What is encrypting?

  • Thread starter Reshma
  • Start date
  • #26
chroot
Staff Emeritus
Science Advisor
Gold Member
10,239
39
TsunamiJoe said:
as i said you cannot translate it efficiently, and secondly you can form a cryptographic algorithym to translate them into machine code, which is what the machine does
It's not a cryptographic algorithm. In the very strictest sense, ASCII could be considered a substitution cipher (it replaces a character with a number), but it's just a representation, and is not done to protect information. Sorry, but you're using the word incorrectly. If you intend to seek formal education on the topic, you should start using (and spelling) the words properly. Arguing with me about the meaning of words is just a silly waste of both our time; I know more about this topic than do you.
for instance when sending data through the ports, you can protect the port by not allowing access into it, which is done often through authorization strictly between machines without users knowing it
Again, this is not encryption. You seem to think that any kind of protection mechanism is cryptography, but that's just simply not true.
Could you perhaps reiterate this? But if your saying what I think you are, then its the same way that someone would intercept an encrypted message before it gets to one of the users, just its done by more or less random from a person's computer which he has initiated a program in to spread a virus. But again I could just be reading that wrong, and just to declare a network to me is a connection between any 2 or more machines whether it be person to server, person to person, or sever to person.
Viruses tack executable code onto executable programs. In order for a virus to infect a file as its bytes are being sent across the network, the virus would have to interact with both peers on the network, performing a very elaborate middle-man attack, crafting new packets with the right sequencing information to maintain contuinity for the duration of the connection.

As far as I know, it's never been done, and viruses do not infect files as they are being transferred byte-by-byte across the network. If you do not have references to such viruses, you shouldn't be saying such things happen.

- Warren
 
  • #27
748
4
I can send someone malware over plaintext email. Most malware programs are downloaded unwittingly through unsecure browsers by people who thoughtlessly press the "OK" button.

Interesting discussion here :biggrin:

Can someone define what exactly is an 'unsecure' browser? What is the difference between a malware and a virus? Since it is not possible to break encryption using viruses, that leaves me with one question: Are unencrypted sites more prone to virus?
 
  • #28
437
1
Reshma said:
Interesting discussion here :biggrin:
The discussion here is mainly driven by the misconception of TsunamiJoe that Security and Encryption are synonymous.

Reshma said:
Can someone define what exactly is an 'unsecure' browser?
An 'unsecure' browser can have many interpretations. In terms of encryption at least, virtually all browsers support it when requested. Unsecure browsers are usually the ones that are not careful with what they download (or do not notify the user), including malware, or applets/add-ons that perform file processing. There are several other security measures that a good browser can take, but I am not competent enough to list them here.


Reshma said:
What is the difference between a malware and a virus?
A virus is actually a kind of malware, that runs on a local machine and copies itself in the permanent storage. Malware also includes Troyan horses (downloadable viruses that communicate with the source machine), worms, time bombs, and others.

Reshma said:
Since it is not possible to break encryption using viruses, that leaves me with one question: Are unencrypted sites more prone to virus?
The answer is NO. The only role of encryption per se is to ensure privacy of exchanged messages, that should be clear to you. Viruses/Troyan horses can enter the machine regardless of whether the data is cyphertext or plaintext. Encryption as a mechanism is also useful for other security objectives (data integrity, authentication, non-repudiation).
 
  • #29
748
4
Thanks for your inputs, Ramollari.
 
  • #30
162
0
And I've certainly never heard anyone claim that port blocking is a form of encryption.

I wasn't speaking of port blocking, but when requiring a set of passwords of which are encrypted so that they cannot be plainely seen, except by the other communicating machine.

the virus would have to interact with both peers on the network, performing a very elaborate middle-man attack,

This is not entirely so, when using a file sharing program, most often the program will merely know your IP, so that someone wanting access to the information being sent could merely "spoof" there IP and pretend they were one of the machines(personaly i would say that the user recieving the file would be the one to spoof, as to promote less work by the middleman in not having to get into the other persons system prior, but to instead just walk into the connect) then simultaniously send it out to the real user spoofing the senders' IP.

I know more about this topic than you do.

I was not claiming your ignorance, I'm merely presenting another side to an arguement, and if you wish to degrade to using pety comments such as this to proove your point, then I no longer have any position in this debate anymore. It was nice, and a great debate while it was being upheld properly. I hope you, Reshma, got the answers you were seeking.
 
Last edited:
  • #31
chroot
Staff Emeritus
Science Advisor
Gold Member
10,239
39
TsunamiJoe said:
I wasn't speaking of port blocking, but when requiring a set of passwords of which are encrypted so that they can be planely seen, except by the other communicating machine.
You didn't realize you were talking about port blocking, but you were. There are no port-level cryptographic authorization schemes. You can deny connections by IP, but that's about it. Anyone can connect to an open port on another machine. Authorization using cryptography is done by a server servicing that port at the application level -- much, much higher than the port itself.
This is not entirely so, when using a file sharing program, most often the program will merely know your IP, so that someone wanting access to the information being sent could merely "spoof" there IP and pretend they were one of the machines(personaly i would say that the user recieving the file would be the one to spoof, as to promote less work by the middleman in not having to get into the other persons system prior, but to instead just walk into the connect) then simultaniously send it out to the real user spoofing the senders' IP.
And where would the real packets go? Would you just use your super-laser-ray and obliterate them off the ethernet wires?
I was not claiming your ignorance, I'm merely presenting another side to an arguement, and if you wish to degrade to using pety comments such as this to proove your point, then I no longer have any position in this debate anymore. It was nice, and a great debate while it was being upheld properly. I hope you, Reshma, got the answers you were seeking.
We're not conducting a debate. You're saying things that are wrong. I, and others, are correcting you. Whether or not it's worth doing, only you can say.

- Warren
 

Related Threads on What is encrypting?

  • Last Post
Replies
11
Views
5K
  • Last Post
Replies
1
Views
2K
  • Last Post
Replies
5
Views
6K
  • Last Post
Replies
1
Views
14K
  • Last Post
Replies
1
Views
2K
  • Last Post
Replies
4
Views
2K
  • Last Post
Replies
6
Views
2K
  • Last Post
Replies
9
Views
10K
F
  • Last Post
Replies
9
Views
3K
  • Last Post
Replies
1
Views
3K
Top