Good info there from wiki. So, if someone were THAT (9 days) serious about getting the data, he might as well re-flash the whole phone to avoid any trace-backs, destroy root-kits etc. I know I would do that. Which again brings us back to the same point, as the thread says... of DATA protection and not the phone itself. If I am a data thief why will I bother keeping the SD card on the phone. I will simply take it out, put it in my memory card reader and start hacking it. The only way I wont be able to get it (easily) if the data on the SD card itself was hidden/encrypted/unreadable. We have to isolate the phone from data here.
Rahul J On Sun, Jun 1, 2008 at 4:38 AM, Ilja O. <[EMAIL PROTECTED]> wrote: > On Sat, May 31, 2008 at 8:13 PM, Rahul Joshi <[EMAIL PROTECTED]> wrote: > > I'm no security expert but I'm pretty sure a lightweight 8 bit salt > > encryption (security guys?) can give any dektop pc software enough > trouble > > to abort the attempt of trying to read a 256 meg worth of datacard, > unless > > it really belongs to the director operations FBI ;) > > > > <shamelesly edited copy from wikipedia> > Assume a user's secret key is stolen and he is known to use one of > 200,000 English words as his password. The system uses a 8-bit salt. > The amount of combinations is 256*200000 = 51200000. > </shamelesly copy from wikipedia> > > If attacker chacks one hash per second and has 64-core beowulf > cluster it will require 9 days to check all possible combinations. > That's not so much, imo. > Also, processors are cheap these days one guy [1] has build 96-core > machine (for unknown price). > > [1] http://helmer.sfe.se/ > > _______________________________________________ > Openmoko community mailing list > [email protected] > http://lists.openmoko.org/mailman/listinfo/community >
_______________________________________________ Openmoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
