keyze opened this issue on Dec 03, 2011 ยท 97 posts
shvrdavid posted Mon, 05 December 2011 at 11:13 AM
Quote - The best security systems are not cracked all the time. It's the not-best ones that are cracked all the time.
The ones that are cracked are the ones that have information the hacker can gain the most from. It doesn't have anything to do with the systems in place, it is what is behind it that attracts the hackers.
Anything that contains information someone wants badly enough will get cracked sooner or later.
If you think otherwise, you are sadly mistaken. (No offence, but there is no such thing as hack proof)
Just ask Sony, Steam, any big bank, any government, etc. Servers like that get attacked all the time. Sony has been hacked at least two times since the first one, and that is just what they told reporters. Keep in mind, that was after increasing and changing the security from the first attack. So we know of three different security setups the were cracked in a row. Obviously, they probably were not the best security systems out there. One of them was cracked within hours of going live.
Anonymous (a hacker group) was able to pull over 10 gigabytes of info off of one government server, then corrupt the data before the security in place even noticed it. And they have done it more than once, to different servers with different security setups.
When it comes to encyption, some of it can be cracked in real time, no need to guess what the key is and risk sending a bad one to the server that would trigger a security action.
There is hardware to do 40bit all but instantly, 56 bit takes about an hour or so, 256 takes about a day, etc...
http://www.linuxsecurity.com/resource_files/documentation/hacking-dict.html
Just read the first section of what I linked if you doubt it.
I am not going to explain how to do it, but it can be done, and it is done all the time. There are laws in place to ensure they can be cracked. Sounds strange, but that is unfortunetly the way it is. Open up Internet Explorer and hit about, 256 bit encryption support is the best it will do (US release, releases in some countries have lower bit support.). That is governed by a law as a balance of safe, but still easily crackable. There are ways to do connections beyond 256 bit, they just take longer to crack the encryption.
If you make something more hack proof, you will just attract a better hacker than the system you put in place. The more locks you put on it, the more they will want to know what is behind it.
Its a sad truth, and it happens all the time.
Maybe someday there will be a way to make something hack proof, but those days are far off into the future. And it will all but require scrapping the current TCP/IP way of doing internet connections to pull it off. TCP/IP is just too limited. Syn cookies, TCPCT, and other tricks help, but also point right at how part of the security is set up.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->