0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/39 Thanks! 1 00:00:10,370 --> 00:00:13,699 So, Michael, you are true to 2 00:00:13,700 --> 00:00:16,099 a policy that will be picking 3 00:00:16,100 --> 00:00:18,499 and choosing to do the show over you 4 00:00:18,500 --> 00:00:20,629 with some historical background, which 5 00:00:20,630 --> 00:00:22,679 is important to understand how this are 6 00:00:22,680 --> 00:00:24,799 going to be actually was 7 00:00:24,800 --> 00:00:25,800 created. 8 00:00:26,360 --> 00:00:29,289 Then I'll jump straight into the issues 9 00:00:29,290 --> 00:00:31,399 with the specific implementation 10 00:00:31,400 --> 00:00:32,839 of the algorithm. In this, 11 00:00:34,820 --> 00:00:36,529 we'll give you a short overview of the 12 00:00:36,530 --> 00:00:38,749 disclosure timeline 13 00:00:38,750 --> 00:00:40,189 because there were some interesting 14 00:00:40,190 --> 00:00:42,469 things in there. And at the end, 15 00:00:42,470 --> 00:00:45,049 I will jump right into the council's 16 00:00:45,050 --> 00:00:47,359 sidebar itself, which will 17 00:00:47,360 --> 00:00:49,579 only be a little more complex for 18 00:00:49,580 --> 00:00:51,349 everyone who isn't interested in 19 00:00:51,350 --> 00:00:53,569 cryptography, but very 20 00:00:53,570 --> 00:00:55,669 interesting for people who like 21 00:00:55,670 --> 00:00:57,350 to analyze the level of science. 22 00:00:59,000 --> 00:01:01,099 So for introduction, 23 00:01:01,100 --> 00:01:03,139 I didn't do this alone. 24 00:01:03,140 --> 00:01:04,759 I didn't team with it. 25 00:01:04,760 --> 00:01:05,930 Davis and newly minute 26 00:01:07,730 --> 00:01:10,009 and later we learned that this was 27 00:01:10,010 --> 00:01:12,739 independently discovered by any trousseau 28 00:01:12,740 --> 00:01:14,389 sometime ago. 29 00:01:14,390 --> 00:01:16,639 And one of the issues unreported 30 00:01:16,640 --> 00:01:19,459 here was all he discovered some 31 00:01:19,460 --> 00:01:20,349 way before. 32 00:01:20,350 --> 00:01:23,149 Of course, it's been published, 33 00:01:23,150 --> 00:01:24,919 and we already found that during the 34 00:01:24,920 --> 00:01:27,139 research will mean 35 00:01:27,140 --> 00:01:30,139 I studied the security in that trust, 36 00:01:30,140 --> 00:01:32,059 and I spent way too much time on the 37 00:01:32,060 --> 00:01:34,159 keyboards. And that means I get 38 00:01:34,160 --> 00:01:36,559 ideas, and something like this usually 39 00:01:36,560 --> 00:01:38,180 happens when I get their ideas. 40 00:01:39,200 --> 00:01:41,329 I found a social issue in 41 00:01:41,330 --> 00:01:43,579 those wars, and that's why some few 42 00:01:43,580 --> 00:01:45,709 Michael my saw the movie as he 43 00:01:45,710 --> 00:01:47,269 probably doesn't like me anyways, 44 00:01:48,470 --> 00:01:49,819 and I would like to point out that I 45 00:01:49,820 --> 00:01:51,139 don't apply cryptography. 46 00:01:51,140 --> 00:01:53,329 That means I have to have 47 00:01:53,330 --> 00:01:55,259 some idea on how to implement 48 00:01:55,260 --> 00:01:57,499 cryptographic schemes and 49 00:01:57,500 --> 00:01:59,809 design around an existing Typekit, but I 50 00:01:59,810 --> 00:02:02,659 cannot design having sight for myself. 51 00:02:02,660 --> 00:02:04,459 That's one of the things detectives, for 52 00:02:04,460 --> 00:02:05,860 example, have helped me a lot. 53 00:02:08,300 --> 00:02:10,589 The BBC is to do the science 54 00:02:10,590 --> 00:02:12,799 for the Legitimates Institute, which 55 00:02:12,800 --> 00:02:14,839 roughly translates to Federal Office for 56 00:02:14,840 --> 00:02:16,939 Information Security, and they are the 57 00:02:16,940 --> 00:02:19,399 ones who design for this over 58 00:02:19,400 --> 00:02:21,499 the emerge in 1991 59 00:02:21,500 --> 00:02:23,959 from the department, 60 00:02:23,960 --> 00:02:26,419 so they do have one idea 61 00:02:26,420 --> 00:02:27,420 of cryptography. 62 00:02:28,370 --> 00:02:30,409 First, they were the two hashes of this 63 00:02:30,410 --> 00:02:32,569 trip. These and then in 64 00:02:32,570 --> 00:02:34,999 1998, they turned into the 65 00:02:35,000 --> 00:02:36,619 notion of physical demand for maximum 66 00:02:36,620 --> 00:02:38,749 safety. When they got some additional 67 00:02:38,750 --> 00:02:41,059 I.T. security tasks and all there 68 00:02:41,060 --> 00:02:42,060 the BBC, 69 00:02:43,640 --> 00:02:45,739 the BBC is designed with the others 70 00:02:45,740 --> 00:02:47,839 to Cyprus, which is and all 71 00:02:47,840 --> 00:02:49,429 of them is the one we are talking with 72 00:02:49,430 --> 00:02:50,419 you. 73 00:02:50,420 --> 00:02:52,699 They are not public until 74 00:02:52,700 --> 00:02:54,199 recently. 75 00:02:54,200 --> 00:02:55,969 So officially, they are not published. 76 00:02:55,970 --> 00:02:58,159 And this is a policy 77 00:02:58,160 --> 00:03:00,469 decision to only use unpublished titles 78 00:03:00,470 --> 00:03:02,629 to make problems at home. 79 00:03:02,630 --> 00:03:04,699 This violates capital, 80 00:03:04,700 --> 00:03:05,700 but 81 00:03:07,010 --> 00:03:09,349 the idea itself isn't too crazy 82 00:03:09,350 --> 00:03:10,490 if it's done correctly. 83 00:03:11,660 --> 00:03:13,879 One of the titles is the key elements, 84 00:03:13,880 --> 00:03:15,439 which is an idea of conventional software 85 00:03:15,440 --> 00:03:17,809 implementations, and there's two 86 00:03:17,810 --> 00:03:20,269 problems known to be implemented. 87 00:03:20,270 --> 00:03:22,309 One of them is he has multiple Windows 88 00:03:22,310 --> 00:03:24,589 and Windows, which is a file encryption 89 00:03:24,590 --> 00:03:25,879 software. 90 00:03:25,880 --> 00:03:27,439 Using this algorithm and this is 91 00:03:27,440 --> 00:03:29,089 restricted, you cannot gather this 92 00:03:29,090 --> 00:03:31,069 individual. You need to prove that you 93 00:03:31,070 --> 00:03:33,349 have some public interest in having it. 94 00:03:33,350 --> 00:03:35,659 So we weren't able to do that. 95 00:03:35,660 --> 00:03:38,089 But this is the guest who 96 00:03:38,090 --> 00:03:40,309 is publicly available as there's 97 00:03:40,310 --> 00:03:42,619 a legal version who can simply download 98 00:03:42,620 --> 00:03:45,619 and run, and it also 99 00:03:45,620 --> 00:03:47,389 implements the key elements of a file 100 00:03:47,390 --> 00:03:48,390 encryption. 101 00:03:49,280 --> 00:03:51,159 The second that the group is designed we 102 00:03:51,160 --> 00:03:52,849 do not talk about here is stability, 103 00:03:52,850 --> 00:03:54,229 which is optimized and meant for 104 00:03:54,230 --> 00:03:55,219 hardware. 105 00:03:55,220 --> 00:03:57,379 It's used in so-called leadership, 106 00:03:57,380 --> 00:03:59,689 which is also used by the senior boxes, 107 00:03:59,690 --> 00:04:01,819 which is the VPN used for 108 00:04:01,820 --> 00:04:03,799 in a lawful intercept. 109 00:04:03,800 --> 00:04:06,349 These are kept captions like 110 00:04:06,350 --> 00:04:08,239 if the government steals your emails and 111 00:04:08,240 --> 00:04:09,829 that's what they want, they'll encrypt. 112 00:04:09,830 --> 00:04:11,989 It's open, they'll steal them. 113 00:04:11,990 --> 00:04:14,179 And the interesting thing is that 114 00:04:14,180 --> 00:04:15,479 for the better, we know that the 115 00:04:15,480 --> 00:04:17,179 development of the chip started 116 00:04:17,180 --> 00:04:20,569 approximately 96 97. 117 00:04:20,570 --> 00:04:22,609 So this gives a timeframe when these 118 00:04:22,610 --> 00:04:23,610 ideas were great. 119 00:04:25,700 --> 00:04:27,649 The key also was the green. 120 00:04:27,650 --> 00:04:29,089 It's not completely unreasonable that 121 00:04:29,090 --> 00:04:30,090 they designed their own. 122 00:04:31,220 --> 00:04:32,749 First, of course, you don't want your 123 00:04:32,750 --> 00:04:35,599 algorithms to be designed by the NSA, so 124 00:04:35,600 --> 00:04:37,519 it's logical that the government might 125 00:04:37,520 --> 00:04:40,279 not want to use you as a group 126 00:04:40,280 --> 00:04:42,679 and say the first 127 00:04:42,680 --> 00:04:45,139 reference to this was almost 128 00:04:45,140 --> 00:04:47,269 one of the limitations is October 129 00:04:47,270 --> 00:04:48,979 2000. There might be earlier ones, but 130 00:04:48,980 --> 00:04:51,139 this is the earliest event and 131 00:04:51,140 --> 00:04:53,889 dry, though, which later became a yes. 132 00:04:53,890 --> 00:04:55,129 It's published in 98. 133 00:04:55,130 --> 00:04:57,769 So the 134 00:04:57,770 --> 00:05:00,219 public from this 135 00:05:00,220 --> 00:05:02,539 cryptographic algorithms wasn't good 136 00:05:02,540 --> 00:05:04,129 at the time when this agreement was 137 00:05:04,130 --> 00:05:06,319 designed and it really took them. 138 00:05:06,320 --> 00:05:08,389 Some people find it 139 00:05:08,390 --> 00:05:09,549 easier to understand. 140 00:05:09,550 --> 00:05:11,829 That was announced in 2001 141 00:05:13,690 --> 00:05:16,000 in for a rough comparison. 142 00:05:17,080 --> 00:05:19,479 The first version was released in 1999. 143 00:05:19,480 --> 00:05:21,519 PGD was already five years old, 144 00:05:21,520 --> 00:05:23,529 approximately the time, if I remember 145 00:05:23,530 --> 00:05:25,779 correctly and to use crypto next 146 00:05:25,780 --> 00:05:28,549 month restrictions where cryptography was 147 00:05:28,550 --> 00:05:30,969 munition and you couldn't export 148 00:05:30,970 --> 00:05:33,819 more than 56 bit cryptographic 149 00:05:33,820 --> 00:05:36,399 fortinet's you or never. 150 00:05:36,400 --> 00:05:38,859 These restrictions were lifted in January 151 00:05:38,860 --> 00:05:41,919 2000, so it wasn't easy to get 152 00:05:41,920 --> 00:05:43,449 an official agreement. 153 00:05:43,450 --> 00:05:44,929 So it's pretty reasonable that they 154 00:05:44,930 --> 00:05:47,439 designed their own number at the time, 155 00:05:47,440 --> 00:05:50,049 and they did have the knowledge just 156 00:05:50,050 --> 00:05:51,279 to compare for the time frame. 157 00:05:51,280 --> 00:05:53,379 Wikipedia was founded in 2001, so this is 158 00:05:53,380 --> 00:05:54,519 really the Dark Ages. 159 00:05:56,830 --> 00:05:58,529 He has missed windows over the mentioned 160 00:05:58,530 --> 00:06:00,429 that chocolate is a fine encryption 161 00:06:00,430 --> 00:06:02,019 software, which was likely to create a 162 00:06:02,020 --> 00:06:03,939 completely new house on the busy. 163 00:06:03,940 --> 00:06:06,039 It uses the key elements are in the 164 00:06:06,040 --> 00:06:06,939 file format. 165 00:06:06,940 --> 00:06:09,249 You will find some encrypted transcripts 166 00:06:09,250 --> 00:06:10,899 from the internet. 167 00:06:10,900 --> 00:06:13,119 But the SCI is obfuscated, feels dated, 168 00:06:13,120 --> 00:06:15,189 so it will 169 00:06:15,190 --> 00:06:16,749 be difficult to analyze results for 170 00:06:16,750 --> 00:06:18,039 itself. 171 00:06:18,040 --> 00:06:20,199 They claim to CBC, which 172 00:06:20,200 --> 00:06:22,329 seems probably from the times we 173 00:06:22,330 --> 00:06:24,699 analyze and 174 00:06:24,700 --> 00:06:26,349 it. According to the public 175 00:06:26,350 --> 00:06:28,119 documentation. It asks the user for 176 00:06:28,120 --> 00:06:29,949 additional randomness when you generate a 177 00:06:29,950 --> 00:06:32,829 key like move your mouse in this window. 178 00:06:32,830 --> 00:06:35,079 So it's probably is implemented 179 00:06:35,080 --> 00:06:37,089 in a way another way than what we 180 00:06:37,090 --> 00:06:37,989 analyzed. 181 00:06:37,990 --> 00:06:40,209 So the official feels 182 00:06:40,210 --> 00:06:42,459 the Windows encryption is probably not 183 00:06:42,460 --> 00:06:44,109 affected by the findings here, since 184 00:06:44,110 --> 00:06:46,299 these are implementation issues. 185 00:06:46,300 --> 00:06:48,429 The guest will know that it is the 186 00:06:48,430 --> 00:06:49,869 software for the management of IP 187 00:06:49,870 --> 00:06:51,759 baseline of the IP based protection 188 00:06:51,760 --> 00:06:53,949 process. So how secure 189 00:06:53,950 --> 00:06:56,739 is it, frankly and stuff like that? 190 00:06:56,740 --> 00:06:58,539 And this was made by contractors. 191 00:06:58,540 --> 00:07:00,130 The contract has changed over time, 192 00:07:01,420 --> 00:07:03,939 and the main feature of this program 193 00:07:03,940 --> 00:07:06,249 is management of data security 194 00:07:06,250 --> 00:07:08,079 processes not telling the truth, but it 195 00:07:08,080 --> 00:07:10,839 contains an encryption function 196 00:07:10,840 --> 00:07:13,029 to protect the database, 197 00:07:13,030 --> 00:07:15,169 which explained more vulnerable 198 00:07:15,170 --> 00:07:16,419 companies. 199 00:07:16,420 --> 00:07:18,759 And this this encryption function uses. 200 00:07:18,760 --> 00:07:20,829 The key also is overwritten, but can 201 00:07:20,830 --> 00:07:22,929 also encrypt any file so some 202 00:07:22,930 --> 00:07:25,119 people may and actually do use 203 00:07:25,120 --> 00:07:26,709 it for generic five encryption. 204 00:07:28,480 --> 00:07:30,429 It's symmetrical encryption, so it's not 205 00:07:30,430 --> 00:07:31,869 like you can get the key of someone. 206 00:07:31,870 --> 00:07:33,939 You have a Sharpie on both ends, so 207 00:07:33,940 --> 00:07:34,940 it's a bit cumbersome. 208 00:07:36,040 --> 00:07:38,139 He doesn't see friction is 209 00:07:38,140 --> 00:07:40,929 that the first is the 3.0, 210 00:07:40,930 --> 00:07:43,339 and according to the visit, this country 211 00:07:43,340 --> 00:07:45,189 has not been changed since then. 212 00:07:45,190 --> 00:07:47,349 Until the recent patch, which fixed 213 00:07:47,350 --> 00:07:49,479 the issues and 214 00:07:49,480 --> 00:07:51,849 this 3.0 version 215 00:07:51,850 --> 00:07:55,149 was released in July 2003, 216 00:07:55,150 --> 00:07:57,189 it was developed by a contractor stating 217 00:07:57,190 --> 00:07:58,479 a moment. 218 00:07:58,480 --> 00:08:00,429 I won't mention the name further because 219 00:08:00,430 --> 00:08:02,319 I don't think all the contractors are 220 00:08:02,320 --> 00:08:03,999 especially better, but they are the ones 221 00:08:04,000 --> 00:08:06,699 who make these mistakes most likely, 222 00:08:06,700 --> 00:08:08,829 and ABC made the mistake of not checking 223 00:08:08,830 --> 00:08:09,830 on them. 224 00:08:10,240 --> 00:08:12,309 There was a future version of the tool, 225 00:08:12,310 --> 00:08:14,799 which I think was considerable. 226 00:08:14,800 --> 00:08:17,379 Yeah, it's not with a 5.0 and 227 00:08:17,380 --> 00:08:18,819 that was supposed to be developed by 228 00:08:18,820 --> 00:08:20,949 Persephone. They failed very, very 229 00:08:20,950 --> 00:08:23,589 hard and very publicly, and 230 00:08:23,590 --> 00:08:24,790 the BBC first 231 00:08:26,230 --> 00:08:27,829 told them, No, we don't want this. 232 00:08:27,830 --> 00:08:30,069 Then they told for a bit that they should 233 00:08:30,070 --> 00:08:31,930 have read and that they gave up. 234 00:08:35,179 --> 00:08:37,509 So to the actual point of this 235 00:08:37,510 --> 00:08:39,589 attack, the security 236 00:08:39,590 --> 00:08:41,869 issues with implementation of chaos 237 00:08:41,870 --> 00:08:42,870 in Gaza, 238 00:08:44,930 --> 00:08:47,239 assuming you are implementing 239 00:08:47,240 --> 00:08:49,369 cryptography, someone gives you a secure 240 00:08:49,370 --> 00:08:50,659 algorithm, for example. 241 00:08:50,660 --> 00:08:53,419 Yes. What can you measure? 242 00:08:53,420 --> 00:08:54,490 Does anyone have an idea? 243 00:08:55,850 --> 00:08:56,850 Just just 244 00:08:58,400 --> 00:08:59,629 the. 245 00:08:59,630 --> 00:09:01,759 Yes. Give me some examples where 246 00:09:01,760 --> 00:09:03,219 you can mess up. 247 00:09:03,220 --> 00:09:05,329 I know there's a 248 00:09:05,330 --> 00:09:06,859 good idea in the line. 249 00:09:06,860 --> 00:09:09,559 You know, jails 250 00:09:09,560 --> 00:09:11,099 are too complex. 251 00:09:11,100 --> 00:09:14,479 The really stupid things that randomness. 252 00:09:14,480 --> 00:09:15,739 Randomness? Yes 253 00:09:17,120 --> 00:09:18,739 or no? 254 00:09:19,910 --> 00:09:22,109 Yes. Generation Regis. 255 00:09:22,110 --> 00:09:23,110 Oh 256 00:09:24,560 --> 00:09:25,879 yeah. 257 00:09:25,880 --> 00:09:27,679 That's one of the things about his 258 00:09:27,680 --> 00:09:30,109 generation. Looks like a mold, and 259 00:09:30,110 --> 00:09:32,149 there's a built, integrated drinking 260 00:09:32,150 --> 00:09:33,529 because encryption does not equal 261 00:09:33,530 --> 00:09:34,530 integrity. 262 00:09:35,210 --> 00:09:36,589 And these are the main things you can 263 00:09:36,590 --> 00:09:37,609 resolve. 264 00:09:37,610 --> 00:09:38,989 And guess what? They didn't resign. 265 00:09:41,150 --> 00:09:43,339 So for a new generation, if 266 00:09:43,340 --> 00:09:45,169 you are generating cryptographic keys, 267 00:09:45,170 --> 00:09:46,669 these must be random. 268 00:09:46,670 --> 00:09:48,109 They should be unpredictable because 269 00:09:48,110 --> 00:09:50,299 otherwise I think I can guess them 270 00:09:50,300 --> 00:09:52,939 had only been, and 271 00:09:52,940 --> 00:09:54,559 they should be long enough because if the 272 00:09:54,560 --> 00:09:56,300 keys are short, then you can use them. 273 00:09:57,950 --> 00:09:59,839 If you generate the keys, you need to use 274 00:09:59,840 --> 00:10:02,389 the good randomness that means on Linux 275 00:10:02,390 --> 00:10:04,219 and playing. So it systems that you go 276 00:10:04,220 --> 00:10:06,319 for that random or that you are in them. 277 00:10:06,320 --> 00:10:07,789 It's a religious war. 278 00:10:07,790 --> 00:10:10,129 I'm going to go for them too. 279 00:10:10,130 --> 00:10:11,779 And if you need to use a sort of random 280 00:10:11,780 --> 00:10:13,909 number generator, use a good one. 281 00:10:13,910 --> 00:10:15,199 Usually you can rely on the 282 00:10:15,200 --> 00:10:16,129 implementation of that. 283 00:10:16,130 --> 00:10:17,509 You were in love and some up 284 00:10:18,530 --> 00:10:20,629 generated specifically designed 285 00:10:20,630 --> 00:10:21,630 for crypto. 286 00:10:23,030 --> 00:10:25,699 So this is the way that is to look at 287 00:10:25,700 --> 00:10:26,700 the problem. 288 00:10:31,850 --> 00:10:32,850 Yes. 289 00:10:33,590 --> 00:10:35,869 There's another origin thought this 290 00:10:35,870 --> 00:10:38,659 is we reverse engineer that this is 291 00:10:38,660 --> 00:10:40,639 called the does the same thing that they 292 00:10:40,640 --> 00:10:41,640 do. 293 00:10:41,990 --> 00:10:43,909 First, they generate one of the four 294 00:10:43,910 --> 00:10:46,339 months of key, which 295 00:10:46,340 --> 00:10:48,649 gets this with most 296 00:10:48,650 --> 00:10:49,669 of it. 297 00:10:49,670 --> 00:10:51,859 But the main issue is 298 00:10:51,860 --> 00:10:54,109 they are using strong 299 00:10:54,110 --> 00:10:55,209 time and runs. 300 00:10:55,210 --> 00:10:57,709 So this is not a cryptographically 301 00:10:57,710 --> 00:10:59,779 secured random number generator, so you 302 00:10:59,780 --> 00:11:01,100 cannot use it for this purpose. 303 00:11:02,510 --> 00:11:04,639 None has a has 32 bits of 304 00:11:04,640 --> 00:11:07,309 state in implementation used by the 100 305 00:11:07,310 --> 00:11:09,739 thieves, so this means 306 00:11:09,740 --> 00:11:11,989 you can guess the key with at 307 00:11:11,990 --> 00:11:13,729 most 32 bits of effort, 308 00:11:15,590 --> 00:11:17,509 it seems to be no. 309 00:11:17,510 --> 00:11:19,879 So no matter how good the generator 310 00:11:19,880 --> 00:11:22,099 itself it is, you 311 00:11:22,100 --> 00:11:24,289 only have to do the power to do seeds, 312 00:11:24,290 --> 00:11:26,509 which you have to try so you can guess 313 00:11:26,510 --> 00:11:29,269 the key and to make it even simpler. 314 00:11:29,270 --> 00:11:31,429 The key is the seed is 315 00:11:31,430 --> 00:11:33,709 the time. So if you can guess the time 316 00:11:33,710 --> 00:11:35,539 well and you have the seed and you have 317 00:11:35,540 --> 00:11:36,540 to guess even months. 318 00:11:38,870 --> 00:11:40,789 So in practice, the key space is smaller 319 00:11:40,790 --> 00:11:42,859 than to do the power to do. 320 00:11:42,860 --> 00:11:45,259 I think everyone knows that 321 00:11:45,260 --> 00:11:47,599 64 or 56 bit encryption 322 00:11:47,600 --> 00:11:49,399 like a verse is broken. 323 00:11:50,450 --> 00:11:52,579 So you can imagine holding on 324 00:11:52,580 --> 00:11:54,319 to the thought of does. 325 00:11:54,320 --> 00:11:56,209 It takes approximately less than one hour 326 00:11:56,210 --> 00:11:57,469 to brute force it. 327 00:11:57,470 --> 00:11:59,599 I think it will signal for off a pretty 328 00:11:59,600 --> 00:12:01,789 old laptop, so we didn't bother to 329 00:12:01,790 --> 00:12:04,219 optimize as early as possible to organize 330 00:12:04,220 --> 00:12:05,220 it further because 331 00:12:06,320 --> 00:12:07,729 not the entire state is used by the 332 00:12:07,730 --> 00:12:09,709 generator. We didn't look into it further 333 00:12:09,710 --> 00:12:12,109 because we didn't see the one Felix, 334 00:12:12,110 --> 00:12:14,779 which had some of the parallel research 335 00:12:14,780 --> 00:12:16,969 set in this thought that it was 336 00:12:16,970 --> 00:12:19,369 good to optimize that I think in 24 bits, 337 00:12:19,370 --> 00:12:21,469 which is even more in-situ, which is 338 00:12:21,470 --> 00:12:24,049 basically instant if you know the 339 00:12:24,050 --> 00:12:25,879 time when the key was generated, you know 340 00:12:25,880 --> 00:12:27,949 the key. This means in practice, it 341 00:12:27,950 --> 00:12:29,030 takes a few minutes. 342 00:12:30,860 --> 00:12:32,959 And obviously, if you can get the 343 00:12:32,960 --> 00:12:35,569 key from the from an encrypted file, 344 00:12:35,570 --> 00:12:37,399 then that information is totally reckless 345 00:12:37,400 --> 00:12:38,899 and it's dangerous because people will 346 00:12:38,900 --> 00:12:40,459 encrypt stuff with it and they will 347 00:12:40,460 --> 00:12:41,539 assume it's encrypted. 348 00:12:41,540 --> 00:12:43,939 So they'll put it into the Dropbox 349 00:12:43,940 --> 00:12:45,559 well on their website for the contractor 350 00:12:45,560 --> 00:12:48,319 to download it, non-security security 351 00:12:48,320 --> 00:12:49,320 and stuff like this. 352 00:12:51,810 --> 00:12:53,909 So if you should ever be in 353 00:12:53,910 --> 00:12:55,739 the unfortunate situation that you have 354 00:12:55,740 --> 00:12:58,049 to do generation yourself, 355 00:12:58,050 --> 00:13:00,269 you'd probably use 356 00:13:00,270 --> 00:13:02,209 the if you run into the friend, an old 357 00:13:02,210 --> 00:13:04,409 lady and you insult systems 358 00:13:04,410 --> 00:13:06,489 or even those who can use and 359 00:13:06,490 --> 00:13:08,819 bring them, which is a Windows API 360 00:13:08,820 --> 00:13:11,009 open since Windows 95 98, 361 00:13:12,060 --> 00:13:14,169 we actually told them, OK, 362 00:13:14,170 --> 00:13:16,409 when you're fixing this, use this key 363 00:13:16,410 --> 00:13:17,849 generation. 364 00:13:17,850 --> 00:13:20,279 The contractor then suggests 365 00:13:20,280 --> 00:13:22,079 or asked us that they can use a specific 366 00:13:22,080 --> 00:13:24,659 tutorial. It's linked to the science, 367 00:13:24,660 --> 00:13:26,789 and the tutorial basically describes how 368 00:13:26,790 --> 00:13:28,899 to properly castle type structure, 369 00:13:28,900 --> 00:13:31,139 which is owned by time for calling 370 00:13:31,140 --> 00:13:32,519 this runs. 371 00:13:32,520 --> 00:13:34,649 So your compiler draws 372 00:13:34,650 --> 00:13:36,239 less warnings when you do the same 373 00:13:36,240 --> 00:13:38,669 insecure stuff, they do not 374 00:13:38,670 --> 00:13:40,799 after you specifically told them not to 375 00:13:40,800 --> 00:13:43,139 do this. And the tutorial itself 376 00:13:43,140 --> 00:13:45,599 mentions that you shouldn't 377 00:13:45,600 --> 00:13:48,059 really use it for anything serious. 378 00:13:49,440 --> 00:13:51,749 So, yeah, pretty embarrassing. 379 00:13:51,750 --> 00:13:53,699 And I think it's not this single 380 00:13:53,700 --> 00:13:55,859 contract. I think it's a 381 00:13:55,860 --> 00:13:57,929 it's a general description of rogue 382 00:13:57,930 --> 00:13:59,999 contractors that supplied stuff 383 00:14:00,000 --> 00:14:01,000 to governments 384 00:14:02,800 --> 00:14:04,889 and other from the previous government or 385 00:14:04,890 --> 00:14:05,879 whatever. Not. 386 00:14:05,880 --> 00:14:08,069 So these issues are bogus because the 387 00:14:08,070 --> 00:14:09,659 encryption is already told the growth at 388 00:14:09,660 --> 00:14:12,239 this point. But if the fixed, 389 00:14:12,240 --> 00:14:14,129 the first thing is will become relevant 390 00:14:15,450 --> 00:14:16,739 when you are encrypting data with the 391 00:14:16,740 --> 00:14:19,049 blocks over the blocks at all, encrypt 392 00:14:19,050 --> 00:14:21,149 16 bytes and whatever the book says, 393 00:14:21,150 --> 00:14:23,279 is that the kind that means you 394 00:14:23,280 --> 00:14:25,379 will? If you have something bigger than 395 00:14:25,380 --> 00:14:27,509 that, you will need to encrypt it in some 396 00:14:27,510 --> 00:14:28,979 intelligent way. 397 00:14:28,980 --> 00:14:31,169 ECB is awesome whatsoever, which 398 00:14:31,170 --> 00:14:33,449 is a 269 encrypt them 399 00:14:33,450 --> 00:14:35,359 the next 60 right and give them the same 400 00:14:35,360 --> 00:14:36,360 and so on. 401 00:14:36,900 --> 00:14:38,849 This is a bad idea because if you have 402 00:14:38,850 --> 00:14:40,829 the same plaintext to investigate the 403 00:14:40,830 --> 00:14:42,989 Samsung Galaxy, that means that 404 00:14:42,990 --> 00:14:45,269 you have failed with the zeros. 405 00:14:45,270 --> 00:14:47,249 The attacker will be able which to see 406 00:14:47,250 --> 00:14:50,039 which areas are completely full of zeros. 407 00:14:50,040 --> 00:14:51,539 And I think you can see which parts of 408 00:14:51,540 --> 00:14:53,429 the file. I don't think and I think we 409 00:14:53,430 --> 00:14:55,619 can also see if you encrypt the same 410 00:14:55,620 --> 00:14:57,299 types of times that he sees. 411 00:14:57,300 --> 00:14:58,860 OK, these two folks, I don't think 412 00:15:00,030 --> 00:15:01,979 this may seem theoretical. 413 00:15:01,980 --> 00:15:03,959 So let's give it the more practical 414 00:15:03,960 --> 00:15:04,919 example. 415 00:15:04,920 --> 00:15:06,209 This is an image. 416 00:15:06,210 --> 00:15:08,309 It's a little bit more because of the. 417 00:15:08,310 --> 00:15:10,409 So it's a bit nervous to roll 418 00:15:10,410 --> 00:15:12,539 into just an encrypted end with 419 00:15:12,540 --> 00:15:14,649 a proposed agreement and then 420 00:15:14,650 --> 00:15:16,589 the call that the makers of it, right? 421 00:15:16,590 --> 00:15:17,909 Can you guess what those images? 422 00:15:20,930 --> 00:15:23,159 I assume this answer here, as long 423 00:15:23,160 --> 00:15:25,380 it's not inside the image myself. 424 00:15:31,150 --> 00:15:34,299 So let's give you another chance. 425 00:15:34,300 --> 00:15:35,829 This is the same emerging group that 426 00:15:35,830 --> 00:15:36,830 Mississippi. 427 00:15:37,750 --> 00:15:39,759 And this is actually true today simply 428 00:15:39,760 --> 00:15:41,409 because I simply this planet. 429 00:15:41,410 --> 00:15:43,489 So this is when you actually get 430 00:15:43,490 --> 00:15:45,009 the feeling for something that's not 431 00:15:45,010 --> 00:15:47,229 triggering all my views around this 432 00:15:47,230 --> 00:15:48,279 issue. Is this relatable? 433 00:15:49,450 --> 00:15:50,949 You can see the issue, I guess, as you 434 00:15:50,950 --> 00:15:53,049 can probably guess, but it's still a lot. 435 00:15:54,710 --> 00:15:56,889 So yes, it 436 00:15:56,890 --> 00:15:58,000 is a serious problem. 437 00:15:59,200 --> 00:16:00,699 Of course, the entire block don't have to 438 00:16:00,700 --> 00:16:02,619 be identical to get the same result. 439 00:16:02,620 --> 00:16:04,749 So if you look here, for 440 00:16:04,750 --> 00:16:06,839 example, I don't know 441 00:16:06,840 --> 00:16:08,859 how easy it is to see from the bank, but 442 00:16:08,860 --> 00:16:10,599 you have your different point of view. 443 00:16:10,600 --> 00:16:12,879 You don't see why there is no uniform 444 00:16:12,880 --> 00:16:14,949 pattern here that all of the areas well, 445 00:16:14,950 --> 00:16:16,330 then adjusted once. 446 00:16:18,340 --> 00:16:20,889 So if 447 00:16:20,890 --> 00:16:22,989 if you have thought of where every pixel 448 00:16:22,990 --> 00:16:24,010 contains a bit of noise, 449 00:16:25,810 --> 00:16:28,449 even as you encrypt it, it would be 450 00:16:28,450 --> 00:16:30,609 the result would be pretty OK. 451 00:16:30,610 --> 00:16:32,379 The same goes for compressed data because 452 00:16:32,380 --> 00:16:34,269 it's round the two blocks are completely 453 00:16:34,270 --> 00:16:35,289 identical. 454 00:16:35,290 --> 00:16:36,849 However, if you have for all bitcoins 455 00:16:36,850 --> 00:16:38,769 locked, so there is like in this example, 456 00:16:38,770 --> 00:16:40,969 this will never be another example 457 00:16:40,970 --> 00:16:43,209 where this will remove this database. 458 00:16:43,210 --> 00:16:45,279 And that's what this system was 459 00:16:45,280 --> 00:16:46,419 designed to encrypt. 460 00:16:46,420 --> 00:16:48,639 So, yeah, it's a problem, and 461 00:16:48,640 --> 00:16:50,859 it's a practical problem if 462 00:16:50,860 --> 00:16:52,509 you have to implement this. 463 00:16:52,510 --> 00:16:54,069 You shouldn't. If you should have a 464 00:16:54,070 --> 00:16:55,749 library that those for you. 465 00:16:55,750 --> 00:16:58,179 But what this time as you use CBD, 466 00:16:58,180 --> 00:17:00,519 for example, which means 467 00:17:00,520 --> 00:17:02,619 you XOR the latest with 468 00:17:02,620 --> 00:17:03,880 the random you 469 00:17:04,960 --> 00:17:07,299 at the beginning, you start to scramble 470 00:17:07,300 --> 00:17:09,249 and think it's just the randomize, the 471 00:17:09,250 --> 00:17:11,858 plaintext, and then you take the output 472 00:17:11,859 --> 00:17:14,049 of the first encryption of the first look 473 00:17:15,490 --> 00:17:17,709 you, which is random 474 00:17:17,710 --> 00:17:19,209 and use it to randomize and explain 475 00:17:19,210 --> 00:17:20,858 things before encryption for decryption. 476 00:17:20,859 --> 00:17:23,499 You first decrypt and then you use 477 00:17:23,500 --> 00:17:26,259 Encrypt the cipher next, which you have 478 00:17:26,260 --> 00:17:28,358 to explore it and then you get the actual 479 00:17:28,359 --> 00:17:29,439 benefits. 480 00:17:29,440 --> 00:17:30,939 So this is how it's done correctly. 481 00:17:30,940 --> 00:17:33,189 Everyone does it, except well, 482 00:17:33,190 --> 00:17:34,190 people who reside 483 00:17:36,100 --> 00:17:38,769 in all this integrated you. 484 00:17:38,770 --> 00:17:39,849 If you encrypt the file, 485 00:17:40,930 --> 00:17:43,299 you might assume that the attacker cannot 486 00:17:43,300 --> 00:17:45,309 change the file without you noticing 487 00:17:45,310 --> 00:17:47,079 because of the crippling damage. 488 00:17:47,080 --> 00:17:48,319 This is not true. 489 00:17:48,320 --> 00:17:51,459 This is not true even if you use CBC. 490 00:17:51,460 --> 00:17:53,559 People will think so, especially if they 491 00:17:53,560 --> 00:17:54,849 have no background encryption. 492 00:17:54,850 --> 00:17:56,379 Even some of the new electronic 493 00:17:56,380 --> 00:17:58,599 encryption and people who are relying on 494 00:17:58,600 --> 00:18:00,729 encrypted file, which currently decrypt 495 00:18:00,730 --> 00:18:01,899 to be unchanged. 496 00:18:01,900 --> 00:18:03,969 You cannot realize 497 00:18:03,970 --> 00:18:05,679 when if you have an ECB encrypt the 498 00:18:05,680 --> 00:18:07,769 parts, you can sign 499 00:18:07,770 --> 00:18:09,669 them and you can simply swap against the 500 00:18:09,670 --> 00:18:11,949 following decrypt and the next 501 00:18:11,950 --> 00:18:13,839 box will be swapped in the same way as 502 00:18:13,840 --> 00:18:15,519 opposed to text books. 503 00:18:15,520 --> 00:18:16,899 So again, this could be a problem. 504 00:18:16,900 --> 00:18:18,639 You could possibly even manipulate the 505 00:18:18,640 --> 00:18:20,109 database in a meaningful way 506 00:18:21,370 --> 00:18:22,659 for CBC. 507 00:18:22,660 --> 00:18:24,819 You can, even for CBC, 508 00:18:24,820 --> 00:18:26,889 you can truncate the file 509 00:18:26,890 --> 00:18:28,419 you at the beginning and the end. 510 00:18:28,420 --> 00:18:30,429 So it didn't come out a bit of the file 511 00:18:30,430 --> 00:18:32,709 as long as it's aligned to block on risk 512 00:18:32,710 --> 00:18:34,599 and will still operate correctly to 513 00:18:34,600 --> 00:18:35,709 decrypt. So 514 00:18:37,090 --> 00:18:39,129 this could also lead to some attacks 515 00:18:39,130 --> 00:18:41,109 which are in the moment. 516 00:18:41,110 --> 00:18:42,849 There's another type of cipher gridlock 517 00:18:42,850 --> 00:18:44,529 in the box office here, which encrypted 518 00:18:44,530 --> 00:18:46,749 the look like lock the screen sizes and 519 00:18:46,750 --> 00:18:49,269 this is dream cycle like operation 520 00:18:49,270 --> 00:18:50,349 multiple examples. 521 00:18:50,350 --> 00:18:52,209 If you do this, you can even flip 522 00:18:52,210 --> 00:18:53,889 individual bits. That means if you flip 523 00:18:53,890 --> 00:18:56,019 the script and the plane things in the 524 00:18:56,020 --> 00:18:57,489 same place, the first bit and the 525 00:18:57,490 --> 00:18:58,869 plaintext will be flipped. That means if 526 00:18:58,870 --> 00:19:01,299 you noticed plaintext or parts of it, 527 00:19:01,300 --> 00:19:03,429 you can actually change it through the 528 00:19:03,430 --> 00:19:04,629 encryption. 529 00:19:04,630 --> 00:19:07,179 This was actually exploited in the wild 530 00:19:07,180 --> 00:19:09,309 with the V, the one 531 00:19:09,310 --> 00:19:11,379 of those that have been previously in my 532 00:19:11,380 --> 00:19:13,569 phone, and this was one 533 00:19:13,570 --> 00:19:15,069 of the things that were broken with it. 534 00:19:17,080 --> 00:19:19,209 So a practical example of how you can 535 00:19:19,210 --> 00:19:21,069 break in security of a phone. 536 00:19:22,180 --> 00:19:23,949 You are the attacker and you want to make 537 00:19:23,950 --> 00:19:25,829 a five people ending. 538 00:19:25,830 --> 00:19:26,830 And 539 00:19:27,970 --> 00:19:30,069 I don't know how familiar you haven't got 540 00:19:30,070 --> 00:19:32,409 archives, but the headline is 541 00:19:32,410 --> 00:19:34,639 this is at the end and 542 00:19:34,640 --> 00:19:36,279 now completely ignores any garbage and 543 00:19:36,280 --> 00:19:37,839 from those archives so that you take, for 544 00:19:37,840 --> 00:19:39,909 example, the JPEG, which is the length at 545 00:19:39,910 --> 00:19:42,759 the beginning and end around. 546 00:19:42,760 --> 00:19:44,829 Then you have a hybrid file, which is at 547 00:19:44,830 --> 00:19:46,609 the same time of an object that will 548 00:19:46,610 --> 00:19:48,669 correctly display in nearly any 549 00:19:48,670 --> 00:19:50,949 giving you and the correct 550 00:19:50,950 --> 00:19:52,899 Rafael, which will correctly strike 551 00:19:52,900 --> 00:19:54,999 depending on what program you 552 00:19:55,000 --> 00:19:56,000 open with it. 553 00:19:57,730 --> 00:19:59,949 So now let's take the real 554 00:19:59,950 --> 00:20:02,679 time you want to send the victim 555 00:20:02,680 --> 00:20:04,749 and make the you have 556 00:20:04,750 --> 00:20:07,089 two people, one symbol 557 00:20:07,090 --> 00:20:09,039 in Brisbane, that you want to fool the 558 00:20:09,040 --> 00:20:11,289 recipient into believing that 559 00:20:11,290 --> 00:20:13,509 the phone is actually coming from the 560 00:20:13,510 --> 00:20:15,819 victim. Send them to make the 561 00:20:15,820 --> 00:20:17,709 victim send the encrypted. 562 00:20:17,710 --> 00:20:19,959 That looks harmless because it's pure 563 00:20:19,960 --> 00:20:22,929 evil, wrong and behind this 564 00:20:22,930 --> 00:20:25,149 some decoding. Rather, it looks like 565 00:20:25,150 --> 00:20:27,129 the guy might want forwarded to the other 566 00:20:27,130 --> 00:20:28,130 guy to the victim. 567 00:20:29,950 --> 00:20:32,449 Encrypted your DNA sample things, 568 00:20:32,450 --> 00:20:34,869 you truncated the cut of the decoy. 569 00:20:34,870 --> 00:20:37,119 You have an even encrypted with his 570 00:20:37,120 --> 00:20:39,189 key, which ruled the grid 571 00:20:39,190 --> 00:20:40,190 correctly. 572 00:20:41,050 --> 00:20:42,459 Of course, you need to match a block on 573 00:20:42,460 --> 00:20:44,199 the river. That simply means aligning it 574 00:20:44,200 --> 00:20:45,400 to 60 months. 575 00:20:47,290 --> 00:20:49,449 So and then the 576 00:20:49,450 --> 00:20:51,519 victim will receive a part of the 577 00:20:51,520 --> 00:20:53,649 picture came from the other guy 578 00:20:53,650 --> 00:20:55,809 who wanted to be talking about the two 579 00:20:55,810 --> 00:20:56,810 of 580 00:20:58,000 --> 00:21:00,129 you can not protect this against 581 00:21:00,130 --> 00:21:02,199 this attack by simply defending the hash 582 00:21:02,200 --> 00:21:03,549 and encrypting it. This is what many 583 00:21:03,550 --> 00:21:06,009 people try, and it does not work 584 00:21:06,010 --> 00:21:08,199 because you can from here, 585 00:21:08,200 --> 00:21:10,389 take a listen when you put the event 586 00:21:10,390 --> 00:21:12,279 file and then you put the hands that you 587 00:21:12,280 --> 00:21:14,579 will find in there, then you both 588 00:21:14,580 --> 00:21:17,349 equally, then the real Henry gets another 589 00:21:17,350 --> 00:21:18,369 thing in your book. 590 00:21:18,370 --> 00:21:20,679 Well, now he's a drunkard and you get 591 00:21:20,680 --> 00:21:22,720 the red part, which you have to do 592 00:21:24,970 --> 00:21:26,109 this red. 593 00:21:26,110 --> 00:21:28,219 And that means that the 594 00:21:28,220 --> 00:21:29,889 book correctly decrypt the hash will be 595 00:21:29,890 --> 00:21:32,229 there. It will appear to work 596 00:21:32,230 --> 00:21:34,369 and will be vulnerable again 597 00:21:34,370 --> 00:21:35,949 if you have the screen cycles. 598 00:21:35,950 --> 00:21:38,349 You can simply, if 599 00:21:38,350 --> 00:21:40,269 someone does the same thing, which they 600 00:21:40,270 --> 00:21:42,489 did in the web, they found something 601 00:21:42,490 --> 00:21:43,509 even more stupid. But 602 00:21:44,680 --> 00:21:46,959 you can do it orange in the military. 603 00:21:46,960 --> 00:21:48,639 You have the blanket. So you know exactly 604 00:21:48,640 --> 00:21:50,079 what it's right and you flip. 605 00:21:50,080 --> 00:21:52,299 You can calculate what it should be. 606 00:21:52,300 --> 00:21:53,529 And then you flip the bits you need to 607 00:21:53,530 --> 00:21:54,530 flip. And that's a. 608 00:21:56,660 --> 00:21:58,839 So if you will, if you do a do 609 00:21:58,840 --> 00:22:00,839 you do anything at the tricky for us, use 610 00:22:00,840 --> 00:22:02,449 the library, we will do it yourself. 611 00:22:03,680 --> 00:22:05,749 But if you have to do it and if 612 00:22:05,750 --> 00:22:07,609 you do, is you drive a separate jeep. 613 00:22:07,610 --> 00:22:09,889 That means you take the one 614 00:22:09,890 --> 00:22:11,089 car you have to the garage and then 615 00:22:11,090 --> 00:22:12,979 virtually you drive more than the Asian 616 00:22:12,980 --> 00:22:15,169 people and then you 617 00:22:15,170 --> 00:22:17,479 encrypt the file with 618 00:22:17,480 --> 00:22:19,579 the court in an encrypted file with one 619 00:22:19,580 --> 00:22:20,580 thing and then you 620 00:22:21,800 --> 00:22:23,959 run them and connect with the 621 00:22:23,960 --> 00:22:25,459 second key or the entire thing. 622 00:22:26,720 --> 00:22:28,099 You should be careful because they are 623 00:22:28,100 --> 00:22:29,929 spending on record checks and stuff like 624 00:22:29,930 --> 00:22:32,059 that. So do not lose yourself. 625 00:22:32,060 --> 00:22:34,669 Simply take a library that hopefully 626 00:22:34,670 --> 00:22:36,289 was made by people who know what they're 627 00:22:36,290 --> 00:22:37,579 doing. 628 00:22:37,580 --> 00:22:39,799 There's also automatic cipher modes 629 00:22:39,800 --> 00:22:41,749 where the encryption is. 630 00:22:41,750 --> 00:22:42,679 Literally, it means that the 631 00:22:42,680 --> 00:22:44,779 authentication so you don't 632 00:22:44,780 --> 00:22:46,579 have to perform the cryptographic 633 00:22:46,580 --> 00:22:47,690 operations of the data. 634 00:22:48,950 --> 00:22:51,139 You can use those, of course, 635 00:22:51,140 --> 00:22:53,329 if you have them available and 636 00:22:53,330 --> 00:22:54,979 all the things that you get through 637 00:22:54,980 --> 00:22:56,299 encryption like tools. 638 00:22:56,300 --> 00:22:58,669 And he filed some of the checks. 639 00:22:58,670 --> 00:23:00,859 I'm not sure if they check the length. 640 00:23:00,860 --> 00:23:03,259 So maybe you can just use any random 641 00:23:03,260 --> 00:23:05,379 key Ring five 642 00:23:05,380 --> 00:23:07,459 as a key. But I actually don't think they 643 00:23:07,460 --> 00:23:08,569 change. 644 00:23:08,570 --> 00:23:10,819 So if you decrypt 645 00:23:10,820 --> 00:23:13,939 the file with your own key, well, 646 00:23:13,940 --> 00:23:16,039 it shows you that the decrypted the 647 00:23:16,040 --> 00:23:18,229 file and you get out 648 00:23:18,230 --> 00:23:20,149 and then you wonder why you would run and 649 00:23:20,150 --> 00:23:22,279 you don't get any indication whatsoever. 650 00:23:22,280 --> 00:23:24,229 And from there, there's no security, 651 00:23:24,230 --> 00:23:25,909 political, there's just a usability right 652 00:23:25,910 --> 00:23:27,109 now. 653 00:23:27,110 --> 00:23:29,149 But if you can use rank and file 654 00:23:29,150 --> 00:23:32,119 encryption and somebody decides to 655 00:23:32,120 --> 00:23:34,239 encrypt the runtime, it's either more 656 00:23:34,240 --> 00:23:37,309 using itself as the key. 657 00:23:37,310 --> 00:23:39,439 And I think you can guess the key because 658 00:23:39,440 --> 00:23:41,599 that's the head of the merchant, which 659 00:23:41,600 --> 00:23:42,619 is always the same. 660 00:23:42,620 --> 00:23:44,869 And the issue of the file. So there 661 00:23:44,870 --> 00:23:46,999 needs to be some side of 662 00:23:47,000 --> 00:23:48,020 the traceability, and there 663 00:23:49,580 --> 00:23:50,630 is no reason humans. 664 00:23:52,670 --> 00:23:54,799 So summarize the findings about 665 00:23:54,800 --> 00:23:57,109 the J-school this vengeance 666 00:23:57,110 --> 00:23:59,409 tool, which this 667 00:23:59,410 --> 00:24:01,489 database application, which has 668 00:24:01,490 --> 00:24:03,709 encryption as a safe feature 669 00:24:03,710 --> 00:24:05,959 and is often used for 670 00:24:05,960 --> 00:24:07,380 hydrogen in general. 671 00:24:08,450 --> 00:24:10,369 This encryption is totally broken in 672 00:24:10,370 --> 00:24:12,199 nearly every possible way. 673 00:24:12,200 --> 00:24:14,299 The only thing that is not overgrowth is 674 00:24:14,300 --> 00:24:16,999 the cyber itself, despite it being 675 00:24:17,000 --> 00:24:18,949 an stomatitis, and this is actually 676 00:24:18,950 --> 00:24:19,950 pretty interesting. 677 00:24:21,740 --> 00:24:24,229 But we can recover the key 678 00:24:24,230 --> 00:24:26,419 and totally break encryption with minimal 679 00:24:26,420 --> 00:24:27,559 effort. 680 00:24:27,560 --> 00:24:29,839 So this is all the right in 681 00:24:29,840 --> 00:24:31,279 the classical software. 682 00:24:31,280 --> 00:24:33,439 The official file encryption software is 683 00:24:33,440 --> 00:24:35,359 likely not affected by this because it 684 00:24:35,360 --> 00:24:37,339 separates. I, like you mentioned multiple 685 00:24:37,340 --> 00:24:39,469 times because people often confuse 686 00:24:39,470 --> 00:24:41,409 this. So if you use that against the 687 00:24:41,410 --> 00:24:43,699 system, you're probably most affected 688 00:24:43,700 --> 00:24:46,249 too much by this. If you use the case to 689 00:24:46,250 --> 00:24:47,509 encrypt encrypted individual 690 00:24:47,510 --> 00:24:49,130 congratulations that are compromised. 691 00:24:51,550 --> 00:24:52,619 Is going to play within 692 00:24:54,120 --> 00:24:56,449 it if it was first discovered in secure 693 00:24:56,450 --> 00:24:58,579 of which was discovered by just didn't 694 00:24:58,580 --> 00:25:00,799 result because it's really, really 695 00:25:00,800 --> 00:25:02,869 simple to see is you simply 696 00:25:02,870 --> 00:25:04,279 looking for an encrypted file? 697 00:25:04,280 --> 00:25:06,199 And if it has multiple blocks or just 698 00:25:06,200 --> 00:25:07,550 saying it's EACB? 699 00:25:08,960 --> 00:25:09,979 And that's what he did. 700 00:25:09,980 --> 00:25:11,329 He published it in 2008. 701 00:25:12,620 --> 00:25:15,109 We found this during a research and 702 00:25:15,110 --> 00:25:17,209 yeah, this is the first time that 703 00:25:17,210 --> 00:25:18,349 something is very wrong. 704 00:25:18,350 --> 00:25:20,719 But if you choose them, 705 00:25:21,740 --> 00:25:23,839 once you started 706 00:25:23,840 --> 00:25:25,239 doing it, I think it would be easy. 707 00:25:25,240 --> 00:25:27,349 Hey, do you want to my results 708 00:25:27,350 --> 00:25:29,719 and the reply team, if you analyze 709 00:25:29,720 --> 00:25:32,119 this, we'll send out Lawrence up to you. 710 00:25:32,120 --> 00:25:34,579 So he did research and marketing, 711 00:25:34,580 --> 00:25:36,559 told anything about the results, and he 712 00:25:36,560 --> 00:25:39,139 found basically the same things we did, 713 00:25:39,140 --> 00:25:40,939 which we only heard about later because 714 00:25:40,940 --> 00:25:42,499 he didn't publish it. 715 00:25:42,500 --> 00:25:45,409 He actually proceeded to use this 716 00:25:45,410 --> 00:25:48,169 one encryption as a challenge 717 00:25:48,170 --> 00:25:49,999 before and after the second dose, and it 718 00:25:50,000 --> 00:25:51,229 was solved. 719 00:25:51,230 --> 00:25:53,930 So this highly secure. 720 00:25:55,950 --> 00:25:57,089 It's really. 721 00:25:58,500 --> 00:26:00,479 Well, listen, you have a challenge, so I 722 00:26:00,480 --> 00:26:02,909 think it might 723 00:26:02,910 --> 00:26:05,039 have been reported, the BBC by 724 00:26:05,040 --> 00:26:06,359 whoever sold it. 725 00:26:06,360 --> 00:26:07,379 I'm not sure about it. 726 00:26:07,380 --> 00:26:08,380 We don't know. 727 00:26:09,660 --> 00:26:11,829 In 2011, approximately 728 00:26:11,830 --> 00:26:13,559 the same time where this incident 729 00:26:13,560 --> 00:26:15,450 happened, we were really Lawrence's. 730 00:26:16,470 --> 00:26:17,899 We collected the B.S. 731 00:26:17,900 --> 00:26:20,039 that individual told them, he said, 732 00:26:20,040 --> 00:26:22,729 was a file labeled this something 733 00:26:22,730 --> 00:26:24,269 some doesn't file. 734 00:26:24,270 --> 00:26:25,619 OK, here's the leader of the fire. 735 00:26:25,620 --> 00:26:26,620 We need to talk. 736 00:26:28,020 --> 00:26:30,089 And they were very friendly 737 00:26:30,090 --> 00:26:31,089 at first. 738 00:26:31,090 --> 00:26:33,359 We'll describe that exact issue. 739 00:26:33,360 --> 00:26:35,729 They made an advisory. 740 00:26:35,730 --> 00:26:37,409 You probably shouldn't use encryption 741 00:26:37,410 --> 00:26:38,789 anymore. They announced that they're 742 00:26:38,790 --> 00:26:40,499 going to be releasing the service, making 743 00:26:40,500 --> 00:26:41,500 fixes it. 744 00:26:42,240 --> 00:26:43,919 They only give us another one credit, 745 00:26:43,920 --> 00:26:45,839 like some researchers from the 746 00:26:45,840 --> 00:26:48,179 government, and advisory 747 00:26:48,180 --> 00:26:49,349 is hard to find today. 748 00:26:49,350 --> 00:26:50,549 It basically disappeared from the 749 00:26:50,550 --> 00:26:52,889 website. I won't say it's my list. 750 00:26:52,890 --> 00:26:54,659 I think there's a we don't have the 751 00:26:54,660 --> 00:26:56,369 website. I'm looking for all the emails 752 00:26:56,370 --> 00:26:57,720 and I it the lose the whole time. 753 00:27:00,540 --> 00:27:02,639 Well, it's many people 754 00:27:02,640 --> 00:27:04,769 who didn't reach it didn't tell us, 755 00:27:04,770 --> 00:27:06,899 or we can get into more with 756 00:27:06,900 --> 00:27:08,229 them, gave them advice. 757 00:27:08,230 --> 00:27:09,749 So who was a comic? 758 00:27:09,750 --> 00:27:12,179 I let's use sounds and reply to 759 00:27:12,180 --> 00:27:14,249 the suggestion by the window to correctly 760 00:27:14,250 --> 00:27:15,630 cast the time spectrum 761 00:27:16,710 --> 00:27:18,989 and to provide the ABC with 762 00:27:18,990 --> 00:27:20,309 a draft of a paper. 763 00:27:20,310 --> 00:27:22,079 Let me describe that over, and we just 764 00:27:22,080 --> 00:27:23,699 got and they didn't like it, but we 765 00:27:23,700 --> 00:27:25,869 received the rest, the 766 00:27:25,870 --> 00:27:27,989 be specific and translating it 767 00:27:27,990 --> 00:27:29,819 here. Thank you for the work you have put 768 00:27:29,820 --> 00:27:32,159 into further analysis of 769 00:27:32,160 --> 00:27:33,209 the previous engineering. 770 00:27:33,210 --> 00:27:35,309 These products constitutes a breach 771 00:27:35,310 --> 00:27:37,559 of copyright and then be prosecuted very 772 00:27:37,560 --> 00:27:39,569 strictly by warlords. 773 00:27:39,570 --> 00:27:41,189 I therefore urge you to request that the 774 00:27:41,190 --> 00:27:42,629 document remains confidential. 775 00:27:42,630 --> 00:27:43,679 Can you please confirm that? 776 00:27:43,680 --> 00:27:46,049 So it was pretty clear that they 777 00:27:46,050 --> 00:27:48,029 basically do not publish what will settle 778 00:27:48,030 --> 00:27:50,429 on something they have been entrusted 779 00:27:50,430 --> 00:27:52,409 with? And if it didn't let it all go when 780 00:27:52,410 --> 00:27:54,779 we researched the actual legal situation 781 00:27:54,780 --> 00:27:56,969 and said, OK, we think it's actually 782 00:27:56,970 --> 00:27:57,970 legal to publish it. 783 00:27:59,070 --> 00:28:00,660 Software is protected by copyright 784 00:28:01,770 --> 00:28:04,559 security, I wrote 69. 785 00:28:04,560 --> 00:28:06,719 The section free the loss 786 00:28:06,720 --> 00:28:08,399 absorbing program. 787 00:28:08,400 --> 00:28:10,079 Nobody knows what this means. 788 00:28:10,080 --> 00:28:12,209 So we're not looking 789 00:28:12,210 --> 00:28:15,089 at it with a view my lawyer is observing. 790 00:28:15,090 --> 00:28:17,459 A lot is unclear and 791 00:28:17,460 --> 00:28:20,519 well, if they sue us in 792 00:28:20,520 --> 00:28:22,709 the federal court, we throw away in 793 00:28:22,710 --> 00:28:24,839 10 years, tell us whether it was legal 794 00:28:24,840 --> 00:28:26,160 or whether we go to judgments 795 00:28:27,240 --> 00:28:29,339 and 69 e-mails. 796 00:28:29,340 --> 00:28:31,439 That allows the company for its 797 00:28:31,440 --> 00:28:32,729 operability purposes. 798 00:28:32,730 --> 00:28:34,229 But that put some limitations in the 799 00:28:34,230 --> 00:28:36,329 stuff you get in. So it's unclear 800 00:28:36,330 --> 00:28:37,979 if you can publish the results. 801 00:28:37,980 --> 00:28:40,259 For example, anybody who's themselves not 802 00:28:40,260 --> 00:28:42,359 copyrighted in Germany, which is 803 00:28:42,360 --> 00:28:44,729 this, would certainly not in the section. 804 00:28:44,730 --> 00:28:46,179 And I would like to point out we did not 805 00:28:46,180 --> 00:28:47,429 for use in the original court. 806 00:28:47,430 --> 00:28:49,259 We didn't have it. We looked at the data 807 00:28:49,260 --> 00:28:51,419 and we wrote it on paper, actually 808 00:28:51,420 --> 00:28:53,969 in only minor the description. 809 00:28:53,970 --> 00:28:55,649 And then we went on to implement that. 810 00:28:55,650 --> 00:28:57,509 So to make absolutely sure we do not 811 00:28:57,510 --> 00:28:59,579 accidentally use some of their votes. 812 00:28:59,580 --> 00:29:01,649 And of this is until something. 813 00:29:01,650 --> 00:29:03,869 So we went the very 814 00:29:03,870 --> 00:29:05,669 fine way to protect ourselves legally. 815 00:29:05,670 --> 00:29:07,349 We raised a lot of time in the research. 816 00:29:07,350 --> 00:29:08,939 We did not get too much into the council 817 00:29:08,940 --> 00:29:10,529 because there isn't one. 818 00:29:10,530 --> 00:29:11,699 They might still sue us. 819 00:29:11,700 --> 00:29:13,679 I don't think they will. 820 00:29:13,680 --> 00:29:15,959 But it sucks 821 00:29:15,960 --> 00:29:17,579 that people give you legal threats. 822 00:29:17,580 --> 00:29:19,679 In response to have been, we delayed 823 00:29:19,680 --> 00:29:21,329 the publication to give them time to read 824 00:29:21,330 --> 00:29:23,669 from the bench, which would indicate 825 00:29:23,670 --> 00:29:24,959 that some group, some or all of them 826 00:29:24,960 --> 00:29:26,489 asked them several times here. 827 00:29:26,490 --> 00:29:28,559 Do you want to do something 828 00:29:28,560 --> 00:29:31,169 about it? It's been a year, 829 00:29:31,170 --> 00:29:33,329 and about two and a half years 830 00:29:33,330 --> 00:29:35,009 later, we finally published a service 831 00:29:35,010 --> 00:29:36,809 book, which raises the issue. 832 00:29:38,010 --> 00:29:40,109 A month after that, there were also some 833 00:29:40,110 --> 00:29:42,299 small talk involved in any issues 834 00:29:42,300 --> 00:29:43,339 that involve the government. 835 00:29:43,340 --> 00:29:45,869 You may want to see the slides, 836 00:29:45,870 --> 00:29:47,799 then they go for a little bit longer. 837 00:29:48,810 --> 00:29:50,529 We then two months later, because we were 838 00:29:50,530 --> 00:29:52,559 quite lazy to do it after two years, it 839 00:29:52,560 --> 00:29:53,939 didn't matter to the. 840 00:29:53,940 --> 00:29:55,799 We published advisory and I sent them the 841 00:29:55,800 --> 00:29:57,419 Freedom of Information Act request for 842 00:29:57,420 --> 00:29:59,069 some further details, but I didn't get a 843 00:29:59,070 --> 00:30:00,719 response. If it's perfectly OK, they're 844 00:30:00,720 --> 00:30:03,359 still within the time limit for that. 845 00:30:03,360 --> 00:30:05,189 So it's my fault that I found it too 846 00:30:05,190 --> 00:30:07,169 late, but we might get some interesting 847 00:30:07,170 --> 00:30:09,119 answer. The fix was to simply disable 848 00:30:09,120 --> 00:30:12,199 encryption, but never use user interface 849 00:30:12,200 --> 00:30:14,039 that action on the back of a trial 850 00:30:14,040 --> 00:30:15,689 because the encryption was broken. 851 00:30:15,690 --> 00:30:16,889 There's better encryption available 852 00:30:16,890 --> 00:30:18,419 today, so just disable it. 853 00:30:18,420 --> 00:30:20,489 However, the U.S. limitation is it 854 00:30:20,490 --> 00:30:21,929 doesn't work that simply the buttons 855 00:30:21,930 --> 00:30:24,539 break out. No indication whatsoever. 856 00:30:24,540 --> 00:30:26,789 And there are some, some small 857 00:30:26,790 --> 00:30:28,409 and pretty interesting warning in the 858 00:30:28,410 --> 00:30:30,029 documentation. So some people might 859 00:30:30,030 --> 00:30:31,739 actually continue to use the old version 860 00:30:31,740 --> 00:30:33,809 because, well, you will need to choose 861 00:30:33,810 --> 00:30:34,779 from. 862 00:30:34,780 --> 00:30:36,599 And so this is excellent. 863 00:30:36,600 --> 00:30:38,699 I've actually talked with some 864 00:30:38,700 --> 00:30:41,159 talk with some people 865 00:30:41,160 --> 00:30:43,229 who use this tool for fighting 866 00:30:43,230 --> 00:30:45,299 corruption, and this was like one 867 00:30:45,300 --> 00:30:46,859 year after the initial advisory. 868 00:30:46,860 --> 00:30:49,019 They didn't have an idea, for instance, 869 00:30:49,020 --> 00:30:50,939 that there's something that they were 870 00:30:50,940 --> 00:30:52,629 hoping for this year to fly. 871 00:30:52,630 --> 00:30:54,509 So I think the old one that's going to be 872 00:30:54,510 --> 00:30:55,409 thrown out anyway. 873 00:30:55,410 --> 00:30:57,149 Well, yes, conflict is not going to 874 00:30:57,150 --> 00:30:59,099 happen. They didn't know it at the time. 875 00:31:00,510 --> 00:31:02,789 We did think about when we should 876 00:31:02,790 --> 00:31:03,790 publish this. 877 00:31:04,500 --> 00:31:06,629 Security and obscurity could be of 878 00:31:06,630 --> 00:31:08,429 the design secure over an animal to keep 879 00:31:08,430 --> 00:31:10,619 it secret in addition 880 00:31:10,620 --> 00:31:11,879 to it. 881 00:31:11,880 --> 00:31:14,009 It will improve security. 882 00:31:14,010 --> 00:31:16,079 OK, there will be this review Celeste 883 00:31:16,080 --> 00:31:18,299 risk. The more is the issues will stay 884 00:31:18,300 --> 00:31:19,859 undiscovered, but it will be more 885 00:31:19,860 --> 00:31:21,389 difficult to criminalize it. 886 00:31:21,390 --> 00:31:23,519 So the idea to use nonviolent 887 00:31:23,520 --> 00:31:26,699 humans is not totally crazy. 888 00:31:26,700 --> 00:31:28,829 Despite being very unpopular, 889 00:31:30,090 --> 00:31:31,739 but in the end, the bad guys like the 890 00:31:31,740 --> 00:31:33,419 NSA, they know about this. 891 00:31:33,420 --> 00:31:35,639 If you ever see ASML's and then 892 00:31:35,640 --> 00:31:37,589 you find the distance from Orlando to 893 00:31:37,590 --> 00:31:39,519 build it, you can get the codes. 894 00:31:39,520 --> 00:31:41,579 You will be able to get the algorithm and 895 00:31:41,580 --> 00:31:43,109 reverse engineering is easy. 896 00:31:43,110 --> 00:31:45,869 And if they can do it, so 897 00:31:45,870 --> 00:31:48,089 we are not accidentally 898 00:31:48,090 --> 00:31:51,089 disclosing some state secrets that will 899 00:31:51,090 --> 00:31:53,429 endanger those drums that 900 00:31:53,430 --> 00:31:54,749 they did reveal something. 901 00:31:54,750 --> 00:31:56,829 So we decided that, no, 902 00:31:56,830 --> 00:31:58,589 it's not unusual to publish it, and we 903 00:31:58,590 --> 00:32:00,299 need to bring awareness to the users 904 00:32:00,300 --> 00:32:02,599 because the Lazarus went very 905 00:32:02,600 --> 00:32:03,600 public. 906 00:32:03,960 --> 00:32:06,299 They have enough time to fix it. 907 00:32:06,300 --> 00:32:07,679 The progress was very slow. 908 00:32:07,680 --> 00:32:09,299 I think it would have been faster if you 909 00:32:09,300 --> 00:32:11,459 told them we'll publish very soon, 910 00:32:11,460 --> 00:32:13,169 and it's been three years since the 911 00:32:13,170 --> 00:32:15,029 initial advisory. 912 00:32:15,030 --> 00:32:17,009 You sufficient been notified. 913 00:32:17,010 --> 00:32:18,719 As I said, the visor is hard to find 914 00:32:18,720 --> 00:32:20,669 officials aren't there and against what 915 00:32:20,670 --> 00:32:22,829 is used as a general kind 916 00:32:22,830 --> 00:32:25,019 of virtue to me by people 917 00:32:25,020 --> 00:32:26,679 who really shouldn't use it for a while. 918 00:32:26,680 --> 00:32:28,409 I would say no. 919 00:32:28,410 --> 00:32:30,189 Yeah, it was a problem, and they were 920 00:32:30,190 --> 00:32:32,039 easy for us to get all of the evidence 921 00:32:32,040 --> 00:32:33,800 off the air and going to the signals 922 00:32:35,550 --> 00:32:37,919 and the events of all these issues will 923 00:32:37,920 --> 00:32:40,259 go on in 2003, but 924 00:32:40,260 --> 00:32:42,899 not that little CVC was invented 925 00:32:42,900 --> 00:32:44,699 three decades ago. 926 00:32:44,700 --> 00:32:46,889 So it is embarrassing and especially 927 00:32:46,890 --> 00:32:48,179 embarrassing to the BBC. 928 00:32:48,180 --> 00:32:49,769 Did not do any review because they don't 929 00:32:49,770 --> 00:32:51,450 have cash was a problem. 930 00:32:53,160 --> 00:32:55,169 Lessons learned for publication. 931 00:32:55,170 --> 00:32:56,849 If you find the security issue, give them 932 00:32:56,850 --> 00:32:58,649 a hard deadline, preferably less than one 933 00:32:58,650 --> 00:33:01,349 year, and tell them no matter what you 934 00:33:01,350 --> 00:33:03,089 release a metronome, we don't care at 935 00:33:03,090 --> 00:33:04,649 this time it will be published. 936 00:33:04,650 --> 00:33:07,049 I think especially if the issue is 937 00:33:07,050 --> 00:33:09,029 as easy to fix us here, but certainly 938 00:33:10,320 --> 00:33:12,209 I think this will have significant sped 939 00:33:12,210 --> 00:33:13,830 up the development of ethics 940 00:33:14,870 --> 00:33:16,709 and the new personal policy. 941 00:33:16,710 --> 00:33:18,869 Any legal threats in any time if it 942 00:33:18,870 --> 00:33:20,849 fails or something, we immediately 943 00:33:20,850 --> 00:33:22,450 publication, I think following will any 944 00:33:22,451 --> 00:33:23,451 moment they. 945 00:33:30,540 --> 00:33:32,759 I will not waste several days to research 946 00:33:32,760 --> 00:33:34,889 whether it's legal to comment on it 947 00:33:34,890 --> 00:33:36,269 when it's published, they have less 948 00:33:36,270 --> 00:33:37,769 motivation to sue me because it will 949 00:33:37,770 --> 00:33:40,469 achieve nothing except rather than affect 950 00:33:40,470 --> 00:33:41,459 your mileage may vary. 951 00:33:41,460 --> 00:33:43,679 You may get sued, but 952 00:33:43,680 --> 00:33:45,929 it will say it'll probably save a lot 953 00:33:45,930 --> 00:33:47,399 of lives, especially if you know full 954 00:33:47,400 --> 00:33:48,849 disclosure from the beginning, because 955 00:33:48,850 --> 00:33:50,049 then they don't even get to make a 956 00:33:50,050 --> 00:33:52,109 difference. It's not nice, I 957 00:33:52,110 --> 00:33:53,639 don't you? I'm from the middle with 958 00:33:53,640 --> 00:33:55,379 everyone I know, even with the Brazilian 959 00:33:55,380 --> 00:33:56,460 blood, you know, 960 00:33:58,200 --> 00:34:00,299 so I don't have much time 961 00:34:00,300 --> 00:34:02,069 for the key elements that says you'll be 962 00:34:02,070 --> 00:34:04,149 able to see the slides. 963 00:34:04,150 --> 00:34:06,299 And yeah, it's 964 00:34:06,300 --> 00:34:08,289 probably more entertaining dozens of 965 00:34:08,290 --> 00:34:09,238 people. 966 00:34:09,239 --> 00:34:10,819 It's a lot safer, with more than six 967 00:34:10,820 --> 00:34:12,988 officers in Colombia 968 00:34:12,989 --> 00:34:15,388 on those they claim to use one 969 00:34:15,389 --> 00:34:16,619 to the treatments. 970 00:34:16,620 --> 00:34:18,269 Plus two tricks on 971 00:34:20,880 --> 00:34:22,678 the other itself was one of the six 972 00:34:22,679 --> 00:34:23,819 events. 973 00:34:23,820 --> 00:34:25,979 It gets expanded to 974 00:34:25,980 --> 00:34:28,289 13 times six people around or 975 00:34:28,290 --> 00:34:30,689 64 the 64, and he's still you. 976 00:34:30,690 --> 00:34:32,638 Which explains why the he was generating 977 00:34:32,639 --> 00:34:34,259 the 104 bytes. 978 00:34:34,260 --> 00:34:36,319 It was no provides, but 979 00:34:36,320 --> 00:34:38,488 they the created 980 00:34:38,489 --> 00:34:39,499 creatinine that he's getting news all 981 00:34:39,500 --> 00:34:41,669 influences looks at the 64 makes. 982 00:34:41,670 --> 00:34:43,738 It's optimized for 32 bit sea 983 00:34:43,739 --> 00:34:45,959 views and consists of 984 00:34:45,960 --> 00:34:48,238 12 rounds plus one key addition 985 00:34:48,239 --> 00:34:49,239 drones, for example. 986 00:34:50,460 --> 00:34:52,289 They add the wrong keys here. 987 00:34:53,460 --> 00:34:55,769 Then you have a 988 00:34:55,770 --> 00:34:58,499 one bucket as box, 989 00:34:58,500 --> 00:35:00,449 the box the truffles, and then you have 990 00:35:00,450 --> 00:35:02,699 something pretty unusual a variable among 991 00:35:02,700 --> 00:35:04,559 shifts or the shift around events here 992 00:35:04,560 --> 00:35:06,719 that they do, which makes it this 993 00:35:06,720 --> 00:35:08,549 much more interesting. So different, 994 00:35:08,550 --> 00:35:09,550 isn't it? 995 00:35:10,170 --> 00:35:12,270 This matrix multiplication 996 00:35:14,250 --> 00:35:15,250 in the middle. 997 00:35:16,020 --> 00:35:17,819 The constants on a given encryption for 998 00:35:17,820 --> 00:35:20,039 the encryption they are in 999 00:35:20,040 --> 00:35:22,739 some source code my my, my publish. 1000 00:35:22,740 --> 00:35:24,719 But I guess the people will probably be 1001 00:35:24,720 --> 00:35:25,720 able to drive them. 1002 00:35:27,060 --> 00:35:28,469 So this is a moderate, and it looks like 1003 00:35:28,470 --> 00:35:31,109 moderates multiplication in the 1004 00:35:31,110 --> 00:35:32,759 utterances are multiplied. 1005 00:35:32,760 --> 00:35:35,249 So basically, the two halves 1006 00:35:35,250 --> 00:35:37,409 of the data model 1007 00:35:37,410 --> 00:35:38,759 are the keys, and I think that's 1008 00:35:38,760 --> 00:35:40,859 nonsense. Then again, a variable 1009 00:35:40,860 --> 00:35:42,989 shift and escorts, which is 1010 00:35:42,990 --> 00:35:45,239 inverse to the first one and the 1011 00:35:45,240 --> 00:35:47,489 microphone is 1012 00:35:47,490 --> 00:35:49,799 what's assigned versus here's 1013 00:35:49,800 --> 00:35:50,949 one of them. 1014 00:35:50,950 --> 00:35:51,990 I've highlighted 1015 00:35:53,220 --> 00:35:56,939 one of the values which is in position 1016 00:35:56,940 --> 00:35:59,010 hexadecimal one 1017 00:36:00,960 --> 00:36:04,109 tree, and 1018 00:36:04,110 --> 00:36:06,159 the value is the hexagons in the Z, 1019 00:36:06,160 --> 00:36:07,160 right. 1020 00:36:07,650 --> 00:36:10,019 So for the second, this as blocks we have 1021 00:36:10,020 --> 00:36:12,539 in the little pixels and zero f, 1022 00:36:12,540 --> 00:36:15,479 I love those one three. 1023 00:36:15,480 --> 00:36:17,039 So all the display turns as you take a 1024 00:36:17,040 --> 00:36:19,379 bite. You have an array 1025 00:36:19,380 --> 00:36:21,199 of 26 divided and 1026 00:36:22,380 --> 00:36:24,779 256 values, and 1027 00:36:24,780 --> 00:36:27,069 if divide is 15, 1028 00:36:27,070 --> 00:36:29,399 then you take the position of the 15 1029 00:36:29,400 --> 00:36:31,919 at the 15th position in the area. 1030 00:36:31,920 --> 00:36:34,139 So if you divide Franciscus 1031 00:36:34,140 --> 00:36:35,399 once and for the sake of those posts, 1032 00:36:35,400 --> 00:36:36,599 will be the same again because they're 1033 00:36:36,600 --> 00:36:37,600 inverse, 1034 00:36:38,910 --> 00:36:40,929 the keys give you a great in 32 bit 1035 00:36:40,930 --> 00:36:41,969 address. 1036 00:36:41,970 --> 00:36:44,309 The first five integers are 1037 00:36:44,310 --> 00:36:45,310 the original key. 1038 00:36:46,200 --> 00:36:48,269 Then you then only for 1039 00:36:48,270 --> 00:36:50,369 the fifth and only position you take 1040 00:36:50,370 --> 00:36:52,589 the, you know, the 1041 00:36:52,590 --> 00:36:55,079 integer five positions before that 1042 00:36:55,080 --> 00:36:57,449 right? It's all right granted 1043 00:36:57,450 --> 00:36:59,089 by seven widths. 1044 00:36:59,090 --> 00:37:01,800 Um, you take the integer three positions 1045 00:37:03,390 --> 00:37:04,349 to the left. 1046 00:37:04,350 --> 00:37:06,629 Multiply that by constant pixels 1047 00:37:06,630 --> 00:37:08,849 of three three three three three 1048 00:37:08,850 --> 00:37:10,949 three three three you x all 1049 00:37:10,950 --> 00:37:12,329 the rules, and that's the next key. 1050 00:37:12,330 --> 00:37:14,729 So it's pretty simple keys get you in 1051 00:37:14,730 --> 00:37:17,219 the end, they add to the position 1052 00:37:17,220 --> 00:37:18,719 to the key. It's interesting to 1053 00:37:18,720 --> 00:37:20,939 Philstocks Philstocks fifth in the 1054 00:37:20,940 --> 00:37:22,949 sixth attributes, increments of classics 1055 00:37:22,950 --> 00:37:23,950 and so on. 1056 00:37:26,640 --> 00:37:27,929 So you read in the cycle, looks 1057 00:37:27,930 --> 00:37:30,329 reasonable, said you said you're I cannot 1058 00:37:30,330 --> 00:37:32,489 have this myself, but 1059 00:37:32,490 --> 00:37:34,079 there's a quick cursory look. 1060 00:37:34,080 --> 00:37:35,849 This doesn't mean it is secure, but it's 1061 00:37:35,850 --> 00:37:37,769 not the usual snake oil that you used to 1062 00:37:37,770 --> 00:37:39,959 see with all the theoretical attacks that 1063 00:37:39,960 --> 00:37:42,389 reduces if you take a 1064 00:37:42,390 --> 00:37:44,399 fight. If you reduce it to five rounds 1065 00:37:44,400 --> 00:37:46,889 instead of 10 rounds, 1066 00:37:46,890 --> 00:37:48,779 then you can break it at the complexity 1067 00:37:48,780 --> 00:37:51,329 of two to the power of on the 14th 1068 00:37:51,330 --> 00:37:53,399 of June 2016 will find the 1069 00:37:53,400 --> 00:37:55,469 same tactics against the Sun all 1070 00:37:55,470 --> 00:37:57,719 the time. So this is a purely theoretical 1071 00:37:57,720 --> 00:37:58,739 and trivial 1072 00:38:00,240 --> 00:38:01,769 result for crypto users. 1073 00:38:01,770 --> 00:38:03,719 It's not anything that indicates that the 1074 00:38:03,720 --> 00:38:06,269 cycle would be so 1075 00:38:06,270 --> 00:38:08,519 is this feels most probably the cycles 1076 00:38:08,520 --> 00:38:10,409 of just isn't going to be easy because 1077 00:38:10,410 --> 00:38:12,569 this contract definitely didn't 1078 00:38:12,570 --> 00:38:14,769 design anything that works in this way. 1079 00:38:14,770 --> 00:38:16,349 Because crypto is hard, I can do it. 1080 00:38:16,350 --> 00:38:19,139 And this contract suddenly concludes 1081 00:38:19,140 --> 00:38:20,639 it's unlikely to the best into the 1082 00:38:20,640 --> 00:38:23,129 separate. So far, she hasn't lost. 1083 00:38:23,130 --> 00:38:25,199 But it could differ from the regular 1084 00:38:25,200 --> 00:38:26,399 classrooms. 1085 00:38:26,400 --> 00:38:28,409 This possibility was explicitly mentioned 1086 00:38:28,410 --> 00:38:30,169 in. Look, it was a data that they have 1087 00:38:30,170 --> 00:38:31,569 very little burden. 1088 00:38:31,570 --> 00:38:33,219 So, for example, the costumes, the 1089 00:38:33,220 --> 00:38:35,469 sponsors, the number of rounds, possibly 1090 00:38:35,470 --> 00:38:37,989 even the kiss can do could be modified. 1091 00:38:37,990 --> 00:38:39,999 And since you know, the contract that we 1092 00:38:40,000 --> 00:38:42,219 don't the that actually encrypted 1093 00:38:42,220 --> 00:38:43,959 codes, I think it was the contract. 1094 00:38:43,960 --> 00:38:46,119 So it's always possible that they 1095 00:38:46,120 --> 00:38:48,839 made some mistake that change 1096 00:38:48,840 --> 00:38:51,939 without making it stop encrypting 1097 00:38:51,940 --> 00:38:53,709 in a way that the file gets decrypted 1098 00:38:53,710 --> 00:38:55,899 again. So we cannot 1099 00:38:55,900 --> 00:38:58,209 be 100 percent sure, but it will be very 1100 00:38:58,210 --> 00:38:59,829 similar to actually. 1101 00:38:59,830 --> 00:39:02,079 So summarize the key aspects, either 1102 00:39:02,080 --> 00:39:04,269 on its own words, something it's its 1103 00:39:04,270 --> 00:39:06,459 public. Analyze it. 1104 00:39:06,460 --> 00:39:08,499 The implementation in years to is totally 1105 00:39:08,500 --> 00:39:10,239 broken. The best most likely didn't 1106 00:39:10,240 --> 00:39:11,949 review it because it's really obvious, 1107 00:39:11,950 --> 00:39:13,379 especially if you have the source code. 1108 00:39:13,380 --> 00:39:15,489 If you don't have the source code and 1109 00:39:15,490 --> 00:39:17,749 government, I think drive this summer. 1110 00:39:17,750 --> 00:39:19,689 I think that's a pretty generic term. 1111 00:39:19,690 --> 00:39:21,849 There will be exceptions, but the general 1112 00:39:21,850 --> 00:39:24,039 rule is designed and do not 1113 00:39:24,040 --> 00:39:26,049 implement prepare yourself, not even by 1114 00:39:26,050 --> 00:39:27,649 using existing over. 1115 00:39:27,650 --> 00:39:29,709 If they didn't use this, they could have 1116 00:39:29,710 --> 00:39:31,179 made exactly the same as these. 1117 00:39:31,180 --> 00:39:32,709 Take those implications. 1118 00:39:32,710 --> 00:39:33,759 The arguments of this? 1119 00:39:33,760 --> 00:39:36,639 Okay, so do not do it. 1120 00:39:36,640 --> 00:39:39,249 You say, well, libraries and that's it. 1121 00:39:39,250 --> 00:39:40,929 I some questions do before we go to the 1122 00:39:40,930 --> 00:39:43,299 future. And I think if any of you 1123 00:39:43,300 --> 00:39:46,029 know, anyone who uses guests would 1124 00:39:46,030 --> 00:39:48,249 or have used it themselves do. 1125 00:39:48,250 --> 00:39:50,169 If you know how to use this spiritual 1126 00:39:50,170 --> 00:39:51,999 moment as they go through modification, 1127 00:39:52,000 --> 00:39:54,079 please tell me if you have examples of 1128 00:39:54,080 --> 00:39:56,199 users who relied on it and would be 1129 00:39:56,200 --> 00:39:57,639 surprised by this book. 1130 00:39:57,640 --> 00:39:59,829 Well, I would like to hear 1131 00:39:59,830 --> 00:40:01,449 interesting stories. 1132 00:40:01,450 --> 00:40:03,699 Thank you for that, and you have 1133 00:40:03,700 --> 00:40:04,700 nothing to do in. 1134 00:40:14,160 --> 00:40:15,809 At the end of the year, I know, and I 1135 00:40:15,810 --> 00:40:17,009 would like to make a personal 1136 00:40:17,010 --> 00:40:19,589 announcement on my project, so 1137 00:40:19,590 --> 00:40:20,590 yeah. 1138 00:40:21,820 --> 00:40:24,309 OK, well, thank you very much. 1139 00:40:24,310 --> 00:40:26,109 And if you have any questions, could you 1140 00:40:26,110 --> 00:40:28,329 please line up at the microphones to 1141 00:40:28,330 --> 00:40:31,119 that use the microphones because 1142 00:40:31,120 --> 00:40:32,349 the streams are recorded? 1143 00:40:32,350 --> 00:40:34,509 And before you line up, I could just 1144 00:40:34,510 --> 00:40:36,609 ask, you got any questions from 1145 00:40:36,610 --> 00:40:37,629 the internet? 1146 00:40:37,630 --> 00:40:39,999 Well, I think the names are crunch, 1147 00:40:40,000 --> 00:40:41,709 but we have any questions from the Irish 1148 00:40:41,710 --> 00:40:42,729 Sea. 1149 00:40:42,730 --> 00:40:45,029 Not great. Move to 1150 00:40:45,030 --> 00:40:46,389 somebody else and the question of the 1151 00:40:46,390 --> 00:40:47,369 moment. 1152 00:40:47,370 --> 00:40:49,779 OK, then let's have microphone 1153 00:40:49,780 --> 00:40:51,379 number one. 1154 00:40:51,380 --> 00:40:53,209 Hey, is there? 1155 00:40:53,210 --> 00:40:54,399 So did I get this right? 1156 00:40:54,400 --> 00:40:56,619 The analysis that you did? 1157 00:40:56,620 --> 00:40:58,899 The algorithm is all from guess 1158 00:40:58,900 --> 00:41:01,169 to the right and not from this other 1159 00:41:01,170 --> 00:41:03,639 the Cosmos tool that you mentioned. 1160 00:41:03,640 --> 00:41:06,249 OK. Yes, that is correct. 1161 00:41:06,250 --> 00:41:07,989 We do not have access to the key elements 1162 00:41:07,990 --> 00:41:10,479 to it. We saw we only have two 1163 00:41:10,480 --> 00:41:11,589 world wars in the East. 1164 00:41:11,590 --> 00:41:14,249 Two, unless we can compare it to 1165 00:41:14,250 --> 00:41:17,019 some of the other tools is not public. 1166 00:41:17,020 --> 00:41:18,319 The autotools is not public. 1167 00:41:18,320 --> 00:41:20,859 You cannot even buy it without 1168 00:41:20,860 --> 00:41:22,149 proving that you have some public 1169 00:41:22,150 --> 00:41:23,649 interest in it. Right? 1170 00:41:23,650 --> 00:41:24,939 It's being deployed. Doesn't they try to 1171 00:41:24,940 --> 00:41:26,859 keep everything secret? 1172 00:41:26,860 --> 00:41:28,089 There might be some variations. 1173 00:41:28,090 --> 00:41:29,090 So yeah. 1174 00:41:30,670 --> 00:41:32,889 OK, so this is actually the first 1175 00:41:32,890 --> 00:41:34,150 analysis of this algorithm. 1176 00:41:35,200 --> 00:41:36,200 As I said, 1177 00:41:37,300 --> 00:41:39,369 there was another analysis by 1178 00:41:39,370 --> 00:41:40,599 live in Jerusalem. 1179 00:41:40,600 --> 00:41:42,969 It was not designed to publish 1180 00:41:42,970 --> 00:41:45,159 until they hear the talk about 1181 00:41:45,160 --> 00:41:47,349 it in rather limited 1182 00:41:47,350 --> 00:41:49,409 the limited audience. 1183 00:41:51,490 --> 00:41:53,589 But at the time where we did 1184 00:41:53,590 --> 00:41:56,129 it, it was the first animals. 1185 00:41:56,130 --> 00:41:58,329 As we went around, there were 1186 00:41:58,330 --> 00:42:00,159 obviously there was a little, but that 1187 00:42:00,160 --> 00:42:02,789 wasn't published at the time, I think. 1188 00:42:02,790 --> 00:42:04,489 OK, microphone number four 1189 00:42:05,710 --> 00:42:08,079 of those tools, rather than a storage 1190 00:42:08,080 --> 00:42:10,269 device to the making of something 1191 00:42:10,270 --> 00:42:12,909 God is good for them now 1192 00:42:12,910 --> 00:42:14,799 as he is supervising only things about 1193 00:42:14,800 --> 00:42:17,049 the film, something of which is not not 1194 00:42:17,050 --> 00:42:19,149 the high schools and 1195 00:42:19,150 --> 00:42:21,229 stuff, of course, and it feels as the 1196 00:42:21,230 --> 00:42:23,439 art world when he is called 04.50 1197 00:42:23,440 --> 00:42:24,589 dolphins or too much. 1198 00:42:24,590 --> 00:42:26,499 Yes, most of my time, Mr. Wilson. 1199 00:42:26,500 --> 00:42:28,659 So from this young woman, 1200 00:42:28,660 --> 00:42:29,919 good down. If I hadn't, if it wasn't 1201 00:42:29,920 --> 00:42:31,569 Vince, then I understand if it's a 1202 00:42:31,570 --> 00:42:33,639 variant of Cosmos, then 1203 00:42:33,640 --> 00:42:35,589 it's a very hands officially created by 1204 00:42:35,590 --> 00:42:37,779 the BBC, so it 1205 00:42:37,780 --> 00:42:39,369 could still be a slightly different 1206 00:42:39,370 --> 00:42:41,619 algorithm and be so defined for 1207 00:42:41,620 --> 00:42:43,509 those it would be. But I do not think 1208 00:42:43,510 --> 00:42:45,799 it's so defined for any the 1209 00:42:45,800 --> 00:42:46,919 of the encryption. 1210 00:42:46,920 --> 00:42:48,239 Doesn't mean it's not useful. 1211 00:42:51,510 --> 00:42:53,269 OK. Microphone number one, please. 1212 00:42:54,510 --> 00:42:56,189 You that you've described the situation 1213 00:42:56,190 --> 00:42:58,679 in which government department is 1214 00:42:58,680 --> 00:43:01,169 encouraging people to use an algorithm 1215 00:43:01,170 --> 00:43:02,849 that they know is broken, they're trying 1216 00:43:02,850 --> 00:43:05,129 to suppress people saying 1217 00:43:05,130 --> 00:43:06,569 that it's broken. 1218 00:43:06,570 --> 00:43:08,489 What's the legal comeback on them from 1219 00:43:08,490 --> 00:43:11,579 users who could sue them for, 1220 00:43:11,580 --> 00:43:13,829 you know, pushing a tool that's not fit 1221 00:43:13,830 --> 00:43:15,749 for purpose? Or do they have a disclaimer 1222 00:43:15,750 --> 00:43:17,550 in jest to saying, 1223 00:43:18,930 --> 00:43:20,969 you know, we give no warranties for this 1224 00:43:20,970 --> 00:43:23,429 at all? I mean, they're effectively 1225 00:43:23,430 --> 00:43:25,529 encouraging people to use a product 1226 00:43:25,530 --> 00:43:27,719 that's not only broken for them 1227 00:43:27,720 --> 00:43:30,029 to see, but yeah, it's in the same minds 1228 00:43:30,030 --> 00:43:31,520 that's easily breakable by anyone. 1229 00:43:32,820 --> 00:43:35,219 We saw businesses secure the soda 1230 00:43:35,220 --> 00:43:36,989 and they made an advisory that you should 1231 00:43:36,990 --> 00:43:37,919 not use the encryption. 1232 00:43:37,920 --> 00:43:40,239 I simply think it was a published moment 1233 00:43:40,240 --> 00:43:41,469 enough. 1234 00:43:41,470 --> 00:43:43,829 And one of the things is I 1235 00:43:43,830 --> 00:43:45,929 don't think they would have been 1236 00:43:45,930 --> 00:43:47,609 for another three political game is 1237 00:43:47,610 --> 00:43:49,829 broken, maybe even if we told 1238 00:43:49,830 --> 00:43:50,919 them, OK, it's broken. 1239 00:43:50,920 --> 00:43:52,259 And in that way. 1240 00:43:52,260 --> 00:43:54,059 Well, did it work? I think what they 1241 00:43:54,060 --> 00:43:55,979 really didn't like is that we planned to 1242 00:43:55,980 --> 00:43:58,349 publish the Cosmos accurate description 1243 00:43:58,350 --> 00:44:00,330 itself, which was almost like novel. 1244 00:44:01,410 --> 00:44:03,599 I think that's what really got me 1245 00:44:03,600 --> 00:44:04,959 because until then they were friendly, 1246 00:44:04,960 --> 00:44:06,209 and when they sold, they were in 1247 00:44:06,210 --> 00:44:07,109 descriptions of people. 1248 00:44:07,110 --> 00:44:08,339 That's when we got the email. 1249 00:44:10,150 --> 00:44:11,880 Okay, market for no phone, please. 1250 00:44:13,500 --> 00:44:15,629 Well, you mentioned that 1251 00:44:15,630 --> 00:44:17,709 a file 1252 00:44:17,710 --> 00:44:19,949 of possibly encrypted with the 1253 00:44:19,950 --> 00:44:21,089 officials. Yes. 1254 00:44:21,090 --> 00:44:22,289 Miss tool on the internet. 1255 00:44:23,700 --> 00:44:25,769 Are they using the same file 1256 00:44:25,770 --> 00:44:26,770 for? 1257 00:44:27,460 --> 00:44:29,549 You know, the heels of the 1258 00:44:29,550 --> 00:44:31,589 fiasco between Windows Phone is, as I 1259 00:44:31,590 --> 00:44:33,209 said, obfuscated. It's a completely 1260 00:44:33,210 --> 00:44:35,279 different life on Earth and you 1261 00:44:35,280 --> 00:44:37,329 can actually see us through they use of 1262 00:44:37,330 --> 00:44:39,269 very interesting license and licensing 1263 00:44:39,270 --> 00:44:41,549 scheme or DRM scheme. 1264 00:44:41,550 --> 00:44:43,619 If you want to get an 1265 00:44:43,620 --> 00:44:45,359 update for the essential windows to 1266 00:44:45,360 --> 00:44:48,119 download for Windows Update 1267 00:44:48,120 --> 00:44:50,009 encrypted the cosmos. 1268 00:44:50,010 --> 00:44:51,409 It's the key is public, 1269 00:44:52,650 --> 00:44:54,989 but you you simply need the software 1270 00:44:54,990 --> 00:44:56,339 because otherwise you can kind of drip 1271 00:44:56,340 --> 00:44:57,340 nothing. 1272 00:44:58,230 --> 00:45:00,749 And so we got some of these updates 1273 00:45:00,750 --> 00:45:02,849 and that was more signed with X 1274 00:45:02,850 --> 00:45:04,409 Y and lose this box. 1275 00:45:04,410 --> 00:45:05,410 We made no progress. 1276 00:45:07,170 --> 00:45:09,239 So that's no help 1277 00:45:09,240 --> 00:45:11,429 in verifying whether through 1278 00:45:11,430 --> 00:45:13,919 several implementations of the, you 1279 00:45:13,920 --> 00:45:15,639 know, it's to obfuscate or to make and 1280 00:45:15,640 --> 00:45:17,699 use. And there was also some 1281 00:45:17,700 --> 00:45:21,179 leak of data stolen from. 1282 00:45:21,180 --> 00:45:22,829 I think it's sort of, I don't know, 1283 00:45:22,830 --> 00:45:24,629 something where some hacker group take 1284 00:45:24,630 --> 00:45:26,699 them. They have something to try to 1285 00:45:26,700 --> 00:45:28,619 do, but I don't think doesn't contain any 1286 00:45:28,620 --> 00:45:30,179 copies of that on the internet. 1287 00:45:31,830 --> 00:45:33,299 Thank you. 1288 00:45:33,300 --> 00:45:35,129 Great microphone number one, please. 1289 00:45:35,130 --> 00:45:36,329 Thank you. 1290 00:45:36,330 --> 00:45:38,579 So is the 1291 00:45:38,580 --> 00:45:41,309 GST to keep stored on a disk 1292 00:45:41,310 --> 00:45:43,319 so that that key get protected by a 1293 00:45:43,320 --> 00:45:44,320 password? 1294 00:45:45,920 --> 00:45:48,209 He has missed keys are key files 1295 00:45:48,210 --> 00:45:50,189 which are simply stored and put in the 1296 00:45:50,190 --> 00:45:51,989 platform and without any remitting any 1297 00:45:51,990 --> 00:45:53,119 protection in anything. 1298 00:45:54,930 --> 00:45:57,179 Well, I mean, you 1299 00:45:57,180 --> 00:45:58,529 have to stop them from affecting. 1300 00:45:58,530 --> 00:45:59,639 Somehow you could protect them. 1301 00:45:59,640 --> 00:46:01,199 But the council about no, that's not what 1302 00:46:01,200 --> 00:46:02,200 they're doing. 1303 00:46:02,820 --> 00:46:03,820 Thanks. 1304 00:46:04,590 --> 00:46:05,729 OK. 1305 00:46:05,730 --> 00:46:07,229 In the meantime, many residents from the 1306 00:46:07,230 --> 00:46:09,359 internet know, for instance, 1307 00:46:09,360 --> 00:46:11,459 from the internet business back to you. 1308 00:46:12,540 --> 00:46:14,899 OK, thank you for letting me at home. 1309 00:46:14,900 --> 00:46:17,609 Hope it was good. 1310 00:46:17,610 --> 00:46:18,610 It was my first call. 1311 00:46:27,900 --> 00:46:30,589 This is yet to be an experiment, 1312 00:46:30,590 --> 00:46:33,199 and it will be really great to have 1313 00:46:33,200 --> 00:46:35,449 some small part of it here 1314 00:46:35,450 --> 00:46:36,979 in the Congress because there's a lot of 1315 00:46:36,980 --> 00:46:39,169 people so I can test it with more than 10 1316 00:46:39,170 --> 00:46:40,729 devices in the room. So if we could get 1317 00:46:40,730 --> 00:46:42,799 100 participants on 1318 00:46:42,800 --> 00:46:44,119 this new course using the tool at the 1319 00:46:44,120 --> 00:46:45,559 same time, this would be great. 1320 00:46:45,560 --> 00:46:47,659 It's a new tool it creates for to be a 1321 00:46:47,660 --> 00:46:49,069 connection between the participating 1322 00:46:49,070 --> 00:46:50,749 phones and colleagues in a whole. 1323 00:46:50,750 --> 00:46:52,309 Well, these connections work. 1324 00:46:52,310 --> 00:46:54,409 There's a privacy policy in the App 1325 00:46:54,410 --> 00:46:55,489 Store. 1326 00:46:55,490 --> 00:46:57,679 You can get you can get 1327 00:46:57,680 --> 00:46:59,479 through the program by entering peer to 1328 00:46:59,480 --> 00:47:01,609 peer P2P experiment and 1329 00:47:01,610 --> 00:47:02,899 explorer. 1330 00:47:02,900 --> 00:47:04,669 If you have any questions, I'll be 1331 00:47:04,670 --> 00:47:06,859 running around here and Congress 1332 00:47:06,860 --> 00:47:09,079 and, you know, email me on something, 1333 00:47:09,080 --> 00:47:11,209 and this will provide research data for 1334 00:47:11,210 --> 00:47:12,859 all of it to be, which would be very 1335 00:47:12,860 --> 00:47:14,929 valuable for censorship resistance. 1336 00:47:14,930 --> 00:47:17,089 So if you police officer, if you have 1337 00:47:17,090 --> 00:47:18,889 an Android device with Android two or 1338 00:47:18,890 --> 00:47:21,109 three six on your work, please just 1339 00:47:21,110 --> 00:47:22,709 download it run and you just need to run 1340 00:47:22,710 --> 00:47:23,809 the full time to Congress. 1341 00:47:23,810 --> 00:47:25,999 You can install it after thought that 1342 00:47:26,000 --> 00:47:28,219 would be really, really, really helpful 1343 00:47:28,220 --> 00:47:30,289 if you would just make sure it can the 1344 00:47:30,290 --> 00:47:31,849 phones at the end just give it time 1345 00:47:31,850 --> 00:47:33,079 before it uninstalled. 1346 00:47:33,080 --> 00:47:34,080 Thank you very much. 1347 00:47:34,740 --> 00:47:35,740 Thank you. 1348 00:47:40,290 --> 00:47:41,789 Preparations to run, 1349 00:47:41,790 --> 00:47:43,899 I think in the application 1350 00:47:43,900 --> 00:47:45,809 of America's admission that it actually 1351 00:47:45,810 --> 00:47:48,059 needs which it is, 1352 00:47:48,060 --> 00:47:50,159 I don't know them all for you, little 1353 00:47:50,160 --> 00:47:52,619 off my internet access, long uploads 1354 00:47:52,620 --> 00:47:55,109 and Bluetooth, obviously 1355 00:47:55,110 --> 00:47:58,019 for Bluetooth communications. 1356 00:47:58,020 --> 00:48:00,539 It does not collect location data. 1357 00:48:00,540 --> 00:48:01,949 That's truly the most important thing, 1358 00:48:01,950 --> 00:48:03,749 and obviously it doesn't believe in zero 1359 00:48:03,750 --> 00:48:04,980 numbers or stuff from your phones. 1360 00:48:06,180 --> 00:48:07,949 OK, well, thank you very much. 1361 00:48:07,950 --> 00:48:10,019 Thank you for this talk on the way out. 1362 00:48:10,020 --> 00:48:11,969 Could you please take all the trash with 1363 00:48:11,970 --> 00:48:14,009 you that you brought in so we have to cut 1364 00:48:14,010 --> 00:48:15,329 you off the rolls? 1365 00:48:15,330 --> 00:48:16,619 Thank you very much, everybody.