tag:blogger.com,1999:blog-701969077517001201.post549518057157149690..comments2023-07-06T01:45:39.499+05:30Comments on Nirbheek’s Rantings: Android and Disk EncryptionNirbheekhttp://www.blogger.com/profile/05472526900877533156noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-701969077517001201.post-44470726025876360982012-08-21T07:34:19.307+05:302012-08-21T07:34:19.307+05:30Adamwill,
You're absolutely right. It require...Adamwill,<br /><br />You're absolutely right. It requires some precision, but it can be done.<br /><br />Thanks for pointing it out!Nirbheekhttps://www.blogger.com/profile/05472526900877533156noreply@blogger.comtag:blogger.com,1999:blog-701969077517001201.post-17219641252595148472012-08-21T02:48:41.479+05:302012-08-21T02:48:41.479+05:30"I say almost equivalent because from each no..."I say almost equivalent because from each node on that grid, you can only access adjacent nodes to create patterns"<br /><br />Tiny nit: this isn't strictly true. You can access any other node that's in unobstructed line-of-sight, which includes more than just adjacent. From 5, obviously, you can reach anything. From any other non-corner node, you can reach every other node except the one directly opposite: you can go from 4 to 3 and 9, but not 6. From corner nodes, you can access any non-corner node, but no corners (so from 7, you can get to 2 and 6 as well as the neighbours, but not 1, 3 or 9).<br /><br />People rarely use these non-neighbour links, but android *does* accept them (they can be a pain to draw, though, without accidentally hitting a neighbour on the way by).Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-701969077517001201.post-78624122963904496172012-08-19T15:37:03.215+05:302012-08-19T15:37:03.215+05:30Dear Anonymous Coward,
First off, good lord you&#...Dear Anonymous Coward,<br /><br />First off, good lord you're angry — http://xkcd.com/386/<br /><br />Now, about your comment itself. Since in your eagerness to prove someone on the internet wrong you didn't stop and think, I'll have to do your thinking <i>for you</i>.<br /><br />1) The comment about bicycle locks was a joke.<br /><br />2) Have you tried to brute-force dm-crypt passphrases (or any passwords for that matter)? 10000 combinations get done within minutes if not seconds.<br /><br />3) Did you see me suggest a solution for the problem? Why are you insulting both our intelligences by setting up strawmen solutions to topple down with your wondrous arguments?<br /><br />4) What makes you think I even read Scheiner's blog? :D<br /><br />To be honest, I don't know why you're so angry. Do you have problems in the household or your daily life? ;)Nirbheekhttps://www.blogger.com/profile/05472526900877533156noreply@blogger.comtag:blogger.com,1999:blog-701969077517001201.post-19103596544554330532012-08-19T15:19:07.348+05:302012-08-19T15:19:07.348+05:30...you really don't know anything about securi......you really don't know anything about security, do you? You're just spouting random stuff from the internet, but put together in the wrong way.<br /><br />Bicycle locks with pin codes do not get brute forced. Some of the locks are vulnerable to bypass, but no thief ever stood and rotated the pins for 10000 combinations (4 digit) manually. "as anyone silly enough to use a numeric bicycle lock has found to great distress" - citation needed if I ever saw one.<br /><br />Same thing with phones. Have you actually *tried* to brute force the pin of a phone? Try it, oh I don't know, three times or so? Then get back here.<br /><br />But the biggest thing is that you think that users should enter two pin codes for each login? Or just when booting the phone? Can't tell which. In case one it's a usability nightmare that doesn't really make any practical sense (if you ACTUALLY have the needs for this level of security, as opposed to playing a security guy in the internet, you're running something that just takes a much better pass code). If it's the second, that extra stage is basically useless for all practical purposes except maybe airline travel - and then, see point one.<br /><br />Reading Scheiner's blog is not enough. Dude.Anonymousnoreply@blogger.com