What is encrypting in networking? What does it mean if unencrypted information is sent across the net? What are the implications if this happens?
chroot said:This site does not use encryption; it is therefore possible for someone experienced to get your password if they monitor the initial traffic between the site and your computer. It's really not worth worrying about.
TsunamiJoe said:his reason for worrying about encryption was a fear of a third party stealing his information,
Reshma said:So what is the best way to maintain security of your account in an unencrypted site?
That might as well have been word salad; you seem to have a very poor understanding of how computers work.
TsunamiJoe said:also to help prevent being hijacked by unsecure sites dont ever say yes to those boxes that pop up asking if so and so's company can be trusted - unless your on microsoft.com and similiar sites and the company of which is asking permission is microsoft
I'm not assuming it. You're making it obvious.TsunamiJoe said:how dare you assume you know my extent of computer knowlage,
I'm aware of breaking a cryptosystem via brute force, and by making use of weaknesses in the algorithm to narrow the keyspace. This is not my concern.In order to break encryption you need a hacking program to do so, I have created and tested algorythms by using hacks to brute force them, the ONLY way to break encryption is to have another program run a series of tests(not neccisarely brute forcing, occasionaly your lucky enough to know the type of algorythm being tested so that you can narrow your testing down to fewer methods) on the encryption in order to find the key to it in order to decrypt the file and read it/edit it or stop it.
I can send someone malware over plaintext email. Most malware programs are downloaded unwittingly through unsecure browsers by people who thoughtlessly press the "OK" button. The vast majority of websites don't use any encryption, and the vast majority of malware delivery doesn't involve any kind of encryption. I have no idea why you keep repeating yourself, but you're wrong.the fact you cant sent anyone malware without either a) breaking encryption or b) bypassing it, of which we are daily developing new methods to not allow said programs to merely bypass our encryption protocols
My concern is that you claim people break encryption with viruses and malware -- something that, to my knowledge, has never been done. I have yet to learn of a virus that contains within it cracking code.
That would be called bypassing the security by convincing an unsuspecting user to click on something so that you dont have to deal with the security measures otherwise, its as if you walk up to a door, and instead of burning it down, you knock on it to get the other person to open it.I can send someone malware over plaintext email. Most malware programs are downloaded unwittingly through unsecure browsers by people who thoughtlessly press the "OK" button.
Neither the filesharing program nor the calculator program uses any kind of cryptography. A cryptosystem is defined by an algorithm (DES, IDEA, RSA, TwoFish, etc.), and a set of (usually rigid) protocols by which two parties communicate securely. A cryptanalysis program examines a piece ciphertext and tries to recover the corresponding plaintext. That's breaking encryption.that when you download a file, say a calculator, somewhere along the line a virus has essentialy broken the encryption using the computers decrypting devices and hides itself in the file.
When a virus infects an executable, that's not "breaking encryption." When a trojan horse installs something in the Windows registry, that's not "breaking encryption."
That is not encryption! Machine code is definitely readable -- all you need is a table of the opcodes!TsunamiJoe said:I am in complete agreement with that statement. But what I was trying to express was, when you code something then make it an executable it is essentialy encrypted into a certain format(hexidecimal etc etc) which, personaly, I don't believe either of us can read, nor translate in efficient time.
I don't believe this is true. Please provide a reference.also most filesharing programs will essential "encrypt the stream" of data
This is a very poor analogy. How can you encrypt a stream of data without encrypting the data? That doesn't even make any sense.so that while in progress of being recieved, the data persay isnt being encrypted, but the stream is, for instance cars drive through a tunnel, the cars are the data, being completely unchanged, yet theres the tunnel which protects the cars from something falling on top of them to destroy them, malware.
How is a virus going to infect a stream of bytes going across the network? That would involve a very sophisticated attack on the TCP/IP protocol itself, which, again, I don't think has ever been done. If you think it has been done, please provide a reference.Now granted these streams are very rarely secure enough to prevent third party breakage when a person is trying to attain the information, but they are most often secure enough to prevent any computerised automatic viruses from infecting said files before they reach you.
as i said you cannot translate it efficiently, and secondly you can form a cryptographic algorithym to translate them into machine code, which is what the machine doesThat is not encryption! Machine code is definitely readable -- all you need is a table of the opcodes!
for instance when sending data through the ports, you can protect the port by not allowing access into it, which is done often through authorization strictly between machines without users knowing itThis is a very poor analogy. How can you encrypt a stream of data without encrypting the data? That doesn't even make any sense.
Could you perhaps reiterate this? But if your saying what I think you are, then its the same way that someone would intercept an encrypted message before it gets to one of the users, just its done by more or less random from a person's computer which he has initiated a program in to spread a virus. But again I could just be reading that wrong, and just to declare a network to me is a connection between any 2 or more machines whether it be person to server, person to person, or sever to person.How is a virus going to infect a stream of bytes going across the network?
TsunamiJoe said:as i said you cannot translate it efficiently, and secondly you can form a cryptographic algorithym to translate them into machine code, which is what the machine does
for instance when sending data through the ports, you can protect the port by not allowing access into it, which is done often through authorization strictly between machines without users knowing it