TrustLeap: provably-secure, "forever unbreakable" security
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The CEO of TrustLeap contacted me recently to boast about his "unbreakable" security, and that 'we' are doing everything wrong and "all open source software is backdoored". Quotes from the website:
TrustLeap can mathematically prove that it has "unbreakable encryption" against unlimited computing power, forever, and by-design.
As a result, "modern" cryptography (all the algorithms used today, either standard or custom) is _provably unsafe_. http://twd-industries.com/faq.html#tab3
What do you think about that? There is a challenge: http://twd-industries.com/challenge.html
This is a page for real experts in cryptography ...so I thought I'll share it with you guys.
- -- 42 <42@enigmabox.net> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJUrGnlAAoJELqmW1wGWUSY2aMP/1qGTSdnqZZLRqFH/ZHS1XkY vVwSbR7H8L1vKMFYxxBgQcgMrB3ky+He1xYjX5B/6Pfwi3aFYH/5xgJMdx75fTYP EVIF8SHctbWs49g6+dynLgcdCwHrLtF35BIj3QmIgBo8vYUMtS1JQ7/iwbwLZlw3 3+s7ycMEW2U/ltdhG6dV1xL+oXBHpVv3EeW7LHNL5RvcAN6SFU1YNkvjedfqnKxB so6gh7adcsFf5aij6ofkQKHYyTTdkilGwQa06Xj5Ht3gBWi+NIbglkVsgS/+/Xwx mq8trrlz3MO3eCt/atpseeWwgThfaTf9B/dgnd7JuRQzK+Vmvtrj/d6wjbW2wmQW yCXz3n2Y0WxozipHJSd1yXL2SuumB3YSZ06ZLVUg0RmEluGCXVg7oALri+srEKUs PBLWJmWKpQM/8DsA8cqUEvyELFs1WBjzIQg2Bsg0j1IvMrXZSAApoMxEXxibSf0V oOiqApPUThlfB1V1CCU0jRgW2mYmKvU2eq05iYx1ZyyUid4gQlFt0KsO3Hh2e0VK 57XJjNwFeg7iSbJ7kIGduryVxDulu7SqabLKr7WUpQfCYxP0kTjTqXI44R5fHr00 4D6nb/mzPF3IxSfQ2Wv/SJ4AFeYTe8d1tdVdLqF8z4n6Noo4yExArD6VwVT6wF5r Kyyxt5DAcslRFZbOJA/6 =wU4H -----END PGP SIGNATURE-----
On Tue, Jan 6, 2015 at 6:04 PM, 42 <42@enigmabox.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The CEO of TrustLeap contacted me recently to boast about his "unbreakable" security, and that 'we' are doing everything wrong and "all open source software is backdoored".
Quotes from the website:
TrustLeap can mathematically prove that it has "unbreakable encryption" against unlimited computing power, forever, and by-design.
As a result, "modern" cryptography (all the algorithms used today, either standard or custom) is _provably unsafe_. http://twd-industries.com/faq.html#tab3
What do you think about that?
There is a challenge: http://twd-industries.com/challenge.html
This is a page for real experts in cryptography ...so I thought I'll share it with you guys.
All that text and I still have no idea what this thing does. The exercise is pointless: I could give you some plaintext and blob of random garbage (or just use a one-time pad) and make all the same claims. And the customers listed on their Customers page are using their Remote Desktop product, not this. But all you really need to know is they're only offering $1,000 as a reward to people who break their provably-secure-everybody-else-is-an-idiot-yadda-yadda system. Maybe they should convince themselves that it's secure first.
Dnia wtorek, 6 stycznia 2015 19:46:20 Patrick Mylund Nielsen pisze:
On Tue, Jan 6, 2015 at 6:04 PM, 42 <42@enigmabox.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The CEO of TrustLeap contacted me recently to boast about his "unbreakable" security, and that 'we' are doing everything wrong and "all open source software is backdoored".
Quotes from the website:
TrustLeap can mathematically prove that it has "unbreakable encryption" against unlimited computing power, forever, and by-design.
As a result, "modern" cryptography (all the algorithms used today, either standard or custom) is _provably unsafe_.
http://twd-industries.com/faq.html#tab3
What do you think about that?
There is a challenge: http://twd-industries.com/challenge.html
This is a page for real experts in cryptography
...so I thought I'll share it with you guys.
All that text and I still have no idea what this thing does. The exercise is pointless: I could give you some plaintext and blob of random garbage (or just use a one-time pad) and make all the same claims. And the customers listed on their Customers page are using their Remote Desktop product, not this.
But all you really need to know is they're only offering $1,000 as a reward to people who break their provably-secure-everybody-else-is-an-idiot-yadda-yadda system. Maybe they should convince themselves that it's secure first.
stf, can you please post your snakeoil tell-tale signs? I think they might be useful here. ;-) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On 09/01/15 20:45, rysiek wrote:
stf, can you please post your snakeoil tell-tale signs? I think they might be useful here. ;-)
Quoth Stef:
exactly this prompted me to come up with the seven rules of thumb to detect snakeoil:
not free software runs in a browser runs on a smartphone the user doesn't generate, or exclusively own the private encryption keys there is no threat model uses marketing-terminology like "cyber", "military-grade" neglects general sad state of host security
participants (4)
-
42 -
Cathal Garvey -
Patrick Mylund Nielsen -
rysiek