Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.misc > #36682 > unrolled thread

Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON

Back to article view | Back to comp.os.linux.misc

Contents

  Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-01-14 00:28 -0500
    Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Computer Nerd Kev <not@telling.you.invalid> - 2023-01-14 17:18 +1000
    Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 11:32 +0000
      Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-01-14 18:26 -0500
        Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Richard Kettlewell <invalid@invalid.invalid> - 2023-01-15 15:28 +0000
          Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-01-16 00:48 -0500
            Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Richard Kettlewell <invalid@invalid.invalid> - 2023-01-16 15:15 +0000
            Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON not@telling.you.invalid (Computer Nerd Kev) - 2023-01-17 07:45 +1000
              Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON The Natural Philosopher <tnp@invalid.invalid> - 2023-01-17 06:51 +0000
                Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2023-01-17 19:06 +0000
                  Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON The Natural Philosopher <tnp@invalid.invalid> - 2023-01-18 09:23 +0000
                Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-01-18 00:19 -0500
                  Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON The Natural Philosopher <tnp@invalid.invalid> - 2023-01-18 09:25 +0000
                    Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-01-19 23:56 -0500
                      Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Richard Kettlewell <invalid@invalid.invalid> - 2023-01-20 08:47 +0000
                        Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON "26C.Z968" <26C.Z968@noaada.net> - 2023-02-01 00:53 -0500
                          Re: Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON Richard Kettlewell <invalid@invalid.invalid> - 2023-02-01 08:34 +0000

#36682 — Danger Will Robinson ! Aussies Invent Gigabit Quantum-Computing Method, ALL Encryption At Risk SOON

https://phys.org/news/2023-01-method-billion-qubit-quantum-chips-closer.html

Australian engineers have discovered a new way of precisely
controlling single electrons nestled in quantum dots that
run logic gates. What's more, the new mechanism is less
bulky and requires fewer parts, which could prove essential
to making large-scale silicon quantum computers a reality.

The serendipitous discovery, made by engineers at the quantum
computing start-up Diraq and UNSW Sydney, is detailed in the
journal Nature Nanotechnology.

"This was a completely new effect we'd never seen before,
which we didn't quite understand at first," said lead author
Dr. Will Gilbert, a quantum processor engineer at Diraq, a
UNSW spin-off company based at its Sydney campus. "But it
quickly became clear that this was a powerful new way of
controlling spins in a quantum dot. And that was super exciting."

. . .

   Wasn't long ago IBM was renting time on it's super-duper
   EIGHT-qBit box - and interesting things were done with it.

   Now it looks like a giga-qBits are within reach.

   First up, all conventional coding schemes are TOAST.
   The Russians and Chinese WILL get their hands on the
   first pre-production samples to come off the line.
   And in a few years the Chinese will be making 10 or
   100 giga-qBit knock-offs, for their military AI ....

AND

https://www.dailymail.co.uk/sciencetech/article-11628963/The-Quantum-Apocalypse-just-YEARS-away-experts-say.html

The Quantum Apocalypse — when encryption banking stops working and the 
world's savings could evaporate — is 'just YEARS away', experts say

Experts warn a 'Quantum Apocalypse' could make everyone's data vulnerable

Quantum computers may become powerful enough to break all
encryptions

This will lead to exposure of sensitive information such as
banking details

. . . . . . . .

   As soon as quantum-computing was realized, it was also
   realized that conventional encryption methods would be
   very vulnerable to this computational approach. This
   was back when qPCs were just a FEW q-bits. Now the
   Aussies seem to have found an approach to millions,
   billions, of qbit processing. The Evil People WILL
   snatch pre-production versions ... the Chinese will
   just steal the technique and start making/improving
   their own.

   Long back it was suggested that there could be
   encryption methods resistant to qPCs, capitalizing
   on what they're NOT good at.

   Whether anybody ever PERFECTED such methods - and
   could make them run on conventional processors -
   is unclear.

   If said methods do NOT exist then all encryption-based
   safety DISAPPEARS - and I'd agree that we're talking just
   a few years.

   Also, deep-fake video can now be complimented with
   deep-fake audio via Microsoft's VALL-E audio-mimicry
   app.

https://techxplore.com/news/2023-01-microsoft-vall-e-faithfully-voice.html

A team of researchers at Microsoft has demonstrated a new AI
system that is capable of mimicking a person's voice after
training with a recording just three seconds long. The team
explains developing the new app in a paper published on the
arXiv preprint server. They have also posted a webpage
demonstrating the app's capabilities.

   We have a problem.

[toc] | [next] | [standalone]

#36686

26C.Z968 <26C.Z968@noaada.net> wrote:
> 
> https://phys.org/news/2023-01-method-billion-qubit-quantum-chips-closer.html
> 
> Australian engineers have discovered a new way of precisely
> controlling single electrons nestled in quantum dots that
> run logic gates. What's more, the new mechanism is less
> bulky and requires fewer parts, which could prove essential
> to making large-scale silicon quantum computers a reality.
> [snip]
>   First up, all conventional coding schemes are TOAST.

I don't believe quantum computers are intended to replace
conventional computers entirely, they're just much faster at
some specific tasks, so no.

>   The Russians and Chinese WILL get their hands on the
>   first pre-production samples to come off the line.
>   And in a few years the Chinese will be making 10 or
>   100 giga-qBit knock-offs, for their military AI ....

It sounds like that's still some time away. As it's an Australian
invention, odds are that the Chinese will indeed end up building
the end product instead of us Aussies though (grumble).

>   As soon as quantum-computing was realized, it was also
>   realized that conventional encryption methods would be
>   very vulnerable to this computational approach. This
>   was back when qPCs were just a FEW q-bits. Now the
>   Aussies seem to have found an approach to millions,
>   billions, of qbit processing. The Evil People WILL
>   snatch pre-production versions ... the Chinese will
>   just steal the technique and start making/improving
>   their own.

I bet the NSA will be the first in any case. For that matter maybe
their own IARPA scientists already figured this out years ago and
their research was just kept secret.

"IARPA is a major funder of quantum computing research due to its
 applications in quantum cryptography. As of 2009, IARPA was said
 to provide a large portion of quantum computing funding resources
 in the United States."
 https://en.wikipedia.org/wiki/IARPA#Research_fields

>   Long back it was suggested that there could be
>   encryption methods resistant to qPCs, capitalizing
>   on what they're NOT good at.
> 
>   Whether anybody ever PERFECTED such methods - and
>   could make them run on conventional processors -
>   is unclear.

https://en.wikipedia.org/wiki/Post-quantum_cryptography

At worst it might need an extra chip for increased speed.
https://spectrum.ieee.org/risc-v-chip-delivers-quantum-resistant-encryption

>   Also, deep-fake video can now be complimented with
>   deep-fake audio via Microsoft's VALL-E audio-mimicry
>   app.
> 
> https://techxplore.com/news/2023-01-microsoft-vall-e-faithfully-voice.html
> 
> A team of researchers at Microsoft has demonstrated a new AI
> system that is capable of mimicking a person's voice after
> training with a recording just three seconds long. The team
> explains developing the new app in a paper published on the
> arXiv preprint server. They have also posted a webpage
> demonstrating the app's capabilities.

You can't trust audio recordings of people anyway, just due to
editing.

-- 
__          __
#_ < |\| |< _#

[toc] | [prev] | [next] | [standalone]

#36689

"26C.Z968" <26C.Z968@noaada.net> writes:
> https://phys.org/news/2023-01-method-billion-qubit-quantum-chips-closer.html
[...]
>   Wasn't long ago IBM was renting time on it's super-duper
>   EIGHT-qBit box - and interesting things were done with it.
>
>   Now it looks like a giga-qBits are within reach.
>
>   First up, all conventional coding schemes are TOAST.

Not all. A cryptographically relevant quantum computer (CRQC) would
completely break classical asymmetric schemes but only halve the
strength of symmetric schemes. AES-128 will start to look risky but
AES-256 will remain unassailable[1].

Quantum-safe replacements for asymmetric schemes are well underway. You
can use LMS/HSS and XMPP today, though you will need to think carefully
about state management, and IIRC some requirements to use LMS are coming
down the line in certain contexts. Looking further ahead several
stateless schemes are currently undergoing standardization. We don’t
know when a CRQC will be built but both standards/compliance bodies and
implementors are taking the prospect very seriously.

[1] assuming correct implementation, absence/mitigation of side
    channels, proper use of authenticated encryption - all the stuff we
    already need for a block cipher anyway.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]

#36697

On 1/14/23 6:32 AM, Richard Kettlewell wrote:
> "26C.Z968" <26C.Z968@noaada.net> writes:
>> https://phys.org/news/2023-01-method-billion-qubit-quantum-chips-closer.html
> [...]
>>    Wasn't long ago IBM was renting time on it's super-duper
>>    EIGHT-qBit box - and interesting things were done with it.
>>
>>    Now it looks like a giga-qBits are within reach.
>>
>>    First up, all conventional coding schemes are TOAST.
> 
> Not all. A cryptographically relevant quantum computer (CRQC) would
> completely break classical asymmetric schemes but only halve the
> strength of symmetric schemes. AES-128 will start to look risky but
> AES-256 will remain unassailable[1].

   Apparently this is your area of expertise ... and I do
   always use AES ... but there seems to be a tone of panic
   in these news blurbs that concerns me.

   Quantum computing is not "magic", but all the tricks
   to exploit conventional computing were not invented
   overnight. With more qBits to work with and some years
   of thinking about how to use them we may yet see
   innovative approaches to cracking codes. We kind of
   know the limits of conventional digital computing now,
   but quantum still has "possibilities".

   So, best bet, stay informed and accelerate research
   into quantum-resistant coding methods.

> Quantum-safe replacements for asymmetric schemes are well underway. You
> can use LMS/HSS and XMPP today, though you will need to think carefully
> about state management, and IIRC some requirements to use LMS are coming
> down the line in certain contexts. Looking further ahead several
> stateless schemes are currently undergoing standardization. We don’t
> know when a CRQC will be built but both standards/compliance bodies and
> implementors are taking the prospect very seriously.
> 
> [1] assuming correct implementation, absence/mitigation of side
>      channels, proper use of authenticated encryption - all the stuff we
>      already need for a block cipher anyway.
> 

   Symmetric block ciphers are good for protecting files ... but
   the SSL that gets them from a server to your PC is an asymmetric
   scheme. qPCs might do well with MIM attacks ... meaning the 's'
   in https becomes a joke.

   Oh, and "compliance bodies" might wind up being a few years
   behind the curve :-)

[toc] | [prev] | [next] | [standalone]

#36699

"26C.Z968" <26C.Z968@noaada.net> writes:
> On 1/14/23 6:32 AM, Richard Kettlewell wrote:
>> Quantum-safe replacements for asymmetric schemes are well underway. You
>> can use LMS/HSS and XMPP today, though you will need to think carefully
>> about state management, and IIRC some requirements to use LMS are coming
>> down the line in certain contexts. Looking further ahead several
>> stateless schemes are currently undergoing standardization. We don’t
>> know when a CRQC will be built but both standards/compliance bodies and
>> implementors are taking the prospect very seriously.
>> [1] assuming correct implementation, absence/mitigation of side
>>      channels, proper use of authenticated encryption - all the stuff we
>>      already need for a block cipher anyway.
>
>   Symmetric block ciphers are good for protecting files ... but
>   the SSL that gets them from a server to your PC is an asymmetric
>   scheme. qPCs might do well with MIM attacks ... meaning the 's'
>   in https becomes a joke.

That’s what the quantum-safe asymmetric schemes are for.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]

#36701

On 1/15/23 10:28 AM, Richard Kettlewell wrote:
> "26C.Z968" <26C.Z968@noaada.net> writes:
>> On 1/14/23 6:32 AM, Richard Kettlewell wrote:
>>> Quantum-safe replacements for asymmetric schemes are well underway. You
>>> can use LMS/HSS and XMPP today, though you will need to think carefully
>>> about state management, and IIRC some requirements to use LMS are coming
>>> down the line in certain contexts. Looking further ahead several
>>> stateless schemes are currently undergoing standardization. We don’t
>>> know when a CRQC will be built but both standards/compliance bodies and
>>> implementors are taking the prospect very seriously.
>>> [1] assuming correct implementation, absence/mitigation of side
>>>       channels, proper use of authenticated encryption - all the stuff we
>>>       already need for a block cipher anyway.
>>
>>    Symmetric block ciphers are good for protecting files ... but
>>    the SSL that gets them from a server to your PC is an asymmetric
>>    scheme. qPCs might do well with MIM attacks ... meaning the 's'
>>    in https becomes a joke.
> 
> That’s what the quantum-safe asymmetric schemes are for.

   Yea ... but gotta DO them, STANDARDIZE/CERTIFY/DEPLOY them .....

   Ain't seen THAT yet.

   And "a few years" may not be soon ENOUGH.

   There are 'intermediate fixes' ... just ASSUME https is
   NOT gonna be totally secure and never transmit files
   or bits thereof in the clear assuming https is gonna
   take care of things. Final decryption would have to
   be shifted to LOCAL PCs. When you look at ANY bits of
   a database - yer account/login stuff at Google for
   instance - using a browser it would only SEEM to be
   clear text ... but instead go thru an additional
   symmetric decryption step on yer PC.

   Quantum-resistant https/TLS is badly needed now, but
   WHEN will we see it ??? When is there 'httpq' ???

   See what I'm aiming at ?

[toc] | [prev] | [next] | [standalone]

#36705

"26C.Z968" <26C.Z968@noaada.net> writes:
>   Quantum-resistant https/TLS is badly needed now, but
>   WHEN will we see it ??? When is there 'httpq' ???

When it’s ready. Having a panic about it on Usenet won’t speed it up.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]

#36712

26C.Z968 <26C.Z968@noaada.net> wrote:
> 
>   There are 'intermediate fixes' ... just ASSUME https is
>   NOT gonna be totally secure and never transmit files
>   or bits thereof in the clear assuming https is gonna
>   take care of things. Final decryption would have to
>   be shifted to LOCAL PCs. When you look at ANY bits of
>   a database - yer account/login stuff at Google for
>   instance - using a browser it would only SEEM to be
>   clear text ... but instead go thru an additional
>   symmetric decryption step on yer PC.

This assumes that some nation-state attacker is interested in your
Google log-in, and isn't allied with the NSA who could just ask
Google to let them in anyway. It's still going to be many years
until quantum computers are within reach of your average hacker
sorts looking to make things hard for normal people/businesses.
Quantum-safe encryption schemes will probably be widely adopted
before that.

If you're an aerospace company sharing the designs for the latest
jet fighter over the internet, it's hardly a great idea to just
rely on HTTPS encryption as the only line of defence anyway.

-- 
__          __
#_ < |\| |< _#

[toc] | [prev] | [next] | [standalone]

#36719

On 16/01/2023 21:45, Computer Nerd Kev wrote:
> 26C.Z968 <26C.Z968@noaada.net> wrote:
>>
>>    There are 'intermediate fixes' ... just ASSUME https is
>>    NOT gonna be totally secure and never transmit files
>>    or bits thereof in the clear assuming https is gonna
>>    take care of things. Final decryption would have to
>>    be shifted to LOCAL PCs. When you look at ANY bits of
>>    a database - yer account/login stuff at Google for
>>    instance - using a browser it would only SEEM to be
>>    clear text ... but instead go thru an additional
>>    symmetric decryption step on yer PC.
> 
> This assumes that some nation-state attacker is interested in your
> Google log-in, and isn't allied with the NSA who could just ask
> Google to let them in anyway. It's still going to be many years
> until quantum computers are within reach of your average hacker
> sorts looking to make things hard for normal people/businesses.
> Quantum-safe encryption schemes will probably be widely adopted
> before that.
> 
> If you're an aerospace company sharing the designs for the latest
> jet fighter over the internet, it's hardly a great idea to just
> rely on HTTPS encryption as the only line of defence anyway.
> 
  26C.Z968 is appearing more irrational by the day.

I think he suffers from an inferiority complex, and wants to make more 
impact on the world than by finding some bird and getting her preggies 
and introducing more little  26C.Z968's to muddy the future.

I've noticed this a lot - especially in the US middle classes. Everybody 
wants to be *someone*. The Man Who Called Himself Jesus. The Man who 
Rewrote  SSH.  Or Wrote Systemd.  The man who can converse fluently 
about the 150 types of tea he has drunk. Or recite the name of every 
baseball player in the 1948 league

I have a friend who can recognise just about every single aircraft every 
built, and not a few that never in fact were.

Others know the history of every steam locomotive ever built.

26C.Z968 simply wants to be *someone*. Why anyone would want to be 
*someone* has always escaped me.

I just want to be sufficiently comfortably off to get bored. And live my 
futile existence in relative luxury.

And not be noticed, if possible.

-- 
When plunder becomes a way of life for a group of men in a society, over 
the course of time they create for themselves a legal system that 
authorizes it and a moral code that glorifies it.

  Frédéric Bastiat

[toc] | [prev] | [next] | [standalone]

#36738

On 2023-01-17, The Natural Philosopher <tnp@invalid.invalid> wrote:

> 26C.Z968 simply wants to be *someone*. Why anyone would want to be 
> *someone* has always escaped me.

    All my life, I always wanted to be someone.
    Now I see that I should have been more specific.
      -- Lily Tomlin or Jane Wagner

> I just want to be sufficiently comfortably off to get bored.
> And live my futile existence in relative luxury.
>
> And not be noticed, if possible.

That sounds like what I've been trying for -
except that I don't have time to be bored.

-- 
/~\  Charlie Gibbs                  |  Microsoft is a dictatorship.
\ /  <cgibbs@kltpzyxm.invalid>      |  Apple is a cult.
 X   I'm really at ac.dekanfrus     |  Linux is anarchy.
/ \  if you read it the right way.  |  Pick your poison.

[toc] | [prev] | [next] | [standalone]

#36745

On 17/01/2023 19:06, Charlie Gibbs wrote:
> On 2023-01-17, The Natural Philosopher <tnp@invalid.invalid> wrote:
> 
>> 26C.Z968 simply wants to be *someone*. Why anyone would want to be
>> *someone* has always escaped me.
> 
>      All my life, I always wanted to be someone.
>      Now I see that I should have been more specific.
>        -- Lily Tomlin or Jane Wagner
> 
>> I just want to be sufficiently comfortably off to get bored.
>> And live my futile existence in relative luxury.
>>
>> And not be noticed, if possible.
> 
> That sounds like what I've been trying for -
> except that I don't have time to be bored.
> 
Me neither.  Got that 'restless hungry feelin'
-- 
Karl Marx said religion is the opium of the people.
But Marxism is the crack cocaine.

[toc] | [prev] | [next] | [standalone]

#36743

On 1/17/23 1:51 AM, The Natural Philosopher wrote:
> On 16/01/2023 21:45, Computer Nerd Kev wrote:
>> 26C.Z968 <26C.Z968@noaada.net> wrote:
>>>
>>>    There are 'intermediate fixes' ... just ASSUME https is
>>>    NOT gonna be totally secure and never transmit files
>>>    or bits thereof in the clear assuming https is gonna
>>>    take care of things. Final decryption would have to
>>>    be shifted to LOCAL PCs. When you look at ANY bits of
>>>    a database - yer account/login stuff at Google for
>>>    instance - using a browser it would only SEEM to be
>>>    clear text ... but instead go thru an additional
>>>    symmetric decryption step on yer PC.
>>
>> This assumes that some nation-state attacker is interested in your
>> Google log-in, and isn't allied with the NSA who could just ask
>> Google to let them in anyway. It's still going to be many years
>> until quantum computers are within reach of your average hacker
>> sorts looking to make things hard for normal people/businesses.
>> Quantum-safe encryption schemes will probably be widely adopted
>> before that.
>>
>> If you're an aerospace company sharing the designs for the latest
>> jet fighter over the internet, it's hardly a great idea to just
>> rely on HTTPS encryption as the only line of defence anyway.
>>
>   26C.Z968 is appearing more irrational by the day.


   Ah, back to the poison pen I see ......

[toc] | [prev] | [next] | [standalone]

#36746

On 18/01/2023 05:19, 26C.Z968 wrote:
> On 1/17/23 1:51 AM, The Natural Philosopher wrote:
>> On 16/01/2023 21:45, Computer Nerd Kev wrote:
>>> 26C.Z968 <26C.Z968@noaada.net> wrote:
>>>>
>>>>    There are 'intermediate fixes' ... just ASSUME https is
>>>>    NOT gonna be totally secure and never transmit files
>>>>    or bits thereof in the clear assuming https is gonna
>>>>    take care of things. Final decryption would have to
>>>>    be shifted to LOCAL PCs. When you look at ANY bits of
>>>>    a database - yer account/login stuff at Google for
>>>>    instance - using a browser it would only SEEM to be
>>>>    clear text ... but instead go thru an additional
>>>>    symmetric decryption step on yer PC.
>>>
>>> This assumes that some nation-state attacker is interested in your
>>> Google log-in, and isn't allied with the NSA who could just ask
>>> Google to let them in anyway. It's still going to be many years
>>> until quantum computers are within reach of your average hacker
>>> sorts looking to make things hard for normal people/businesses.
>>> Quantum-safe encryption schemes will probably be widely adopted
>>> before that.
>>>
>>> If you're an aerospace company sharing the designs for the latest
>>> jet fighter over the internet, it's hardly a great idea to just
>>> rely on HTTPS encryption as the only line of defence anyway.
>>>
>>   26C.Z968 is appearing more irrational by the day.
> 
> 
>    Ah, back to the poison pen I see ......

Truth is not poison pen. As I said, more irrational by the day.
Try living in the real world, and less in your head.


-- 
Karl Marx said religion is the opium of the people.
But Marxism is the crack cocaine.

[toc] | [prev] | [next] | [standalone]

#36749

On 1/18/23 4:25 AM, The Natural Philosopher wrote:
> On 18/01/2023 05:19, 26C.Z968 wrote:
>> On 1/17/23 1:51 AM, The Natural Philosopher wrote:
>>> On 16/01/2023 21:45, Computer Nerd Kev wrote:
>>>> 26C.Z968 <26C.Z968@noaada.net> wrote:
>>>>>
>>>>>    There are 'intermediate fixes' ... just ASSUME https is
>>>>>    NOT gonna be totally secure and never transmit files
>>>>>    or bits thereof in the clear assuming https is gonna
>>>>>    take care of things. Final decryption would have to
>>>>>    be shifted to LOCAL PCs. When you look at ANY bits of
>>>>>    a database - yer account/login stuff at Google for
>>>>>    instance - using a browser it would only SEEM to be
>>>>>    clear text ... but instead go thru an additional
>>>>>    symmetric decryption step on yer PC.
>>>>
>>>> This assumes that some nation-state attacker is interested in your
>>>> Google log-in, and isn't allied with the NSA who could just ask
>>>> Google to let them in anyway. It's still going to be many years
>>>> until quantum computers are within reach of your average hacker
>>>> sorts looking to make things hard for normal people/businesses.
>>>> Quantum-safe encryption schemes will probably be widely adopted
>>>> before that.
>>>>
>>>> If you're an aerospace company sharing the designs for the latest
>>>> jet fighter over the internet, it's hardly a great idea to just
>>>> rely on HTTPS encryption as the only line of defence anyway.
>>>>
>>>   26C.Z968 is appearing more irrational by the day.
>>
>>
>>    Ah, back to the poison pen I see ......
> 
> Truth is not poison pen. As I said, more irrational by the day.
> Try living in the real world, and less in your head.

   The Real World is full of ever-escalating security
   threats. Your 'solution' seems to be that of
   burying your head in the sand whist chanting "It's
   All Right !" over and over.

   Sorry, but decades-old "security" ain't gonna cut it
   in the face of heavy-duty quantum methods.

[toc] | [prev] | [next] | [standalone]

#36750

"26C.Z968" <26C.Z968@noaada.net> writes:
> The Real World is full of ever-escalating security threats. Your
> 'solution' seems to be that of burying your head in the sand whist
> chanting "It's All Right !" over and over.

Nobody relevant is putting their head in the sand.

> Sorry, but decades-old "security" ain't gonna cut it in the face of
> heavy-duty quantum methods.

That’s why there’s so much work happening to do something about it.

If you are genuinely interested in this subject then there is a wealth
of material available online; there are a couple of production-ready
quantum-safe algorithms and several more in the standards pipeline that
you can experiment with.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]

#36856

On 1/20/23 3:47 AM, Richard Kettlewell wrote:
> "26C.Z968" <26C.Z968@noaada.net> writes:
>> The Real World is full of ever-escalating security threats. Your
>> 'solution' seems to be that of burying your head in the sand whist
>> chanting "It's All Right !" over and over.
> 
> Nobody relevant is putting their head in the sand.

   Oh, I dunno about THAT. I keep hearing how the 30-year-old
   solutions are Just Perfect and nothing needs to be done or
   improved ........ just scan the threads ..........

> 
>> Sorry, but decades-old "security" ain't gonna cut it in the face of
>> heavy-duty quantum methods.
> 
> That’s why there’s so much work happening to do something about it.

   Apparently NOT - not REALLY. Again, scan thru the related
   threads.

   It's "just hook something else into SSH and it's all fine"
   or "my Blowfish-encrypted stuff is perfectly safe" kinds of
   thinking. Sorry, but automated distributed attacks are
   are NOT dealt-with very well and neither are quantum
   approaches funded by hostile (or your OWN) govts.

   "Computer security" tends to be REACTIVE, not PROACTIVE.
   Disaster first, THEN 'fixes'.

> If you are genuinely interested in this subject then there is a wealth
> of material available online; there are a couple of production-ready
> quantum-safe algorithms and several more in the standards pipeline that
> you can experiment with.
> 

   Quantum-safe DOES exist ... but in the real world I'm not
   seeing much of that. WHEN will I see it ? Five years AFTER
   it's too late ??? Govts will probably make it ILLEGAL anyhow.
   Need to build a 'precedent', a large base, IMHO.

   I'm NOT sorry to be a pain in the ass here ... nobody seems
   to DO anything about systemic weaknesses until it's TOO LATE.
   Mr. Natural and friends can bitch, but their attitude seems
   to be part of the problem, not the solution.

[toc] | [prev] | [next] | [standalone]

#36858

"26C.Z968" <26C.Z968@noaada.net> writes:
> On 1/20/23 3:47 AM, Richard Kettlewell wrote:
>> "26C.Z968" <26C.Z968@noaada.net> writes:
>>> The Real World is full of ever-escalating security threats. Your
>>> 'solution' seems to be that of burying your head in the sand whist
>>> chanting "It's All Right !" over and over.
>> Nobody relevant is putting their head in the sand.
>
>   Oh, I dunno about THAT. I keep hearing how the 30-year-old
>   solutions are Just Perfect and nothing needs to be done or
>   improved ........ just scan the threads ..........
>
>>> Sorry, but decades-old "security" ain't gonna cut it in the face of
>>> heavy-duty quantum methods.
>> That’s why there’s so much work happening to do something about it.
>
>   Apparently NOT - not REALLY. Again, scan thru the related
>   threads.

I guess you’re looking in the wrong places then.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [standalone]

Back to top | Article view | comp.os.linux.misc

csiph-web