|
|
Post by c64 on Jan 18, 2013 19:55:22 GMT
I am reminded of the security system my high school band teacher used for his Volkswagen Beetle: it was a 15 year old Volkswagen Beetle. My car is well over 20 years old, it is it's own theft protection  . Well, two years ago, someone broke into my car obviously looking for a GPS unit. All which was missing were two sandwiches and a bottle of cola! |
|
|
|
Post by silverdragon on Jan 19, 2013 5:51:13 GMT
And as I said above, modern anti-nasty software works on "Trends", if it spots activity that IS someone "Brute forcing" an encrypted file, it will lock that file....
Therefore, modern encryption relies on being able to spot someone trying to pick the lock.
The lock is important, but, now, spotting the lock pick is MORE important....
|
|
|
|
Post by silverdragon on Jan 19, 2013 5:59:27 GMT
My car is a Toyota...
It doesn't have that ring of betrayal on the windscreen that is the remains of a sat-nag suction cup that has been removed... that is what the thieves look for, the holder, or the ring on the windscreen where it was... that says you have one and its now probably in the glove box.
My car doesnt look like its up to much.
Its therefore a "Low risk" car to drive, because no one wants to steal it.... so it will be there when I want it...
I used to own a Lada. Parked on a busy street with plenty of passing people.
For interests sake, I left the doors unlocked and some keys in the ignition one night, the battery was removed and they were the wrong keys anyway, but I had a Video cam watching...
No one took any interest at all.
Car security is more about what you drive over how and where you leave it?....
If it was a beamer (BMW) someone would have at least had a look inside to see what I may have left in the glove box....
|
|
|
|
Post by the light works on Jan 19, 2013 9:21:06 GMT
I am reminded of the security system my high school band teacher used for his Volkswagen Beetle: it was a 15 year old Volkswagen Beetle. My car is well over 20 years old, it is it's own theft protection . Well, two years ago, someone broke into my car obviously looking for a GPS unit. All which was missing were two sandwiches and a bottle of cola! a fellow I knew carried what he called Portland Insurance. it consisted of leaving his passenger door unlocked and a handful of change in the glovebox. it cost him a couple handfuls of change, but he never had to replace a broken window or car stereo. |
|
|
|
Post by c64 on Jan 19, 2013 16:31:46 GMT
My car is a Toyota... It doesn't have that ring of betrayal on the windscreen that is the remains of a sat-nag suction cup that has been removed... that is what the thieves look for, the holder, or the ring on the windscreen where it was... that says you have one and its now probably in the glove box. My car doesnt look like its up to much. Its therefore a "Low risk" car to drive, because no one wants to steal it.... so it will be there when I want it... I used to own a Lada. Parked on a busy street with plenty of passing people. For interests sake, I left the doors unlocked and some keys in the ignition one night, the battery was removed and they were the wrong keys anyway, but I had a Video cam watching... No one took any interest at all. Car security is more about what you drive over how and where you leave it?.... If it was a beamer (BMW) someone would have at least had a look inside to see what I may have left in the glove box.... The GPS unit came with a suction cup holder but I converted it to be magnetic and attach to a magnet hidden beneath the dash (can also hold pens but you shouldn't try a laptop). They just open any car they can open easily and just look if they find something of value. In my case, the sandwiches and the cola was the most valuable items. According to the police, they even break into cars (and often throw in a window) if you have coins in the shopping cart coin holder. |
|
|
|
Post by c64 on Jan 19, 2013 16:36:18 GMT
And as I said above, modern anti-nasty software works on "Trends", if it spots activity that IS someone "Brute forcing" an encrypted file, it will lock that file.... Therefore, modern encryption relies on being able to spot someone trying to pick the lock. The lock is important, but, now, spotting the lock pick is MORE important.... Data isn't self aware. If you managed to download encrypted files or intercepted them - or stolen them by copying the HDD or whatever - you have as many attempts as you like to break the code! Locking data can only be done for accounts or file transfer protocols. The interesting part of the research facility I had worked for was that you couldn't log in over the internet at all. You had to dial up the server and dial in a code, too. Then the server finds out your telephone number, looks onto its white list and then calls you back. You either just work with the phone line or get "a ton" of keys for a PGP tunnel you can use for your high speed internet access. |
|
|
|
Post by silverdragon on Feb 7, 2013 10:26:36 GMT
Modern Security... data FILES can be made self-aware.
I have seen research into files that know the serial number of the data drive they are on, and use that as part of the encryption process.
Therefore, if you copy them anywhere, the "key" password you have to unlock them is now invalid.
You then have the ability to disable copy on certain files.... as you said....
Take a look at how Microbodge do this with XBox, If you are not "Signed on" as the user that owns a "save" file, you can not transfer it anywhere.......
I do not fully understand how far research has got with this, but security, if you want it, can make data secure.
The main objective is to not allow "hackers" to get as far as the files in the first place, and then make those files "Owned"
There is the ability to lock files with an intelligent lock that CAN sense the attempt to hack... put a timeout on attempts, and say after 10 attempts, invalidate any future attempts....
This is to prevent "Forcing" of passwords by multiple attempts.....
I have files that are on my own computer, part of the anti-Virus internet security that I run, that I CAN NOT hack into....
And trust me, I have tried....
I am a Beta tester, and one of my requests as a beta tester was to attempt by any means possible hacking of internet security files.
There is a place I will not mention where such requests are discussed on a message board such as this, and a "Community" attempt is made to break the software under testing....
It is sanctioned by the creators of the software, of course...
If WE cant break it, then they can presume it will be "safe" out in the wild?....
|
|
|
|
Post by c64 on Feb 7, 2013 13:43:22 GMT
Modern Security... data FILES can be made self-aware. I have seen research into files that know the serial number of the data drive they are on, and use that as part of the encryption process. Therefore, if you copy them anywhere, the "key" password you have to unlock them is now invalid. You then have the ability to disable copy on certain files.... as you said.... Take a look at how Microbodge do this with XBox, If you are not "Signed on" as the user that owns a "save" file, you can not transfer it anywhere....... I do not fully understand how far research has got with this, but security, if you want it, can make data secure. The main objective is to not allow "hackers" to get as far as the files in the first place, and then make those files "Owned" There is the ability to lock files with an intelligent lock that CAN sense the attempt to hack... put a timeout on attempts, and say after 10 attempts, invalidate any future attempts.... This is to prevent "Forcing" of passwords by multiple attempts..... I have files that are on my own computer, part of the anti-Virus internet security that I run, that I CAN NOT hack into.... And trust me, I have tried.... I am a Beta tester, and one of my requests as a beta tester was to attempt by any means possible hacking of internet security files. There is a place I will not mention where such requests are discussed on a message board such as this, and a "Community" attempt is made to break the software under testing.... It is sanctioned by the creators of the software, of course... If WE cant break it, then they can presume it will be "safe" out in the wild?.... Files are not self aware, that would require that a file would have its own processing power which it doesn't have, data is just information and doesn't come with hardware! What happens here is that the file is encrypted and the decryption process involves the serial number of the HDD or other information found in the computer or another file. You can still brute force the file or if you know how the encryption process works gather the encryption key by hacking the system. The Anti-Virus stuff makes use of the protected mode of the IBM 386 (or better) architecture. The anti Virus software operates on level 0 of the CPU and the OS runs on level 1, the user Applications are level 4. The lower security level can define what other levels can access and what they can't access. Hackin this is relative easy but you need physical access to the machine, a remote access (level 1 at best) or a Virus activated by User level 4 can't do that. After installing a so called "Root kit", you are level 0 and everything else moves down a level. Then you are "the emperor of the system" and can access and manipulate anything you like. The best the Anti-Virus system can do is to notice that it's not running on level 0 using some rather complex tricks and give you a warning. |
|
|
|
Post by silverdragon on Feb 13, 2013 9:04:42 GMT
The best the Anti-Virus can do is deny any root kit activity.
|
|
|
|
Post by c64 on Feb 13, 2013 13:23:54 GMT
The best the Anti-Virus can do is deny any root kit activity. Ideally by being its own root-kit running the OS in its "Sandbox". But when the machine is compromised, the Anti-Virus system can be put in its own sandbox as well! There's a bunch of clever tricks asking the OS the same question in different ways to know that something is cheating proper root access by receiving slightly different answers. The methods need to be ever changing of course or a good Virus can make sure to make the Anti-Virus system happy. |
|
|
|
Post by silverdragon on Feb 14, 2013 7:22:13 GMT
This is why newer Anti-Nasty internet security suites look for certain actions certain trends and certain activity known to create problems and stop it before it creates a problem.
|
|
. Well, two years ago, someone broke into my car obviously looking for a GPS unit. All which was missing were two sandwiches and a bottle of cola!