I'd think no, because computing power is so cheap you can just multiply your resources by X and now you are cracking X/10s.

Which seems to be exactly how they think: http://en.wikipedia.org/wiki/Utah_Data_Center

And they could also just invest more in MITM attacks, HW backdoors etc etc. They basically have unlimited money/resources

Different indent styles used to be a lot more common, especially in the days of C/C++, see:

http://en.wikipedia.org/wiki/Indent_style

And I assume the C# style (Allman/BSD style) is what Microsoft internally uses for C/C++ projects - see https://raw.githubusercontent.com/do.../src/gc/gc.cpp for example. What happened since then I think is that the popularity of Java and the fact Java came from a specific vendor as opposed to C/C++, led to Sun's K&R variant (1TBS) and similar styles becoming much more dominant than before. At the same time, the popularity of open source and even Q&A sites and forums where people share source code probably reduced the diversity of indent styles within each ecosystem. Also the Allman style, which is the most popular style after K&R, is not suitable for Javascript because automatic semicolon insertion.

Kernel style and GNU style are ridiculous IMO, yet they are used for huge projects that run this world.

Lol else cuddlers.

GNU style is ridiculously ugly
Unnecessary spaces look awful and I do not see the benefit.

I've seen terrorists use twitter to communicate by making comments under popular peoples' twitter account images. The images that have like hundreds of comments that nobody reads has like some global coordinates and gibberish attached in a comment lol.

More sophisticated terrorists can also communicate by planting hidden messages inside images:

http://en.wikipedia.org/wiki/Steganography

http://globalsecuritystudies.com/Ima...ganography.pdf

Can but don't, I think. No need to invest in high tech solutions when cheap, readily available lo-tech stuff works just as well.

Box cutters over graphene pistols

http://www.infosecurity-magazine.com...nts-hidden-in/

http://www.dailymail.co.uk/news/arti...assengers.html

http://archive.wired.com/politics/la...urrentPage=all

I used to store my passwords in images way back.
Wild though that someone's whole social media account may just be a fraud and tons of messages are in every picture lol.

I'm considering it an issue where you are using maximum resources, which I'd assume the NSA has access to. At some point, it is a purely algorithmic -vs- time issue. We can break anything given the lifetime of the universe.

Is there a point where we allow for "good enough" without turning the entire world into a black box? Gmail isn't going to offer the strongest thing to every person on earth, so we are stuck with some compromise between humans and governance. I'd have no huge issue if the time it took "them" to crack emails acted as a deterrent to reading emails wholesale yet allowed them fish with a rod as they claim to.

Rest just give implications that there's a worry they might use steganography.

Are you trying to make a point?

Thought you were

Is it really any easier to use weak encryption than strong encryption? The reason almost nobody uses encrypted email is (I think) simply because it would take slightly more effort, is slightly inconvenient. But that applies to any type of encryption whatsoever. At least from the user's perspective. Easy enough to see why governments might go for this solution as a compromise if there was significant demand for something like gmail moving to an encryption standard. (As in, "Here's our crappy encryption standard. Use this because anything stronger is illegal.")

Also,

https://www.schneier.com/crypto-gram...2001/0930.html

My point is obvious - there's evidence that steganographic techniques were actually used and in fact if you want to securely distribute a large amount data over unsecure channels without arousing suspicion, lo-tech stuff doesn't work very well.

Gmail supporting encryption is mostly pointless because it's a web app. Any kind of secure email system assumes that encryption/signing occurs on the client in a verifiable way.

I remember reading an article awhile ago that talked about encrypted mail having a lot of problems when it comes to things like spam detection. Not sure if its still relevant but if I had to choose I'd take no spam and unecrypted email.

Here it is: https://moderncrypto.org/mail-archiv...14/000780.html

Wow, that's super interesting, thanks for the link!

Makes sense. I was trying to think of a way a weak / targeted surveillance friendly encryption standard could gain traction, and I don't see it. Either you're serious about encryption, and you want something strong and presumably open source that runs on your machine where you can trust that its performing as advertised. Or else like 99.9% of email users you don't care about encryption enough to bother with it.

Haven't read the link but this just means you'd have to download and decrypt every received message on your own machine where you could then run the spam filter if you want it filtered, right? You still can have a spam filter, just have to run it locally. I'll read through the link though.

Are there not any email applications that handle matching public keys to email addresses? It seems like it wouldn't be too difficult to just look up the proper public key for [email protected] and encrypt the email before sending. Also to just automatically decrypt incoming mail using your private key that you add to some config field.

A quick google search returned nothing. And now I'm on a list.

The software exists and I'm not even saying its difficult to use. Never used it, but it seems really simple. Maybe its more like this: Most people don't use encrypted email because most people don't use encrypted email. That is, its not very useful if you don't know anybody who already uses it. Network effect. I wish people would use encrypted email, because then I'd use it too! Not just email but texts, phone calls, everything should be encrypted by default imo, yet I use none of this.

In general people don't care but in specific instances they seem to. Maybe the world just needs an app to get people used to encryption.

Free app idea: CryptDick. Encrypt your dick pics.

You want to send and receive data in such a way that only you and the sender/recipient can see it? Terrorist!

GPGtools makes sending secure messages really easy, where anyone that spends 5 minutes figuring it out can do it.

Honestly the technology is already made as simple as it can get but people just don't bother to use it.

You get on a list for just browsing the official tor site.
I've been thinking of making software that just does a lot of random web activity to scramble ways people are classified by their web presence.

You wouldn't need a config area as this could all be done programmatically. A public / private key combo can be auto-generated with two databases talking to each other. You have to be logged in to your email account use the key, which is functionally no different than being logged into your computer as the correct user and using RSA to ssh into your server.

What am I missing here?