Today, there are many E2E communication services on the market. These services are claimed to be secure through encryption and other means.

Are these really so?
Is it really end-to-end communication?
Does encryption really prevent information leakage?

Only a few people in the world understand the meaning of these questions.

#informationtheory #telecom #ict
#onetimepad #entropy #infosec #cryptography
#internetprotocol #tcp #udp #web3 #defense #cybersecurity #ddosattacks #ciso #e2e

OOB_Comm is #OneTimePad encrypted messaging and voice communication project. Runs on #Pinephone #reTerminal and various other embedded HW.
#OffTheGrid #Tactical #DFIR #RedTeam

And the answer to the poll is . . . 1882!

Yup, it’s true. Asking someone to disclose their “mother’s maiden name” as a security technique was first publicly described in 1882.

That’s the year Sacramento, CA banker — Frank Miller — published his book titled "Telegraphic Code: To Insure Privacy and Secrecy In The Transmission Of Telegrams."

This was the same book which described the first concept and implementation of the One-Time Pad.

Frank and his fellow banker buddies conducted high finance over the Internet of their day, the Telegraph, which was considered by many to be completely insecure; about as private as sending a postcard.

How did you transfer loads of your employer’s money securely over an insecure means of communication?

You used a telegraphic code book and combined it with other layers of security. Big $$$$s were involved, and no one wanted — then or now — to be the one who screwed up a transaction.

So “mother’s maiden name” became one of the layers of security used in money transfers.

As they said on Battlestar Galactica: “All this has happened before, and all this will happen again.”

Interesting how things seem to repeat over and over.

Thanks to everyone who voted in the Poll!

#Infosec
#Cybersecurity
#MothersMaidenName
#InfosecTraining
#OneTimePad

It annoys me how many overcomplicated nonsense schemes for #wireless & #bluetooth security there are and how brittle they end-up being.

Why isn't it standard yet to just plug two devices together, generate a few hundred megabytes of #OneTimePad frames for communication and then using that?

Am I missing some glaring flaw in this idea?

#Security #Cryptography

WHO DID IT?

One of our information security “ancestors” invented the world’s only completely secure means of communication. And now we’re surrounded — night and day — by the “descendants” of that technology in new forms. It keeps our online transactions safe, and may have a renewed importance as we enter the quantum computing era.

We thought we knew who invented it, but history had a trick or two up its sleeve. It’s a bit like the mystery murder game, Clue.

➡️​ Who?
➡️​ What?
➡️​ When?
➡️​ Where?
➡️​ Why?
➡️​ How?
➡️​ How Secure Was It?
➡️​ Was It Commercially Successful?
➡️​ What Was The Underlying Technology?
➡️​ How Efficient Was Its Use? (always inefficient, or could it be massively efficient?)

Answers to all of these questions have been updated in the past 12 years.

I asked an infographic designer to create a comparison between our Old Understanding (invented in 1917) vs. our New Understanding (happened 35 years earlier, in 1882).

This is the first draft. I’m not a huge fan of the all-caps text. I'm really open to your suggestions or thoughts to make this more useful, so please feel free to chime in.

#OneTimePad
#Infosec
#infoGraphics
#Cryptography

The fact that you are not aware of any harm does not mean that there are no serious issues.

#OneTimePad
#cryptgraphy
#standard

WHO DID IT?

One of our information security “ancestors” invented the world’s only completely secure means of communication. And now we’re surrounded — night and day — by the “descendants” of that technology in new forms. It keeps our online transactions safe, and may have a renewed importance as we enter the quantum computing era.

We thought we knew who invented it, but history had a trick or two up its sleeve. It’s a bit like the mystery murder game, Clue.

➡️​ Who?
➡️​ What?
➡️​ When?
➡️​ Where?
➡️​ Why?
➡️​ How?
➡️​ How Secure Was It?
➡️​ Was It Commercially Successful?
➡️​ What Was The Underlying Technology?
➡️​ How Efficient Was Its Use? (always inefficient, or could it be massively efficient?)

Answers to all of these questions have been updated in the past 12 years.

I asked an infographic designer to create a comparison between our Old Understanding (invented in 1917) vs. our New Understanding (happened 35 years earlier, in 1882).

This is the first draft. I’m not a fan of the all-caps text. If you have any suggestions or thoughts to make this more useful, please feel free to chime in.

#OneTimePad
#Infosec
#infoGraphics
#Cryptography

Journey into cryptography | Computer Science | Khan Academy

#OneTimePad
die abgefahrendste Verschlüsselung wo es auch ne Android App gibt.

https://invidious.snopyta.org/watch?v=FlIG3TvQCBQ
https://www.youtube.com/watch?v=FlIG3TvQCBQ

One Time Pad App Android
Hat 2 Tracker von google. Darum Internet sperren, braucht die App nicht.
https://play.google.com/store/apps/details?id=com.rrivenllc.otp

Journey into cryptography | Computer Science | Khan Academy

#OneTimePad
die abgefahrendste Verschlüsselung wo es auch ne Android App gibt.

https://www.youtube.com/watch?v=FlIG3TvQCBQ
https://www.youtube.com/watch?v=FlIG3TvQCBQ

One Time Pad App Android
Hat 2 Tracker von google. Darum Internet sperren, braucht die App nicht.
https://play.google.com/store/apps/details?id=com.rrivenllc.otp

And the answer to the poll is . . . 1882!

Yup, it’s true. Asking someone to disclose their “mother’s maiden name” as a security technique was first publicly described in 1882.

That’s the year Sacramento, CA banker — Frank Miller — published his book titled "Telegraphic Code: To Insure Privacy and Secrecy In The Transmission Of Telegrams."

This was the same book which described the first concept and implementation of the One-Time Pad.

Frank and his fellow banker buddies conducted high finance over the Internet of their day, the Telegraph, which was considered by many to be completely insecure; about as private as sending a postcard.

How did you transfer loads of your employer’s money securely over an insecure means of communication?

You used a telegraphic code book and combined it with other layers of security. Big $$$$s were involved, and no one wanted — then or now — to be the one who screwed up a transaction.

So “mother’s maiden name” became one of the layers of security used in money transfers.

As they said on Battlestar Galactica: “All this has happened before, and all this will happen again.”

Interesting how things seem to repeat over and over.

#Infosec
#Cybersecurity
#MothersMaidenName
#InfosecTraining
#OneTimePad

Mais si, avec la #Covid19, le #masquejetable se généralise, est-ce qu'on peut espérer une amélioration de la #sécurité du #chiffrement des #télécommunications ? #onetimepad #cryptologie #candide

@eliotberriot@mastodon.eliotberriot.com @dansup

Well, yes. On #Nextcloud I use a Google Authenticator compatible #FOSS #2fa app called #OneTimePad. There are numerous others.

It's just sad to see people being pushed to proprietary options with no mention of any of the perfectly capable FOSS optionals that are available.