Thread replies: 17
Thread images: 2
Thread images: 2
Anonymous
AES128 is dead, your connection is comprimised 2017-07-21 09:44:57 Post No. 61486974
[Report] Image search: [Google]
AES128 is dead, your connection is comprimised 2017-07-21 09:44:57 Post No. 61486974
[Report] Image search: [Google]
File: 1487662587996.jpg (96KB, 675x900px) Image search:
[Google]
96KB, 675x900px
AES128 is dead, your connection is comprimised
Anonymous
2017-07-21 09:44:57
Post No. 61486974
[Report]
Friendly reminder that AES128 - the encryption algorithm that you use to connect to this site and the algorithm that you probably use to encrypt your stuff - is broken.
https://blog.cr.yp.to/20151120-batchattacks.html
Every though most sites support it, why doesn't Mozilla and Chromium try to use Curve25519 and Chacha20 instead of the backdoored NIST curves and the broken AES128? I wonder.'
Fuck captcha btw, why isn't nojs legacy allowed for creating a thread?
>>
File: 1500586509787.jpg (153KB, 1280x720px) Image search:
[Google]
153KB, 1280x720px
>>61486974
>tfw OP posts a coherent thread about an interesting, relevant news topic that will enlighten many fellow anons, and he appears somewhat knowledgeable & logical in the process
well look at you, mr. unicorn
>>
>>61487204
Didn't know he had a cute doggo.
>>
>>61487204
>>61487216
yeah, he revealed the pupper in one of his recent videos
this is kinda random, but I'm curious...
in this sentence:
>tfw OP posts a coherent thread about an interesting, relevant news topic that will enlighten many fellow anons, and he appears somewhat knowledgeable & logical in the process
would this:
>tfw OP posts a coherent thread about an interesting, relevant news topic that will enlighten many fellow anons; appearing somewhat knowledgeable & logical in the process
be more grammatically correct?
-my shit English question to bump the thread
>>
>>61487330
EHHHHHH
Wrong.
>>
>>61487345
>yeah, he revealed the pupper in one of his recent videos
I will go and watch it :3
thanks
>>
>>61487349
show me the correct way than lol
>>
>>61487364
I can', you deleted your post.
>>
>>61487372
yeah, I made a mistake and reposted here:
>>61487345
>>
What about AES256?
>>
>>61487377
I'd have stuck with a normal , and not a ;. It's just a message board.
>>
>>61486974
>why doesn't Mozilla and Chromium try to use Curve25519 and Chacha20 instead of the backdoored NIST curves and the broken AES128?
Performance. It's always performance. People still use that as an excuse for not doing TLS at all. They bitch about 1% extra CPU load. They bitch about one round trip. They bitch about everything that makes them need more than an RPi to host their site.
I read somewhere that AES is only faster for desktop chips with AES-NI and mobile clients will get chacha20 preferred. I haven't tested that, and I've only ever seen one site on my desktop (some security dude's blog, unsurprisingly) negotiate chacha20. I've seen a few other private sites negotiate AES256, but "professional", for-profit sites almost invariably negotiate 128.
I wonder if I'll ever see something negotiate something else, like 192. Probably not, I think they killed those in TLS 1.2.
>>
>>61487345
Well, the former, to my layman eyes, strikes me as grammatically correct.
The conjunction "and" can tie together two independent clauses, which is basically what OP did, but I would imagine the second sentence is also reasonable.
>>
>>61486974
The goal here is to make security as poor as possible that way they can sell your data. That's why the push for JS, drm in browser, Windows, banning encryption, Google captcha.
>>
>>61488850
mozilla releases drm free firefox tho
>>
>2015
>>
>>61488850
> poor encryption to the server
> thus they can sell your data
OP is about ssl, not end to end.
Thread posts: 17
Thread images: 2
Thread images: 2