Thread: Classic New B&N eReader $259 & will allow sharing
View Single Post
Old 10-21-2009, 01:20 PM   #353
Ankh
Guru
Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.Ankh ought to be getting tired of karma fortunes by now.
 
Ankh's Avatar
 
Posts: 714
Karma: 2003751
Join Date: Oct 2008
Location: Ottawa, ON
Device: Kobo Glo HD
Quote:
Originally Posted by kennyc View Post
Exactly. The information is only used to encrypt the file, it is not included in the file and you can't generate the password/hash/cc# etc from the encrypted file.

Buy that book yourself, reverse engineer PC reader and decrypt the content using your own key. Obtain encrypted file purchased by other user. Brute force (or slightly more clever) attack will fairly quickly give you all the encryption keys that produce resulting (encrypted) file.

You narrowed your search too close for comfort. Now weaken the key by other means (a hacker figures out what is the name of the victim from other file on infected computer)...

I know that my credit card number is safe if it is not used as (a part of) an encryption key. I am not so sure what gives you certainty that credit card number can not be retrieved from the encrypted file. What about so far unknown weaknesses of the encryption scheme?

You guys believe in unbreakable encryption? I don't, as a matter of principle.
Ankh is offline   Reply With Quote