Search content
Sort by
Showing 20 of 91 results by Borilla
Re: How many would be interested to have a device that encrypt directly what u type?
you guys are funny I come with a specific question but you can't help to assume and judge not even answering
I feel sorry for you eckmar, I answered all your questions and you still can't get a clue or pass your own mental restrictions
You legendary badge won't protect from ridicule lol
I erased some answers because otherwise the idea isn't patentable and I just want someone to build it
I feel sorry for you eckmar, I answered all your questions and you still can't get a clue or pass your own mental restrictions
You legendary badge won't protect from ridicule lol
I erased some answers because otherwise the idea isn't patentable and I just want someone to build it
Re: How many would be interested to have a device that encrypt directly what u type?
I had an idea about my device: offer plans to build it yourself. Buy your components, and build it. Reading about Anom today makes me upset that simple multiplication on a device could have prevented all this. Seeing also that so much money is put into security... I don't understand why nobody has built such thing yet.
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
How do you plan to accomplish that without key exchange? One of the most important elements of secure communication is key exchange, there are even algorithms developed to do just that. If you are not going to do that, then you must set a pre shared key when you ship this so called device. Even if you don't do that, and want users to generate keys themselves, what are you going to do then? How are you going to input the public key of other party into the device securely? (Assuming you are talking about asymmetric encryption)
Both generate their own secret and public keys. Then the devices can listen and extract a number from the same source on the internet: like NIST beacon or any blockchain. This is how you can start chatting right away with any one owning the same device.
If the device is connected to the internet, and is getting keys from internet, that defeats purpose of it. Man in the middle attacks are much simpler to perform than breaking the encryption. I think your imagination got away from you, you need to be more realistic.
I was trying to answer your previous question. But maybe a better answer would have been that there's no key exchange. And in order to prevent a future attack the devices listen a common source of entropy. It doesn't matter that everyone knows the source because then the devices use their secret keys. To answer all questions I would have to reveal the whole thing. It's 100% proof. For me it's the only way to have a 100% certainty that your messages are not decrypted. It's encrypted as soon as it leaves your keyboard. It is decrypted in a separate container in the device. You can even use a post quantum encryption. You can change your keys and encryption anytime.
Re: How many would be interested to have a device that encrypt directly what u type?
I had an idea about my device: offer plans to build it yourself. Buy your components, and build it. Reading about Anom today makes me upset that simple multiplication on a device could have prevented all this. Seeing also that so much money is put into security... I don't understand why nobody has built such thing yet.
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
How do you plan to accomplish that without key exchange? One of the most important elements of secure communication is key exchange, there are even algorithms developed to do just that. If you are not going to do that, then you must set a pre shared key when you ship this so called device. Even if you don't do that, and want users to generate keys themselves, what are you going to do then? How are you going to input the public key of other party into the device securely? (Assuming you are talking about asymmetric encryption)
Both generate their own secret and public keys. Then the devices can listen and extract a number from the same source on the internet: like NIST beacon or any blockchain. This is how you can start chatting right away with any one owning the same device.
Re: How many would be interested to have a device that encrypt directly what u type?
I had an idea about my device: offer plans to build it yourself. Buy your components, and build it. Reading about Anom today makes me upset that simple multiplication on a device could have prevented all this. Seeing also that so much money is put into security... I don't understand why nobody has built such thing yet.
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
My device has the convenience to work immediately with no previous data/key shared between the protagonists, with an en/decryption key by key (you can chat live and decrypt any word real time). But a scheme with shared data/key and the whole message encrypted and then decrypted is much simpler to realize and as safe (just less cool)
Re: How many would be interested to have a device that encrypt directly what u type?
You know what you can develop is something that Encrypt the Private Key when you have to "sweep" it from your Paper wallet to your desktop wallet. 
It will be nice if someone will not be able to keylog your Private key, when you are in the process to sweep it from cold storage to your Paper Wallet.
So you can go offline when you "Copy" the Private Key, then this software encrypts it and then you go online again and it is in memory in a encrypted format and once you logged into your Online wallet and you Paste it.. it will decrypt it and insert it in the field to sweep the wallet.
It is always stressful when you have to sweep a wallet and you do not know if it can be intercepted before you are able to sweep it.
It will be nice if someone will not be able to keylog your Private key, when you are in the process to sweep it from cold storage to your Paper Wallet. So you can go offline when you "Copy" the Private Key, then this software encrypts it and then you go online again and it is in memory in a encrypted format and once you logged into your Online wallet and you Paste it.. it will decrypt it and insert it in the field to sweep the wallet.
It is always stressful when you have to sweep a wallet and you do not know if it can be intercepted before you are able to sweep it.
I guess it'd be safer to automatically/manually generate encrypted private keys which can be decrypted with keys you previously generated to use for safe decryption of all your future private keys that are encrypted.
You get the encrypted private keys and decrypt them automatically/manually on very secure devices or on secure physical environments.
This ^ is recommended on well decentralized system (on full node) so that no one ever knows your decryption keys
I think you missed the suggestion that I made...
What I would like to see ..is some kind of method that will enable you to transfer a "Private Key" in a encrypted state, from say a air-gapped computer or a Paper wallet to a online wallet. So you generate or scan the "Private Key" on another "offline" computer and then you encrypt that key ..before you transfer it to the online wallet.
So when you paste that information in the "Private Key" field, you press a combination of keys and it will automatically decrypt it and you can simply press enter to sweep the wallet to the online wallet. (Example : Electrum)
I thought that sweeping private keys meant you sign a transaction that sends all your coins to a new address. Which is safe.
Sending a private key, or even have it on my screen is way to risky for me. But if you had to send something secret , like a key, to an online wallet then this wallet should provide their public key so you can have a secure communication.
Re: How many would be interested to have a device that encrypt directly what u type?
It's for those who don't feel secure about their computers (travelers, paranoiacs...) or need to be 100% sure nobody can read their messages.
So all of them would have to trust and buy your device that is ''100%'' safe?It's much easier to use some open source software that would do the same thing than to buy some device that can have backdoors, hidden code and can be affected by supply chain attacks.
so you prefer using an open source soft wallet over a hard wallet?
any memory in the device could be erased pushing a button, you could also erase all memories but your key
Re: How many would be interested to have a device that encrypt directly what u type?
I don't think that using any device is needed in this case and there are already some software solutions that encrypt anything you type with your keyboard.
Some of them are included in various antivirus packages and there are separate software options like Ghostpress for example, and for Wireless keyboards there are AES encrypted devices.
Using on-screen virtual keyboards like Oxynger KeyShield or something similar also help to protect from different keylogger attacks.
Some of them are included in various antivirus packages and there are separate software options like Ghostpress for example, and for Wireless keyboards there are AES encrypted devices.
Using on-screen virtual keyboards like Oxynger KeyShield or something similar also help to protect from different keylogger attacks.
It's for those who don't feel secure about their computers (travelers, paranoiacs...) or need to be 100% sure nobody can read their messages.
Re: How many would be interested to have a device that encrypt directly what u type?
...
Lets take AES256 as an example. It can encrypt 256 bytes of data at a time, which translates to 64 characters. But the problem with deferring the encryption until the 64th, or generally the Nth, character is:
1) if you do, then the user will not see any of their input until after the Nth character is typed and they're all encrypted at once. This also introduces a problem of "what if N characters are never typed but less than that, should user feedback wait forever?"
2) if you don't and you just pass the N-1 characters to the user before encrypting them all at once on the Nth char, then those characters may have been intercepted by another listening program.
...
Your keyboard sends a signal to your CPU when a key is pressed. This signal is processed as an interrupt which means the processor stops everything it's doing and reads the character from the keyboard. All of this is programmed in the code of the operating system you are running, in assembly language. It's not possible to encrypt anything while this assembly code is running because such functions do not exist in assembly.
There is nothing stopping someone from placing assembly code in that position to read the characters to their own memory.
Lets take AES256 as an example. It can encrypt 256 bytes of data at a time, which translates to 64 characters. But the problem with deferring the encryption until the 64th, or generally the Nth, character is:
1) if you do, then the user will not see any of their input until after the Nth character is typed and they're all encrypted at once. This also introduces a problem of "what if N characters are never typed but less than that, should user feedback wait forever?"
2) if you don't and you just pass the N-1 characters to the user before encrypting them all at once on the Nth char, then those characters may have been intercepted by another listening program.
...
Your keyboard sends a signal to your CPU when a key is pressed. This signal is processed as an interrupt which means the processor stops everything it's doing and reads the character from the keyboard. All of this is programmed in the code of the operating system you are running, in assembly language. It's not possible to encrypt anything while this assembly code is running because such functions do not exist in assembly.
There is nothing stopping someone from placing assembly code in that position to read the characters to their own memory.
the device is between the keyboard and the computer
you seem to assume how it works
you could just encrypt the whole message in the device and send the encrypted message afterwards but it would not allow to fill forms or chat
Re: How many would be interested to have a device that encrypt directly what u type?
It would severely slow down keyboard input because the keyboard driver, which is usually small so that it runs and processes character input quickly, now has to do a round of encryption for every character, not to mention that since the data is just a single byte, you end up wasting more time padding a few hundred more zero bytes at the end just so the cipher can parse the input correctly.
It's not doing a round of so called encryption for every character. And yet you can "encrypt" characters one by one as you type.
Besides, the keyboard input is exposed directly in assembly code immediately after a device interrupt (i.e. you press a key), so the unencrypted value can still be obtained by reading the character from device memory and writing it somewhere else in memory, before the encryption even starts.
I don't understand this sentence. Could you explain?
Not to mention that the keyboard is used as an entropy source so encrypting everything you type isn't possible anyway, without running out of random entropy and then relying on a pseudorandom number generator for encryption instead.
The device would generate random numbers. Re: How many would be interested to have a device that encrypt directly what u type?
I think the most concern with this is that the confusion with utilizing it or something.
These are just some questions that I initially thought of by reading it.
- Would this be installed or portable?
- Applicable on different OS?
- How does it activate?
These are just some questions that I initially thought of by reading it.
The sender needs to send the receiver key into the device and the receiver needs to send the encrypted text into the device. It can be done by pasting the text and the device reads it. Somethings has to be installed.
I just made the proof of concept. I would need help from someone to build it. You plug your keyboard into the device and the device into the computer.
Re: How many would be interested to have a device that encrypt directly what u type?
The recipient can read the original message.
Without the need for a device to decrypt it?You need the a device to decrypt it. You would copy the text and paste it in a box that sends it to the device. You would read the unencrypted text on the device's screen
I don't know if people would be it interested.
It depends on a lot of things...e.g. Open-source software, the whole process itself [for consumers], how that device is going to look, its price, and a few other things.
Personally, I'm not going to use something like that on my main computer, unless I fully trust the provider/manufacturer, but I'd probably buy one to test for fun [If the price is right].
I don't want to lose my time building something people won't buy.
How much you think that device is going to cost for potential buyers out there?How many would be interested to have a device that encrypt directly what u type?
I thought about a device that can encrypt what you type character after character! You type a character it is encrypted directly between your keyboard and your computer. What you see on your screen is another character. The recipient can read the original message. So even if you have a keylogger malware you can send secure messages.
I don't know if people would be it interested. I don't want to lose my time building something people won't buy.
I don't know if people would be it interested. I don't want to lose my time building something people won't buy.
I tried registering with Tor and it took me half an hour to complete all Captcha. Then it said I couldn't post.
Could something be done to use the site using Tor?
I was in the same boat as yourself Borilla because I've registered using my (paid) VPN provider. Since this is a shared IP probably it ended up in a "evil list" as Royse777 rightfully said.Could something be done to use the site using Tor?
In my case I had to pay a small BTC fee to an address that I got whenever I logged in. You basically can't do anything until you pay your fee to the address provided. Upon paying if you wait a while the account will automatically be allowed to post/make threads.
Don't be like myself who waited almost 3 years to activate his account ... ((bells) Shame on me (bells)
I was trying to create a new , more secure, account.
Are you talking about a new account you created?
Possibly you have evil IP. There is a fee to pay for it to whitelist the IP.
Possibly you have evil IP. There is a fee to pay for it to whitelist the IP.
Could something be done to use the site using Tor?
There is a special link which will allow you to bypass the anoying captcha. You will find it once you visit this URL: https://bitcointalk.org/captcha_code.phpyes!
Dites moi,
Si je vais sur compound, que je mets X€ de btc en collateral pour pouvoir emprunter 75%*X€ d'usdt que je transforme ensuite en €, on est d'accord que je ne devrai déclarer aux impôts que les remboursements de ce prêt ? Sinon que leur déclarer??
Y en a t il qui ont essayé cette méthode? Avez vous des infos sur ce sujet car ça semble limite limite mais pouvant permettre de bonnes optimisations ...
Si je vais sur compound, que je mets X€ de btc en collateral pour pouvoir emprunter 75%*X€ d'usdt que je transforme ensuite en €, on est d'accord que je ne devrai déclarer aux impôts que les remboursements de ce prêt ? Sinon que leur déclarer??
Y en a t il qui ont essayé cette méthode? Avez vous des infos sur ce sujet car ça semble limite limite mais pouvant permettre de bonnes optimisations ...
cette astuce est tres connue des ultra-riches avec des comptes fiats. Les banques proposent meme ce "loophole" à leurs clients. Imagine tu as un gros compte en fiat dans un paradis fiscal. Une filiale française de ta banque va te proposer un pret en euro avec comme collatéral ton compte dans le paradis fiscal. Tu peux meme répéter ce schema plusieurs fois. Les autorites savent toutes qu'ils font ça. D'où l'enorme hypocrisie.
No, signing your message. If you're a node, how to be sure you're receiving a message from a certain node and not from a hacker who fakes being this node?
It's not very clear. In your link it says nodes can use TOR. But here https://en.bitcoinwiki.org/wiki/Network it says you know the IP addresses of all your peers.
In your link, at the beginning it says "At the moment, we know about 10,000 nodes that use standard ports and do not try to hide the fact of their existence, so they are easily detected by others. The number of nodes, the access to which is closed, this value exceeds by 5-6 times." This seems to be what I try to understand but it's not understandable. Does it mean there are 10,000 non hidden nodes and 50,000-60,000 hidden ones?
From these two links I'm guessing, nodes are "defined" by their IP addresses or TOR exit addresses, i.e., if you change your address you have to join the network again from start. Right?
Someone malevolent with the list of the nodes addresses could easily attack the network then, no?
I was dreaming of an anonymous decentralized-changeable and trust-less network. It must be possible though...
In your link, at the beginning it says "At the moment, we know about 10,000 nodes that use standard ports and do not try to hide the fact of their existence, so they are easily detected by others. The number of nodes, the access to which is closed, this value exceeds by 5-6 times." This seems to be what I try to understand but it's not understandable. Does it mean there are 10,000 non hidden nodes and 50,000-60,000 hidden ones?
From these two links I'm guessing, nodes are "defined" by their IP addresses or TOR exit addresses, i.e., if you change your address you have to join the network again from start. Right?
Someone malevolent with the list of the nodes addresses could easily attack the network then, no?
I was dreaming of an anonymous decentralized-changeable and trust-less network. It must be possible though...
I know blockchain but I'm really a noob for all internet techs.
My question is simple but not too simple to put in words. Can nodes communicate between each others so they know for sure who they receive message from if the sender wants to be known? (I add the "if the sender..." because theoretically nodes could hide themselves and send anonymously)
Can a node require other nodes to sign their messages. Do they actually do it?
Do they use another technique than signing to be sure who they're communicating with? like I send a code to the address of a node and this node as to send the code back with its message.
If someone malevolent attacks all the nodes at ounce by sending many messages to the nodes. Would they need to all change their addresses and find each other again?
My question is simple but not too simple to put in words. Can nodes communicate between each others so they know for sure who they receive message from if the sender wants to be known? (I add the "if the sender..." because theoretically nodes could hide themselves and send anonymously)
Can a node require other nodes to sign their messages. Do they actually do it?
Do they use another technique than signing to be sure who they're communicating with? like I send a code to the address of a node and this node as to send the code back with its message.
If someone malevolent attacks all the nodes at ounce by sending many messages to the nodes. Would they need to all change their addresses and find each other again?