Hacker News new | ask | show | jobs
by aziaziazi 1162 days ago
Can someone explain me why this is downvoted ? In my understanding his proposition about NSA is quite close to a popular one and hn seems to allow discussion of hypothesis - if they are more probable than imaginary ?

Is it the word propaganda that patriots dislike ? Not sure if some soviet connotation is involved in US but for me it’s just a synonym of “public lobbying” of “ideology gov marketing”.

I know those subjects can become polemic and I don’t want to throwing oil on the fire, but an “out of debate” clarification would be nice and helpful.
2 comments
pffft8888 1162 days ago
The worst thing about HN (and it does reflect badly on YC as a whole, at least for me) is how they enable people to act in seemingly passive aggressive ways. Instead of stating disagreements, they downvote, and you'll never know why. Just pure crappy behavior. In this case, someone explained below that they downvoted because they don't agree that the article is propaganda and that it calls for less backdoors or something like that as if everything isn't backdoored already, one way or another.

Then you have stuff like BIP39 protecting people's money (cryptocurrency) that can be cracked for $350/hr on GPU rigs. Someone even wrote a how-to.

Current security makes it harder, but not sufficiently harder, to break into systems. I mean... HN crowd is probably high schoolers and non-tech people just out here to argue.

link
nl 1162 days ago
> Then you have stuff like BIP39 protecting people's money (cryptocurrency) that can be cracked for $350/hr on GPU rigs

This doesn't appear to be true (in the sense that yes it is feasible to crack 4-word BIP pass phrases, but all wallets that I'm aware of use at least 6 words, which is estimated to take 11 years for a hypothetical ASIC cracker)

https://coldbit.com/can-bip-39-passphrase-be-cracked/

Perhaps you are meaning this attack where someone was able to brute-force 4 words from a 12 words phrase. It matches your $350 cost, but of course is dramatically different to "cracking BIP39": https://medium.com/@johncantrell97/how-i-checked-over-1-tril...

link
pffft8888 1162 days ago
2048 words in 6 positions is simply not enough entropy for the NSA's encryption cracking infrastructure. If it is worth it they'll crack it. The NSA does not use a single ASIC cracker.
link
nl 1161 days ago
That's an extremely different proposition. Pretty sure the NSA isn't into stealing bitcoins.
link
pffft8888 1160 days ago
That's 66 bits of entropy. With a quantum computer having 66 logical (error corrected) qubits, the pass phrase can be cracked in under a day.

That's not too far off, maybe a few years before one is commercially available.

link
nl 1162 days ago
It's because it's another conspiracy theory unsupported by evidence.

The encryption algorithms in CNSA are broadly accepted by the security community. Just saying "NSA backdoor" is a cheap shot.

link
aziaziazi 1162 days ago
> unsupported by evidence

Depending on what you accept as an evidence, but this theory is surely supported by precedent(s?) [0]

Just saying “another conspiracy theory” is a cheap shot : conspiracy are bad and should be fought. Theories are a useful process to make knowledge advance. Conspiracy theories are often discussed in an awful way on social medias, can’t HN do better than just downvoted them ?

[0] https://www.theguardian.com/books/2014/may/12/glenn-greenwal...

link
blatant303 1162 days ago
This guy is still around on 4chan:

https://twitter.com/4chan_greentext/status/84511828265908224...

link
nl 1161 days ago
See this is a great example of the problem.

1) Did NSA modify Cisco routers? Yes

2) Did NSA get a backdoor in Dual EC_DRBG? Yes

3) Did NSA get a backdoor in the CNSA algorithms? There is no evidence to suggest they have and plenty the other way.

The original claim was (3) but the "NSA does stuff" thing overrides any attempt at discussion of that specific piece of misinformation.

link
harry8 1162 days ago
>It's because it's another conspiracy theory unsupported by evidence.

I'm having a hard time keeping up with it all, it's nuts. But my understanding is that the NSA backdooring protocols is totally supported by evidence? We saw it in the Snowden revelations? RSA being the company nobody will ever trust again?

Is that all wrong somehow?

link
nl 1162 days ago
> backdooring protocols is totally supported by evidence

It's important to be very precise.

I think you might be confusing backdooring specific pieces of software produced by RSA-the-company (specifically things using Dual EC_DRBG) with the RSA algorthim that company is named after, which is included in the CNSA.

Dual EC_DRBG was a bad algorithm which many people had serious doubts about from the start - and indeed it was backdoored by NSA. That is different to the algorithms in CNSA which (as I said earlier) are well regarded by the same security researchers.

There is no evidence (or serious claims) that the RSA-algorithm is backdoored.

link
pffft8888 1161 days ago
get it from the horse's mouth, as they say... instead of baselessly pontificating on HN and not understanding the diff between algorithm and implementation
link
pffft8888 1162 days ago
not the algorithm. the various implementations of it. evidence? ask a friend.
link