• 0 Posts
  • 392 Comments
Joined 2 years ago
cake
Cake day: June 20th, 2023

help-circle








  • Honestly, regardless of their education and experience, if you have this concern about a person, you should get a new roommate, assuming there’s more to your question than just a hypothetical.

    All the time, there are shitty significant others who install a keylogger or screen recorder to monitor their spouse, because they’re fucked up. A lot of the time, they don’t have any technical background, and are the equivalent of script kiddies. They do this because they’re shitty people, not because they have a degree in computer science.












  • bamboo@lemmy.blahaj.zonetoPrivacy@lemmy.ml[Deleted]
    link
    fedilink
    English
    arrow-up
    12
    ·
    23 days ago

    It’s possible that they discovered a weakness in the way the keys are generated in the TPM (or whatever it’s called for Android), which brings the time to brute force down from 1,000 years to a few weeks with massive GPUs?

    Similar story, as of a few years ago, OpenSSH announced deprecating support for RSA keys keys because of a vulnerability in SHA-1 hashing, where they cited research showing a determined attacker could break the key with $50k of compute power, which may seem like a lot, but is pretty feasible, necessitating the deprecation

    It is now possible [1] to perform chosen-prefix attacks against the SHA-1 hash algorithm for less than USD $50K. For this reason, we will be disabling the “ssh-rsa” public key signature algorithm that depends on SHA-1 by default in a near-future release.

    I don’t know about the Android system, but during the initial design and fabrication, the hardware may have not been designed to withstand the compute power just a few years later, and can not be easily updated to improve the security. These are the weaknessed Cellebrite is looking for.