[liberationtech] Encrypted Pastebins: Attack Vectors against ezcrypt.it and 0bin.net
coderman
coderman at gmail.com
Wed Jan 15 01:34:01 PST 2014
On Tue, Jan 14, 2014 at 6:44 PM, Uncle Zzzen <unclezzzen at gmail.com> wrote:
>
>> 3. "Passive" global adversary attack:
>>
> As long as the JS is what the owner claims it is (assuming it's code that
> has been peer reviewed enough according to your standards), it doesn't
> matter whether they confiscate the hard drive or just listen.
i hate the term "passive global adversary". the adversary active
across the global theater is able and active.
also, you're wrong three ways:
1) if entropy is compromised (see history of RNG tampering) this
assumption is actionable-ly false. don't get me started on the
OpenSSL/* RDRAND fiasco...
2) "JS is what the owner claims it is" is suspect in BULLRUN situation
where private keys pilfered. (not to mention all the other subversive
techniques applied)
3) the attack surface of the browser. nuff said! (or said again,
"just listen" is only harmless if no prior active intervention has
occurred)
More information about the liberationtech
mailing list