• Ian (unregistered) in reply to ^E

    Double ROT13 should be plenty!

  • EvanED (unregistered) in reply to fulton
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

  • (cs) in reply to GFK
    GFK:
    I'm sure naming your kid Satan or Allah must be a legal issue in most countries.
    And yet Jesus Alou always said the his was a very common name in the Dominican Republic.
  • (cs) in reply to Misel
    Misel:
    Personally I find Base64 easy to identify. It was actually my first guess and had I been the developer this would have been my first try. So why the hassle with the debugger?

    he just overestimated his enemies that's basically why the article is here, because he got disappointed in them, when he learned the truth

  • (cs) in reply to ContraCorners
    ContraCorners:
    GFK:
    I'm sure naming your kid Satan or Allah must be a legal issue in most countries.
    And yet Jesus Alou always said the his was a very common name in the Dominican Republic.

    Jesus is a very common name in all Portuguese and Spanish speaking countries. Also, Joshua is the Hebrew version of the same name. I think Jesus as a first name would sound weird in French or English speaking countries, but I don't think it's forbidden.

  • (cs) in reply to abbas
    abbas:
    C-Octothorpe:
    hoodaticus:
    If their config files are so important to keep away from the client, then why didn't they do that, replacing the file load with a webservice call?
    Because that just obscures it. If they're determined enough, they can simply sniff the connection and intercept it... If you really want to lock the user out, I think the best approach would be to perform some sort of checksum or hash and have it call home on startup to verify (send back a public key encrypted response so they can't intercept and modify). No encryption needed, just check the integrity of the data, and bomb out badly when they try to make their own changes.
    Uhm. Maybe you not be 'xplaining urself so good....
    Probably you not be understandin' so good... :)

    I was saying no need to encrypt the config section because you just perform a checksum or hash on the client configuration and compare it to the one saved on the vendor servers. Now that I think of it some more, this is probably more convoluted than it has to be... By simply encrypting the config with a private key and supplying the client with the matching public key should suffice. You know that they can read the configuration (who cares, it's their machines), but they can't tamper with it. Simple enough.

  • QJo (unregistered) in reply to GFK
    GFK:
    ContraCorners:
    GFK:
    I'm sure naming your kid Satan or Allah must be a legal issue in most countries.
    And yet Jesus Alou always said the his was a very common name in the Dominican Republic.

    Jesus is a very common name in all Portuguese and Spanish speaking countries. Also, Joshua is the Hebrew version of the same name. I think Jesus as a first name would sound weird in French or English speaking countries, but I don't think it's forbidden.

    "Jesus" is a name that was as common in 1st-century Palestine as "Jacques" was in revolutionary France. It has been suggested by historians / archaeologists that it may have been used in a similar way: as a technique for confusing the authorities about who was who in the struggle for independence.

    I'm not sure, but I believe it is not technically illegal to name your child either "Satan" or "Allah" in the UK. If someone were to do it, however, I expect that in the current illiberal political climate it would not remain legal long. Our freedoms are our freedoms as long as we don't dare to exploit them.

  • Frank (unregistered)

    Makes me wonder if management and sales demanded this to generate more cash, but the software developer found that morally repulsive so he intentionally used something that most any other developer could break. Or maybe management just wanted an idiot filter. However the $100k for the "configuration tool" smacks of a greedy sales manager. Of course, its also possible that this was the only "encryption" the developer was familiar with. Personally I'm rooting for the developer who silently subverted management and sales.

  • (cs) in reply to sparr
    sparr:
    boog:
    Funny, I didn't say anything about copyright in my answer.

    It may be that I wasn't talking about the DMCA at all.

    If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to?
    Vendor licenses/contracts (I thought I already said this). It's not uncommon for these to prohibit reverse engineering.

  • (cs) in reply to boog
    boog:
    sparr:
    boog:
    Funny, I didn't say anything about copyright in my answer.

    It may be that I wasn't talking about the DMCA at all.

    If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to?
    Vendor licenses/contracts. It's not uncommon for these to prohibit reverse engineering.
    Would decrypting (in this case decoding from base64) be considered RE?

  • boog (unregistered) in reply to boog
    boog:
    That said, it's unlikely that the contract/license with the vendor allows this type of activity.

    Highly unlikely.

  • (cs) in reply to boog
    boog (unregistered):
    boog:
    That said, it's unlikely that the contract/license with the vendor allows this type of activity.
    Highly unlikely.
    See, this guy gets it.
  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    sparr:
    boog:
    Funny, I didn't say anything about copyright in my answer.

    It may be that I wasn't talking about the DMCA at all.

    If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to?
    Vendor licenses/contracts. It's not uncommon for these to prohibit reverse engineering.
    Would decrypting (in this case decoding from base64) be considered RE?
    By a company who thinks it's okay to obfuscate their loyal customers data needlessly for the purpose of robbing them? Absolutely.

    By a greedy lawyer who knows how to exploit the silly encrypting vs. encoding debate to convince the court that base64 is a viable security method? Of course.

    By a judge who has no technical skills and has more important things to do? I'd wager it's happened before.

  • (cs) in reply to EvanED
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

  • Those who live in glass houses... (unregistered) in reply to GFK
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • (cs) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

  • It's "zunesis" not "Zuenis"! (unregistered) in reply to Lawyer to the devil
    Lawyer to the devil:
    Incidentally, I suspect Zuenis may have contributed to the Base64 page on wikipedia...
    wikipedia:
    Input ends with: any carnal pleasure. Output ends with: YW55IGNhcm5hbCBwbGVhc3VyZS4= Input ends with: any carnal pleasure Output ends with: YW55IGNhcm5hbCBwbGVhc3VyZQ== Input ends with: any carnal pleasur Output ends with: YW55IGNhcm5hbCBwbGVhc3Vy Input ends with: any carnal pleasu Output ends with: YW55IGNhcm5hbCBwbGVhc3U= Input ends with: any carnal pleas Output ends with: YW55IGNhcm5hbCBwbGVhcw==

    Seems my asshole comments have gotten in your head...

    ...soon my HEAD will be in your asshole, sweetness.

  • Those who live in glass houses... (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • (cs) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Actually I didn't say Base-64 is not encryption, I just reacted to Evan implying that public-key encryption uses the same key to encode and to decode, which is the opposite of what it is. I guess that if you consider Base-64 as an encryption method, it is not public-key encryption, because the encryption key (Base-64 encoding) and the decryption key (Base-64 decoding) are related, which is the definition of a symmetric encryption algorithm, which is also called private-key encryption, because the encryption key has to remain private to be of any use.

    Addendum (2011-07-26 10:59): And also, I am not an ivory-tower wannabe. I have to intention of becoming an ivory tower, ever; I am fine as a human being, thanks. I guess half-machine half-man would be ok, depending on the parts replaced, but ivory tower, never!

  • (cs) in reply to hoodaticus
    hoodaticus:
    TRWTF is that the OP's immediate thought when seeing a random string of alphanumeric characters was that this was encrypted rather than base64 encoded. I would have at least decoded it with base64 first before determining whether the contents were encrypted.

    Ok, when I'm reimplementing the weel I usualy encode criptographed strings on base 16... But most people prefer to encode them on base 64.

  • eVil (unregistered)

    TRWTF is the baffling length of the tedious argument that appears to still be going on.

  • QJo (unregistered) in reply to eVil
    eVil:
    TRWTF is the baffling length of the tedious argument that appears to still be going on.

    They're bored, they're waiting for today's WTF.

  • (cs) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    C-Octothorpe:
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

  • Those who live in glass houses... (unregistered) in reply to eVil
    eVil:
    TRWTF is the baffling length of the tedious argument that appears to still be going on.

    No, the TRWTF is you ivory tower wannabes thinking that just because encryption and encoding couldn't reasonably be confused in practire that its not worth recognizing that they are technically the same in theory.

    theory > practice, everyone outside of your ivory tower (who doesn't have there head up they're ass)knows that.

  • boog (unregistered) in reply to boog
    boog:
    Those who live in glass houses...:
    C-Octothorpe:
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Who cares?

  • (cs) in reply to boog
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?

  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?
    You can for now, but I'll need it back.

  • x00neexiz (o8f00sek@t3d) (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?
    Can I burrow my cock into your monkey slut?

  • Those who live in glass houses... (unregistered) in reply to boog
    boog:
    C-Octothorpe:
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?
    You can for now, but I'll need it back.
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to boog
    boog:
    boog:
    Those who live in glass houses...:
    C-Octothorpe:
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Who cares?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    eVil:
    TRWTF is the baffling length of the tedious argument that appears to still be going on.

    No, the TRWTF is you ivory tower wannabes thinking that just because encryption and encoding couldn't reasonably be confused in practire that its not worth recognizing that they are technically the same in theory.

    theory > practice, everyone outside of your ivory tower (who doesn't have there head up they're ass)knows that.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to boog
    boog:
    Those who live in glass houses...:
    C-Octothorpe:
    Those who live in glass houses...:
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Did anybody just get deja vu?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to QJo
    QJo:
    eVil:
    TRWTF is the baffling length of the tedious argument that appears to still be going on.

    They're bored, they're waiting for today's WTF.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to eVil
    eVil:
    TRWTF is the baffling length of the tedious argument that appears to still be going on.
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to GFK
    GFK:
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    And your all wrong. The fundamental concept behind public-key encryption is exactly opposite to what you write, since those algorithm allows you to create two unrelated keys, one for encrypting (bound to be public) and one for decrypting (bound to be private). YOUR talking about private-key encryption, aka symmetric encryption. I leave you to Wikipedia for more details, they even came up with nice color drawings for those who failed to understand their CS classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to boog
    boog:
    C-Octothorpe:
    boog:
    sparr:
    boog:
    Funny, I didn't say anything about copyright in my answer.

    It may be that I wasn't talking about the DMCA at all.

    If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to?
    Vendor licenses/contracts. It's not uncommon for these to prohibit reverse engineering.
    Would decrypting (in this case decoding from base64) be considered RE?
    By a company who thinks it's okay to obfuscate their loyal customers data needlessly for the purpose of robbing them? Absolutely.

    By a greedy lawyer who knows how to exploit the silly encrypting vs. encoding debate to convince the court that base64 is a viable security method? Of course.

    By a judge who has no technical skills and has more important things to do? I'd wager it's happened before.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to boog
    boog:
    boog (unregistered):
    boog:
    That said, it's unlikely that the contract/license with the vendor allows this type of activity.
    Highly unlikely.
    See, this guy gets it.
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    sparr:
    boog:
    Funny, I didn't say anything about copyright in my answer.

    It may be that I wasn't talking about the DMCA at all.

    If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to?
    Vendor licenses/contracts. It's not uncommon for these to prohibit reverse engineering.
    Would decrypting (in this case decoding from base64) be considered RE?
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to Ian
    Ian:
    Double ROT13 should be plenty!
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to EvanED
    EvanED:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    This is why your comment is misguided: you don't understand the fundamental definition of encryption. You persist in defining encryption according to public key encryption (a very popular, yet broken standard these days). Anybody can decode a public-key encrypted message. All they need is the key. It just so happens that the key takes fairly long to determine using non-quantum methods. Likewise, if someone did not know that 64 was the key, they would have the full domain of real numbers as possibilities.

    Your basically a parrot, who is simply repeating what he's heard in Computer Science classes.

    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • Those who live in glass houses... (unregistered) in reply to ContraCorners
    ContraCorners:
    GFK:
    I'm sure naming your kid Satan or Allah must be a legal issue in most countries.
    And yet Jesus Alou always said the his was a very common name in the Dominican Republic.
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

  • JolleSax (unregistered) in reply to BentFranklin

    For the convenience of readers of this thread etc., perhaps TDW could point out that if even Google doesn't solve it, they're on the wrong website.

  • JolleSax (unregistered) in reply to GFK
    GFK:
    BentFranklin:
    For the convenience of readers of this thread, several past threads, and, one assumes, many future threads, perhaps The Daily WTF could put a Base64 decoder widget in the sidebar. But please, not an encoder.

    Here's a simple tutorial on how to decode Base64: RG93bmxvYWQgYW5kIGluc3RhbGwgTm90ZXBhZCsrDQpPcGVuIGl0DQpQYXN0ZSB0aGUgdGV4dCBpbiBhIG5ldyBkb2N1bWVudA0KR28gdG8gbWVudSBQbHVnaW5zID4gTUlNRSA+IEJhc2U2NCBEZWNvZGU=

    Download? Plugin? gtools I tell ya!

  • boog (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    boog:
    Those who live in glass houses...:
    I wish all you ivory tower wannabes <snip>
    Oh boy, another troll-meme! So funny!

    Truly you are a comedic genius with an abundance of original ideas and fascinating insights.

    Post it again, won't you?

    Can I borrow that script monkey snippet?
    It's actually a macro: Ctrl-C/Ctrl-V to run it.

  • (cs) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    I wish all you ivory tower wannabes would get off your high horses. Base-64 is encryption! Do you even know what encryption means? It means to put in a code. Base-64 is a code. Now STFU.

    An this is for all you pathetic jackwagons posting in Base-64:

    Wkj3382KEKjfjkTquIkllP=

    Now don't go and use up all your Copy 'N Paste credits... After all, you still have some coding to do today, right?

  • mah bonez (unregistered) in reply to fulton
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    Except that it does (from those not knowledgeable enough to know that it is in base64 and thus needs to be decoded with base64).
  • AP² (unregistered) in reply to validus
    validus:
    AP²:
    The table used in base64 is *part of the algorithm*, therefore it's not encryption. Could you write an algorithm based on base64 which used any combination of 64 characters, making it encryption? Sure. But that wouldn't be base64, just something based on it.
    And the method has us chopping 8 bit strings into 6 bit strings. What if we chopped 8 bit strings into strings of length 5 or 6? What if we chopped 10 bit strings into 8? Can you see how these magic numbers 8 and 6 are a bit like having a key?

    If you chopped into strings of different length, it wouldn't be the same algorithm, because that algorithm specifies a certain length.

    Again, you could write an algorithm which received the length as a "key", but it wouldn't be base64.

  • (cs) in reply to mah bonez
    mah bonez:
    fulton:
    No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
    Except that it does (from those not knowledgeable enough to know that it is in base64 and thus needs to be decoded with base64).
    And English is encryption because... ummm... mexicans. Yes, mexicans.
  • mah bonez (unregistered) in reply to hoodaticus
    hoodaticus:
    And English is encryption because... ummm... mexicans. Yes, mexicans.
    Yes, even the use of English (or for that matter, any language) can be encryption. I refer you to the Code Talkers from WWII, as well as any parent who uses a foreign language (or words from a foreign language) to communicate with each other without having the kids understanding.

    This also applies to Pig-Latin, a form of encryption that utilizes an encoding algorithm in which the "key" is part of the algorithm.

Leave a comment on “Encrypted XML”

Log In or post as a guest

Replying to comment #:

Log Out

« Return to Article