October 7[edit]

Hello, a teacher of mine told me about this scheme some time ago. He told us in class that there is a scheme where you have two keys and one is the real key and one is a fake key so that if you are captured for example and coerced, then you can divulge the fake key which will then reveal a fake image/plaintext getting you off the hook while revealing absolutely nothing about the actual true image/plaintext. Recently, I have been looking to do some reading about this but I can't seem to find anything relevant. Does anyone know what I am talking about? What is this type of a cryptographic scheme called? Any good websites/papers/books/articles? My background in math is pretty good but I don't know much about computer science. So any help would be appreciated. I think he called it deceptive cryptography or something. Thanks! 174.29.63.159 (talk) 06:43, 7 October 2010 (UTC)[reply]

Our article, Deniable encryption, may be a decent starting point for further study. Regards, decltype (talk) 06:53, 7 October 2010 (UTC)[reply]

Yes; the key concept underlying this sort of thing is called steganography. Looie496 (talk) 07:05, 7 October 2010 (UTC)[reply]

Well, steganography may or may not involve cryptography. The OP is specifically asking about a cryptographic scheme. But I agree that the two are related. decltype (talk) 11:30, 7 October 2010 (UTC)[reply]

TrueCrypt contains such a feature. It has inner and outer volumes, the inner one being the one you use to hide what you really want to hide. If you enter the password for the outer volume only, TrueCrypt will reveal the decoy contents - any attempt to write to this volume will destroy your hidden data, though. To safely access the decoy, you enter both the password for the inner and outer volume (that way, TrueCrypt knows about the location of the data belonging to the inner volume, and blocks accidental writes). -- 78.43.71.155 (talk) 11:46, 7 October 2010 (UTC)[reply]

Whenever I've used this feature, you just need to enter the inner volume password, but that's a pretty minor point. 99.224.10.2 (talk) 11:58, 7 October 2010 (UTC)[reply]

Its actually if you want to write to the outer volume (protecting the inner) that you need both passwords. If you only enter the inner volume password, you can write to it with no problems. If you only enter the outer volume password, it looks like a normal volume, and you can read and write to it just fine (for Deniability purposes). However, if you write to it (without having entered the second password), you run the risk of overwriting data on the inner volume. I guess a situation like this illustrates why both encryption and backup are important. Buddy431 (talk) 14:22, 7 October 2010 (UTC)[reply]

You're right! I guess I shouldn't have only skimmed that comment. Sorry! 99.224.10.2 (talk) 19:36, 7 October 2010 (UTC)[reply]

Probably what the OP's professor is talking about is a one time pad system. In fact, by definition a OTP is the only system that could have this property robustly, since the key (the divulged part) is the same length as the message. Given any string of random bits anyone can provide an equally long string that creates any and all strings of bits of the same lenght. That's a problem because the key is the same length as the secret. Why not just memorize the secret. There could be systems that exploited redundancy in the message (essentially compressed the plaintext prior to encrypting it) but making that system work with normal language in a way that would be plausible would be quite a feat. On top of that, the attacker would probably be aware that the system was susceptible to this attack, and probably not trust the answer. Shadowjams (talk) 09:15, 8 October 2010 (UTC)[reply]

I enabled imap and pop in my gmail account. I unlocked captcha. I entered my user ID and password correctly. But still Thunderbird says "Username or password invalid." What else could be the problem? Thanks. 20.137.18.50 (talk) 16:40, 7 October 2010 (UTC)[reply]

Are you using your full username, like "kainaw@gmail.com" instead of just "kainaw"? -- kainaw™ 16:45, 7 October 2010 (UTC)[reply]

Yes, I'm using my full username. 20.137.18.50 (talk) 16:49, 7 October 2010 (UTC)[reply]

What are your server settings? -- kainaw™ 16:59, 7 October 2010 (UTC)[reply]

Server Type: IMAP Mail Server

Server Name: imap.googlemail.com

Port: 993

Connection security: SSL/TLS

Authentication method: Normal password

Check for new messages at startup: checked

Check for new messages every: 10 minutes

When I delete a message: Move it to trash folder

Clean up ("Expunge") Inbox on Exit: unchecked

Empty Trash on Exit: unchecked —Preceding unsigned comment added by 20.137.18.50 (talk) 17:04, 7 October 2010 (UTC)[reply]

Those are my settings and GMail works just fine. -- kainaw™ 18:11, 7 October 2010 (UTC)[reply]

As a longshot, is Thunderbird actually complaining about your GMail password, or about the "master password" to the Thunderbird password vault? Comet Tuttle (talk) 18:32, 7 October 2010 (UTC)[reply]

The answer was my firewall was blocking ports 993 465. Made those exceptions and now it works. 76.27.175.80 (talk) 21:26, 9 October 2010 (UTC)[reply]

I know that http://someblog.blogspot.com/atom.xml?redirect=false&start-index=1&max-results=999 shows me all the post starting today (up to 999). However, how can I show, for example, the post 1 to 100 (from the beginning) or from 300 to 500? Or across a time range? I tried -1 in the hope that it would start counting in the beginning, but with no success...--Quest09 (talk) 17:25, 7 October 2010 (UTC)[reply]

I have 2 identical external hard drives, "iomega prestige desktop hard drive 1TB". When I connect them both to my Windows 7 computer via USB at the same time only one is given a drive letter, the other is inaccessible. In the eject tray both are listed as "Serial-ATA bridge" but only one has a drive letter. The drives both work fine when connected separately. What might be causing this problem and how do I fix it? 82.44.55.25 (talk) 19:18, 7 October 2010 (UTC)[reply]

After connecting the second one, go to Computer, Manage, Disk Management, and right-click on the drive without a letter and assign an unused one. -- kainaw™ 19:21, 7 October 2010 (UTC)[reply]

It says "The disk is offline because it has a signature collision with another disk that is online" and the change drive letter option is grayed out 82.44.55.25 (talk) 19:36, 7 October 2010 (UTC)[reply]

this might help, but I can't vouch for the source. APL (talk) 19:54, 7 October 2010 (UTC)[reply]

Do your symptoms differ between situations where (a) you connect both drives to the computer and then turn its power on; and (b) you connect 1 drive to the computer and then turn its power on, and then connect the 2nd drive to the computer? Comet Tuttle (talk) 21:52, 7 October 2010 (UTC)[reply]

Does using them result in having more secure passwords than coming up with your own? 24.189.87.160 (talk) 23:00, 7 October 2010 (UTC)[reply]

I doubt there's any evidence for their producing more secure passwords. They're good at generating strong passwords, but strength is only one component of security; and strength can act against security if, for instance, the strong password is so unmemorable that one is forced to write down the password for the reason that one cannot remember it. --Tagishsimon (talk) 23:05, 7 October 2010 (UTC)[reply]

It depends what you mean by "coming up with your own." If you choose a password like "computer34" you have an extreme weak password. Otherwise, if you choose a long password (>=20 characters) that includes signs like *&#(), I doubt that the password can be cracked by brute force.--Quest09 (talk) 08:21, 8 October 2010 (UTC)[reply]

If you use a good random source then yes, it's almost certainly better than us humans, who tend to find and express patterns a bit too efficiently for our password's sake. Shadowjams (talk) 06:52, 9 October 2010 (UTC)[reply]