IE is the AOL of Browsers.

I always hit arstechnica.com, slashdot.org, techdirt.com, and wired.com for security news. I like wired and arstechnica, they have obscure topics covered. Digg has a bit here and there but, its more about social networking.

Security is a fun place for the grey hats.

In reply to this comment by curiousity:
ahh... I didn't realize you meant it as a joke.

No problem, its cool to talk about these things.

Have you looked at the way that ZRTP (VoIP protocol by Phil Zimmermann) handles Man in the Middle attacks? Seems like it would be effective.

Of course, most of this is new to me. I'm working my way into the field. Getting down basic knowledge and skills while trying to get familiar with the security community.

Thanks for your response!

In reply to this comment by NordlichReiter:
All software is victim of Obfuscation in network security, and in cryptography it is better to obfuscate the passphrase. AES Encryption works, thats been proven its a government standard. However no encryption is safe from Man in the Middle. No software that you distribute is safe from reverse engineering.

Security through obscurity is a joke, ( i meant it as a joke). Once the application has made it to the testing phase it can be broken. As for as the Encryption you have to have the pass phrase to decrypt it. A 20 character pass phrase may take a while to brute force. Even though you know how the program works you still have to know the pass phrase, considering the hash is in someone else's memory.

In reply to this comment by curiousity:
I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

ahh... I didn't realize you meant it as a joke.

Have you looked at the way that ZRTP (VoIP protocol by Phil Zimmermann) handles Man in the Middle attacks? Seems like it would be effective.

Of course, most of this is new to me. I'm working my way into the field. Getting down basic knowledge and skills while trying to get familiar with the security community.

Thanks for your response!

In reply to this comment by NordlichReiter:
All software is victim of Obfuscation in network security, and in cryptography it is better to obfuscate the passphrase. AES Encryption works, thats been proven its a government standard. However no encryption is safe from Man in the Middle. No software that you distribute is safe from reverse engineering.

Security through obscurity is a joke, ( i meant it as a joke). Once the application has made it to the testing phase it can be broken. As for as the Encryption you have to have the pass phrase to decrypt it. A 20 character pass phrase may take a while to brute force. Even though you know how the program works you still have to know the pass phrase, considering the hash is in someone else's memory.

In reply to this comment by curiousity:
I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

had a good book of these, called "Separated at Birth"

the victoria beckham and fred thompson ones are but a few other highlights...

All software is victim of Obfuscation in network security, and in cryptography it is better to obfuscate the passphrase. AES Encryption works, thats been proven its a government standard. However no encryption is safe from Man in the Middle. No software that you distribute is safe from reverse engineering.

Security through obscurity is a joke, ( i meant it as a joke). Once the application has made it to the testing phase it can be broken. As for as the Encryption you have to have the pass phrase to decrypt it. A 20 character pass phrase may take a while to brute force. Even though you know how the program works you still have to know the pass phrase, considering the hash is in someone else's memory.

In reply to this comment by curiousity:
I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

I don't know C# yet. It's in the plan though.

I'm not a big fan of "security through obsurity." I'm not saying that your system is insecure just that I'm not a fan of the obsurity method for security in matters like this.

Kerckhoff's Principle

Bruce Schneier, author of Applied Cryptography, "if the strength of your new cryptosystem relies on the fact that the attacker does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think that someone won't disassemble your code and reverse-engineer your algorithm, you're naive."


In reply to this comment by NordlichReiter:
http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

http://www.videosift.com/video/Philip-Zimmermann-on-PGP-Pretty-Good-Privacy#addcomment

hey do you know any thing about c# ?

I wrote an windows form that does basically the same thing as PGP, but its not as user friendly.(security through obscurity) I use an SMTP Server, AES encryption, creatable passphrase. This was a private project, that I havent uploaded to the creative commons area yet, I'm lazy.

Its really very easy, I used a couple of methods from C# friends to mash it together. Only problem is, some email banks.. (AOL ) do not like encrypted emails.

^Awesome. Well, you don't have to pretend to do the same puzzle again, because this is more of a proof of concept than anything else. There should be and will be more puzzles if anyone is interested. I shoehorned schmawy's crossword puzzle into this old Flash game engine that's similar to a game I built for old site contest I worked on a long time ago just to begin the groundwork for something larger - consider it a beta.

Long story short, this crossword puzzle engine is dynamic so it can take new puzzles easily. If there is a desire, we can make this happen here on the Sift.

AOL! OMG!

I was reading the AOL homepage...

Mirror (non-region blocked?): http://video.aol.com/partner/hulu/the-tonight-show-who-wants-to-be-a-superhero-auditions/LzeRAy4QzEp5LmTJwDlQNTos1d5c6V6v

Mirror: http://video.aol.com/partner/cbs/saving-seeds-in-doomsday-vault/29dSbxdhw4IBYZpC2eVO_bPEjYZdvVep

>> ^choggie:
Gone for a couple a days and y'all drop a pair of righteous bombs, that's the spirit!!!
Thanks must be offered up, to the inspiration for the siftquisition.....Jeff Hoard, professional blogger muckraker!, extraordinaire!!!!


How the hell did I get brought into this? and I'm no longer a professional blogger.... I used to be one (May 07-March 08) with AOL, had a great time, made some scratch, bashed some neocons etc... But I have since moved on.

/PM me to pre-order my biopic

I believe "new feature outcry" is in the nature of the Sift. I also don't understand the amount of complaints against such a standard feature, Like Ox mentioned, the Ignore Feature has been part of online communities since the introduction of Trolls.

Personally, Like Netrunner, I feel a part responsible for the inception of this feature as I have recently complained about the nature of some comments I have personally received in my Inbox.

Of course, I understand the nature of my politics has the tendency to attract negative attention and I have developed what some would call a "thick skin" over the years, but even I still get knots in my stomach when I receive threats against my well being in my mailbox. I for one appreciate the option to Ignore users who make my time here less enjoyable. Especially when I understand those users are, to some degree, part of the community and calling for a ban would be counter productive for the community.

I am aware many GREAT members have left the sift because of personal attacks, an ignore feature is good feature for sifters who don't want to have to deal with this type of abuse.

As mentioned earlier, the feature might be best if only made for private messages, but I trust the judgment of Brian and Rommel when it comes to implementing this feature because they have a better view from above.

are you so insulated in your puter world that you have no clue about healthy human interaction?"

actually, I work all day from home with my girlfriend, she is sitting right beside me, all day. We interact like humans.
before I worked online I worked in an office, in a cubicle, I had much less human interaction from there.

can't you see that you are the kind of internet journalista/chronicler of the same ilk as the major media??

The only difference is Major Media is watched and accepted by Millions of viewers/readers on a daily basis...I type in internet forums were I am read by a couple dozen. Big difference.

that is why i always scream, "symptoms" when the "cause" should be addressed-

And that is what you want to do, then do it, don't piss on other users like myself and Japr for using the internet in the way they want. This is freedom man, breath it in, there might be a day when your wish is granted and "muckrakers" like myself will be booted into Jail and off the Internets (which is what I was threatened with when I posted for AOL Newsbloggers)

In reply to this comment by choggie:
Dude, chill out, you are worth the trouble-simply trying to get you to see yourself through another pair-are you so insulated in your puter world that you have no clue about healthy human interaction? Not every flower has a pleasing odor, esp. the one's we cultivate-I only chime in ever so often as a form of regulation-i do not have it out for you-If I am the only voice of dissent, and that not simply in the form of no-vote or down-vote, you got it made-you are well-liked by the simple folk-I dig yer passion and dedication as well-really though, can't you see that you are the kind of internet journalista/chronicler of the same ilk as the major media?? I see no difference between you and msnbc, cnn, etc etc.....that is, most of the time....you do have your moments-I meant what I said about the muckraking, you and everyone else who points the finger at Bush and cries foul, when that tool could not tie his shoe w/o taking cues from the folks who put him there, and i don't mean the voters-ineffectual at best, and a solid 180 degrees from any real effect save that of taking the spotlight of the cause......that is why i always scream, "symptoms" when the "cause" should be addressed-

I will never ignore anyone, you should have figured that out by now-harass?? you seem to think I have singled you out-well, with great power comes great responsibility, yadda yadda-I am a check valve for a solid dam of 20-something bullshit here-i can't stand college kids for the most part, because the system is damaged-Besides, you Canadians seem to be a bit more proud of your culture than most Americans are of theirs-we share the same language, a common border, and some of the same culture-all of which are in danger of going the way of the dinosaur, and the mentalities of a lot of the folks on this site, are what is making it easy for this to take place-

When some congressman, senator, or president really fucks up bad, it will be because they risked everything to disclose information-not because they said something perceived racist, perceived hateful, etc.....

Carry-on man, I sincerely apologize for ruffling your fragile feathers, once again-(funny thing, blankfist slowed way down after i called him out, and I took a jab at JAPR, too.....JAPR talks to me now, and understands me a bit better, but bf????....he tucked-tail and let ego get the best of him-I am transparent, man-Conflict is a great ice-breaker for those riddled with testosterone-a healthy individual after a fight, often finds common ground with their opponent, after some blood shed-