Git-Mirrors
/
into-the-crypt
mirror of https://0xacab.org/optout/into-the-crypt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Nod to the real journalists

This commit is contained in:
arcanedev 2023-01-30 01:04:21 +00:00
parent d7b9e628e3
commit 515ba5c564
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -532,7 +532,7 @@ Here's a simple step-by-step method on how a journalist could set up a poisoned
6. Share or publish the PDF document in a secure manner, making sure that the recipient is aware of the hidden marker and knows how to verify its presence.
7. Periodically check the PDF document to ensure that the hidden marker is still present. If the hidden marker is not present, it would indicate that the document has been tampered with, and the journalist can choose not to trust the information it contains.
As mentioned with many other topics throughout this writing, canaries are not infallible and should not be relied upon solely. They play a part in the security ecosystem that could help determine tampering or interference with documents, services, and infrastructure.
As mentioned with many other topics throughout this writing, canaries are not infallible and should not be relied upon solely. They play a part in the security ecosystem that could help determine tampering or interference with documents, services, and infrastructure.
## Play on Resources
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft,[^46] "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512."
@ -738,7 +738,11 @@ For the dissidents:
*"In a nation of frightened dullards, there is a shortage of outlaws, and those few who make the grade are always welcome."* - Hunter S. Thompson
For the hollow men (federal agents or contractors) who stumbled upon my work by investigation or happenstance:
For the journalists:
*"Veritatem cognoscere ruat cælum et pereat mundus." | "Know the truth, though the heavens may fall and the world burn."*
And for the hollow men (federal agents or contractors) who stumbled upon my work by investigation or happenstance:
*"If ye love wealth better than liberty, the tranquility of servitude better than the animating contest of freedom, go home from us in peace. We ask not your counsels or arms. Crouch down and lick the hands which feed you. May your chains set lightly upon you, and may posterity forget that ye were our countrymen."* - Samuel Adams