Private data protection.
rjoshi31 at gmail.com
Sun Jun 1 11:15:13 CEST 2008
Good info there from wiki. So, if someone were THAT (9 days) serious about
getting the data, he might as well re-flash the whole phone to avoid any
trace-backs, destroy root-kits etc. I know I would do that.
Which again brings us back to the same point, as the thread says... of DATA
protection and not the phone itself. If I am a data thief why will I bother
keeping the SD card on the phone. I will simply take it out, put it in my
memory card reader and start hacking it. The only way I wont be able to get
it (easily) if the data on the SD card itself was
hidden/encrypted/unreadable. We have to isolate the phone from data here.
On Sun, Jun 1, 2008 at 4:38 AM, Ilja O. <vrghost at gmail.com> wrote:
> On Sat, May 31, 2008 at 8:13 PM, Rahul Joshi <rjoshi31 at gmail.com> wrote:
> > I'm no security expert but I'm pretty sure a lightweight 8 bit salt
> > encryption (security guys?) can give any dektop pc software enough
> > to abort the attempt of trying to read a 256 meg worth of datacard,
> > it really belongs to the director operations FBI ;)
> <shamelesly edited copy from wikipedia>
> Assume a user's secret key is stolen and he is known to use one of
> 200,000 English words as his password. The system uses a 8-bit salt.
> The amount of combinations is 256*200000 = 51200000.
> </shamelesly copy from wikipedia>
> If attacker chacks one hash per second and has 64-core beowulf
> cluster it will require 9 days to check all possible combinations.
> That's not so much, imo.
> Also, processors are cheap these days one guy  has build 96-core
> machine (for unknown price).
>  http://helmer.sfe.se/
> Openmoko community mailing list
> community at lists.openmoko.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the community