car right here and step out."(the cop's first question is actually him asserting his power in the situation. he asks questions. you answer those questions. any deviation from this script and many officers don't know how to react.)

that, i feel, is the major issue. police officers don't know how to react when this happens. i believe it is lack of training coupled with erratic behavior from cops. officers are afraid of losing their power in any situation. if you defy the slightest order or refuse to answer the most inconsequential question, they become immediately fearful and frequently turn to brute force to get you back into line.

Punk kids will think better next time. That's all today's pathetic and disgruntled youth understand-- brute force.

i was disappointed with the show, basically these guys are just brute force smash-and-grab thugs rather than "thieves". Unless you're willing to live in an armored fortress there's no useful preventative security measures that you can learn from watching them. Basically they just bash their way in thru the nearest entrance in broad daylight, quickly grab stuff and then take off before police can respond.

Did you know, Enzoblue, there's a term amongst fighters in MMA for somebody who is hoping to win by some quick lucky break rather than any superiority of technical or physical ability? It's called taking a puncher's chance.

And yes, that comes straight from boxing. In boxing, sometimes there are lucky hits, and sometimes no, you can't overcome them. Because every so often even a high level fighter will look the wrong way for a split second or bob when he should weave and just by chance, just from pure random chance, the can that he is supposed to be destroying takes a massive swing and gets the flash KO. And the champ will hit the mat, and he won't get up. Will and spirit and whatever else you want to say has no part in it, the man is unconscious.

So when you're talking about MMA, understand that fighters often consider standup striking to be a far riskier prospect, in that there is a higher chance that an inferior opponent will catch a lucky punch KO than a lucky sub.

As for this: "That's not fighting the way anyone wants, we want epic battles decided by brute force and technique and spirit." I have already addressed the fact that submission fighting is just as much a measure of technique, spirit, and athleticism as other aspects of the MMA game. And what exactly is "fighting the way anyone wants"? Do you think MMA fights are supposed to look the way people imagine they should, or more to the point, the way you imagine they should? They aren't, that's what Tony Jaa flicks are for. If you want to watch good fights the way they happen realistically between real experts, then go to an MMA match.

One of my coaches quoted after somebody commented about what he believed was a lucky win, "Luck is the intersection between opportunity and preparation." Sometimes inferior opponents catch lucky hits and lucky subs. That's the sport. The good guy doesn't always win. There is always the uncontrollable variable of luck, but the good fighters train so every other variable, be it strength, endurance, speed, power, whatever, is under their control.

In all honesty, I'm just repeating the things I said in my above post, but it's not clicking for you, I think because you don't have the experience or knowledge to dig what I'm saying. If one day you look deeper into MMA or even better take a crack at training it, you will be in a better position to judge. But until you do, and until you are, understand that I believe you are demeaning the sport by making ignorant assertions about what styles of fighting are "cheesy" or cheap, and what truly requires strength of heart.

P.S. As for groin strikes, if they were allowed, the sport would in all likelihood not be reduced to groin snipers. As Matt Thornton would say, adding a single strike does not affect the delivery systems that form the base for good fighters. Submissions, on the other hand, are not single attacks, they are a range of attacks, and thus are part of that base. It's the same as training for a self-defense type of situation: learn the gameplan, develop a base, then just add dirt.

Rembar, I appreciate your knowledge in this, it is enlightening, but it still doesn't change the fact that I've seen guys lose fights because of some cheesy move by a lesser man got them in a position where they could only continue by losing a limb or a windpipe.

They never got beaten, worn down, overpowered.. they got caught. Sometimes they even get caught before breaking a sweat and are still 100% after tapping out. That's not fighting the way anyone wants, we want epic battles decided by brute force and technique and spirit. Not by who gets the cheese move in first.

Compare to boxing if you can. In boxing, there are lucky hits, but you can overcome them. If you get knocked down, it's your strength of will that can get you back up, then your fighting spirit that can take you another round further, even turn the tables if you really got the right stuff. In this kind of fighting, it's game over. No second chance regardless of will or spirit.

Edit: Hell if groin kicks were allowed, the sport would be reduced to groin snipers - I'd even sign up to fight then, I would stand a chance, so would my gf for that matter...