Settings

Theme

WikiLeaks password leak FAQ

unspecified.wordpress.com

5 points by soyelmango 14 years ago · 6 comments

Reader
rhizome 14 years ago

I appreciate the effort, and while I haven't gone through the whole thing, you could probably brush up on the use and meaning of "executive summary." Nothing personal!

wccrawford 14 years ago

Article claims that making the encrypted file public is perfectly fine, so long as the password isn't made public.

I think all of us here know how wrong that is. A password isn't going to stop people for long. It was a matter of time until it got out. Maybe it already had, and we didn't know it.

  • mgiuca 14 years ago

    (Author of the article here). I think you underestimate the power of a good (long) password. Check this out: https://www.grc.com/haystack.htm

    That site lets you enter a password and see how long it would take to crack using a brute-force scenario. Assange's 58-character password would apparently take "16.40 million trillion trillion trillion trillion trillion trillion trillion centuries", assuming one hundred trillion guesses per second (which is far more computing power than is presently available to anybody in the world).

    Cryptography relies on strong passwords. Assuming that the password wasn't deliberately given out, a 58-character password is going to be secure for a very very long time.

    • wccrawford 14 years ago

      We can crack things today that were considered impossible (aka "not in our lifetime") 10 years ago. Why would anyone think that 10 more years wouldn't bring this again? Quantum computing is looking more and more likely, with progress almost every month now.

      Sure, today they couldn't crack it... But this data has ramifications for many years to come. It should never have been gathered together and put in a public place.

      Behind the government's firewalls, it was protected by an ever-changing system. If things get easier to crack, they can upgrade it. As a simple file, it can never be changed. It will also be there.

      And finally, security experts will tell you that one of the easiest ways to crack something is the human factor. That password is written down somewhere, and wikileaks isn't a fort. Hackers could have gotten that password from wikileaks without them knowing.

      So no, I don't think I do underestimate it.

  • calcnerd256 14 years ago

    2^60 seconds is a long time

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection