GEORGE SPELLWIN'S ANNOUNCEMENTS
Enlightening Men about Anabolic Steroids and Bodybuilding for over Two Decades
|
 Elite Fitness Bodybuilding, Anabolics, Diet, Life Extension, Wellness, Supplements, and Training Boards
 Anabolic Discussion Board
 GREEN DOESN'T WANT TO MAIL ANYONE WITHOUT A HUSH OR ELITE MAIL ACCT!!!
|
| Author | Topic: GREEN DOESN'T WANT TO MAIL ANYONE WITHOUT A HUSH OR ELITE MAIL ACCT!!! | ||
|
Freak 
Posts: 1934 |
Because the message won't be send encrypted. I'll still help everyone that mails but it's free and safer so lets be smart about this. Later, Green ------------------     | ||
|
Elite Bodybuilder 
Posts: 706 |
I second that, its free so get it... And i'm going to give this a big bump, b/c with all this traffic tonight, this post well fall off the page in about 1min.,hehe... [This message has been edited by bsjohnson (edited February 08, 2001).] | ||
|
Amateur Bodybuilder 
Posts: 94 |
Thrid person a? LOL I understand the same goes for me!!! | ||
|
Pro Bodybuilder 
Posts: 530 |
If someone wants to read your email, they will read it, it's that simple. If it is stored magentically of electronically, it CAN be and WILL BE stolen if wanted. Whether they brute force your password, or simply intercept the email when the person reads it, there are no secrets. To back this up, the FBI has a system known as "Carnivor" (spelling?) that samples nearly 13 million emails a day! You want to know the bitch? It's not considered an infrigment of privacy. Two people have already had accounst stolen, does that tell you anything? Trust me on this, there are ways into or around anything and everything! George did a pretty good job, but 128bit encryption doesn't matter if you can't keep your password safe. | ||
|
Elite Bodybuilder
Posts: 706 |
MeanOne, you have a point, and if someone whats to read your email then they will. I just think if your using AOL, or something like that, its easier for people to get into. Maybe i'm wrong. | ||
|
Freak
Posts: 1913 |
Meanone, what you say is true and the sp was correct, however hush prevents your IP being shown to receivers of mail. Also let me ask you a simple q, would you rather use hushmail with the added security or aol?  ------------------ | ||
|
Freak
Posts: 1934 |
up ------------------ | ||
|
Elite Bodybuilder
Posts: 1276 |
Considering current events, I'd say it would be stupid not to use an encrypted service. ------------------ | ||
|
Administrator     
Posts: 767 |
MeanOne, Some excellent comments. We were very concerned about Carnivore when we partnered with Hush. The beauty of Elite Fitness Stealth Messaging is that its security cannot be broken or weakened by government sponsored snooping software � not even Carnivore. The Hush 1024 bit end-to-end encryption engine powering Elite Fitness�s security system is a lot like a circuit, when one Elite Fitness user communicates with another Elite Fitness or Hush user, the circuit is complete and the mail they send is completely safe. To anyone other than the sender or the recipient of an Elite or Hush email, the message appears as a jumble of numbers and letters. It is completely illegible. The only way to decrypt or unscramble messages is by using your own passphrase when you open up your Elite Fitness Stealth Messaging account. Carnivore cannot decrypt your mail, and is therefore, powerless against messages sent between Elite and Hush users. Additionally, and this is a very important point, our mail servers are NOT located in the United States. I think Green�s suggestion is an excellent one. I strongly encourage all moderators and Guru�s to politely request that all the questions they receive come only from a secure elitefitness.com account. Go to: www.elitefitness.com/mail ------------------ George George Spellwin Tell your friends about elitefitness.com! You could win 30lbs. of Mass Quantities Triple Threat 3/60 Protein! | ||
|
Freak
Posts: 1913 |
Mr Spellwin, I am not questioning your answers, what I am trying to conclude is how certain are you that e-mails cannot be searched via carnivore. Unless the inventor of this program has said so, or unless the FBI has given out this information I am still very sceptical. I have looked into that program and what it is capable of is quite frightening. Peace | ||
|
Administrator
Posts: 767 |
quote: Questions are good! Here are some additional details. Please check this link for even more information: https://www.elitefitness.com/mail/whatis.html Java � allows Web-browsers to download and run small applications, known as "applets", on the fly. Elite Fitness Stealth Messaging messages are encrypted on the client machine, within the Java � applet. Messages do not have to travel to a remote server before they are encrypted. The Java � applet is loaded directly into the browser to encrypt the email before it's sent. Email must be sent and received to and from Elite Fitness Stealth Messaging addresses to fully utilize the security of this applet-based cryptosystem. Blowfish is a type of 128-bit symmetric block cipher. When combined mathematically with a Elite Fitness Stealth Messaging passphrase, the Blowfish algorithm encrypts the private keys of Elite Fitness Stealth Messaging users. This occurs before the key is stored on Elite Fitness Stealth Messaging's very secure key server. The only thing that can decrypt the private key is a Elite Fitness Stealth Messaging passphrase combined with the Blowfish algorithm. How can it be proved that the Elite Fitness Stealth Messaging system is actually secure? The Java source code for Elite Fitness Stealth Messaging is available to everyone, free of charge. Security experts and computer enthusiasts worldwide have the unrestricted ability to test the rigor of the Elite Fitness Stealth Messaging cryptographic system. The source code can be reviewed and downloaded at http://www.hush.ai/ In addition; a full technical description of the functionality of the system is available here. The Elite Fitness Stealth Messaging applet is digitally signed with a certificate owned by Hush Communications. The first time you log into your account, your Web browser will ask you to accept the certificate. If the certificate says, "Hush Communications" you can be sure the applet comes from Hush Mail. Does Elite Fitness Stealth Messaging have access to my private keys? Elite Fitness Stealth Messaging never actually possesses the private keys of any of its users. Private keys are created on the local machines of Elite Fitness Stealth Messaging users when they create their accounts, and are symmetrically encrypted, one key for both encryption and decryption with individual Elite Fitness Stealth Messaging user passphrases. Then, the encrypted private keys are sent to the Elite Fitness Stealth Messaging server and are stored there. Further, a secure one-way hash of each individual user's passphrase is generated on the user's local machine. The one-way hash is, then, stored on the Elite Fitness Stealth Messaging server. This one-way hash can only be derived from an individual passphrase, but the passphrase cannot be recovered from the one-way hash. When a Elite Fitness Stealth Messaging user logs on to www.Elite Fitness Stealth Messaging.com and enters their passphrase, the passphrase is hashed in the same way, and the one-way hash is sent to the Elite Fitness Stealth Messaging server for authentication. Passphrases are never sent to the Elite Fitness Stealth Messaging server, so Elite Fitness Stealth Messaging never has access to them, nor can Elite Fitness Stealth Messaging retrieve them. For example, after an individual passphrase has been authenticated, the Elite Fitness Stealth Messaging server sends the user's browser (Netscape �/Internet Explorer �) the encrypted private key. The private key is then, decrypted, locally, using the Elite Fitness Stealth Messaging user's passphrase. At that point, the user can read their messages. What do the technical and cryptographic communities think of Elite Fitness Stealth Messaging? Elite Fitness Stealth Messaging welcomes the input of the cryptographic community. We strongly believe in the presentation and review of open source code. Hushmail's source code is available at http://www.hush.ai/ Bruce Schneier, one of the world's best-known cryptographic experts, reviewed our product in his monthly newsletter to security experts worldwide. We're delighted that he's taken the time to comment on our system. Bruce Schneier's review and our response are both available on the Web: ------------------ George George Spellwin Tell your friends about elitefitness.com! You could win 30lbs. of Mass Quantities Triple Threat 3/60 Protein! | ||
|
Freak
Posts: 1913 |
Thank you for that. May I ask yourself one more question if you have time. Is it as secure as hushmail or more secure than hushmail. Regards | ||
|
Elite Bodybuilder
Posts: 1223 |
George, err, Mr Spellwin, that is, All that sounds really cool and all but I'm sure some of us are wondering how long it will be until hush deletes our accounts. Can you guarantee that my elitefitness account will not be deleted for breaking some little rule or another (I think you know which one). | ||
|
Novice 
Posts: 9 |
Personally, I go the extra step and user anonymous remailers and nym accounts. Your mail is extremely secure from beginning to end (once it leaves your machine until it reaches destination). Incoming mail is secure from when it reaches your nym account. Security isn't the only goal, anonymity is also important. With nym accounts/remailers it's near impossible to track you down. Do yourself a favor - visit anon.efga.org. It's worth the extra effort. Requires a fair amount of nerd-ness, though. | ||
|
Pro Bodybuilder
Posts: 530 |
By posting the source code, you have just given everyone with programming knowledge the begining steps to creating a "Crack" program. Whoops.... This is how the crack for the PGP system was made. Someone uncoded the program and spent about 18 days writting a new program that would crack the security of PGP. You know, the 128 bit encryption that's totally dependant in it's scrambling based on the password used... Either way, I'm sure it's safer than AOL or Hotmail, but I just wanted to get the piont across that nothing is SAFE period. The source is out there, I think it will be 6-8 months max before I start seeing cracks floating around the WareZ circles. Good luck to all! (Agree with you Coolhand, it's only a matter of time, lol) | ||
|
Elite Bodybuilder
Posts: 1140 |
Whats with the third person reference? | ||
|
Freak
Posts: 1934 |
Wow I got 2 replies from the Big Dwag himself. I can see Georges point. The emails between users are local. They don't ever go into the DMZ (De-militarized zone sp?) at any time where they can be intercepted. It's like mailing a package from your family room to the bedroom. It never leaves your house so how can it be seen? When it goes from hush/elite to hotmail or whoever it has to go outside the internal network and hit public lines to get to the other servers where it can be intercepted. I hope this helps the point and I hope my comparison wasn't too ugly for you George. Later, Green ------------------ | ||
|
Pro Bodybuilder
Posts: 530 |
It won't be intercepted from the server because I assume it's the same. However, it will be intercepted from the senders line feed or the receivers line feed. I could sit online all day an monitor someone's activites, independant of an IP address, and any information transfered via phone line, DSL, ISDN, Cable, or Satalite CAN BE TAKEN! If the government was going to track down one source, you can sure as hell bet they would - and often do - do this.It's then evidence. The someone with way too much free time on their hands and bad intentions, and proper software/knowledge wanted to, they could just as well. Security is an illusion to relax the mind - | ||
|
Administrator
Posts: 767 |
Iron, The system�s security is the same as hushmail � exactly. MeanOne, Good points, but the source is posted in the HOPES that someone will try to crack it. If they do, that will then allow the engineers to make it stronger and other crackers will work to develop solutions as well. Programmers are into this kind of thing. Green, Great analogy! Please help me encourage the other moderators and guru to request that questions come from elitefitness.com or hush accounts. I think everyone will be better off this way. ------------------ George George Spellwin Tell your friends about elitefitness.com! You could win 30lbs. of Mass Quantities Triple Threat 3/60 Protein! | ||
|
Pro Bodybuilder
Posts: 530 |
See, now that's something I never understood. Why would you release source code like that HOPING someone cracks it? By the time you find out they have, they will have shifted through so many accounts of emails it's piontless. If they wanted to design better coding engines, it should be independantly. Banks do the same things, but the difference is, the bad guy dosen't get to keep all the information like he would with this type of transfer. By the time the newer coding engine was released, it will have been some time, the cracker will be wide spread, and things will be very chaotic for a long time. For you AOL guys, about 16-18 months back there was a BIG connection problem. Would you like to know why? Someone had uncoded AOL and made a proggie to destroy and limitations placed on things like bandwidth, and all but 1 of the firewalls, but more importantly, the program allowed you to monitor other's accounts, much like a member of the C.A.T. team can do. AOL "Resolved" This problem, but it took several court cases and 7 months to do. BTW, the resolution has long since been cracked again. Oh well, guess I will just let it sit at that. Yes, I minored in software developement, mostly because of my "Phreaking" and "WaReZ" addiction. | ||
|
Amateur Bodybuilder
Posts: 62 |
PGP has not been "cracked" by anyone. Key sizes of less than 512 have been factored, but no one uses keys that small anymore. I know MeanOne will come back and say that he "knows for a fact" that some hacker somewhere has done it, but I'll be happy to post an encrypted message and see if anyone can send it back to me in plaintext. ------------------ [This message has been edited by Cton Haul (edited February 08, 2001).] | ||
|
Pro Bodybuilder
Posts: 530 |
This is for all you in disbeleif, and particularly for you "Cton," who foolishly choose to make a snide remark to me. If you are competant enough to locate the RaZoR911 group, you can get the crack from any member of the baord of decisions. If you are not competant enough to locate them, you probably deserve to suffer with the iggnorance you show to all of us in the know. Simply put, PGP has been cracked for over a year, all versions. I suppose I could ask someone whom I know of that has it if they might be willing to let me take your "Encrypted" message, and let them crack it. Would that be enough evidence for you "Cton?" -Cton, you should really learn who the fuck I am before making any snide remarks, especially after making yourself look like a peon by touting false information.- | ||
|
Amateur Bodybuilder
Posts: 62 |
Yes, that would certainly be proof enough for me. I'm sure you think you are a very important person,but your nonsensical statements and dysfunctional spelling tend to undercut your authority. If "all versions" of PGP have been cracked, I think it would be well known in the cryptographic community. In fact the consensus in said community is that PGP is still secure, and is under no imminent threat of being breached. ------------------ | ||
|
Pro Bodybuilder
Posts: 530 |
Whatever kid, I'm glad you can run a spell checker or have your mommy type your posts. Either way, you are in for a rude awakening if you fell into the beleif that PGP is safe. What cryptography circle are you in? I'm in RaZoR, you know....the guys who claimed responsability to fucking up National City Banks accounts 3 years ago. Either way son, you have a lot to learn if you really stand behind your statements. | ||
|
Elite Bodybuilder
Posts: 1261 |
meanone thanks for pointing that out...guys the internet is not safe...of the govt wants to get you, they will. TCP/IP was not designed with security in mind. they have the best crackers and coders. shit, they hire them if they did something bad so they learn from them...it's called reformed crackers. they are the best in the world. | ||
|
Cool Novice 
Posts: 23 |
Clambake, I'm not sure that you are totally correct. With Hushmail, you can trace back through remailers. The actual part I'm not sure of is.... How far back it can go. And if it's possible to send a message through multible remailers...Ie: (backwards trace tread) Your email....remailer....dummy e-addy....remailer.....actual senders addy Just a thought! Sorry, that was off the subject.... Any security is better than none.....and the more you have, the harder it will be for some numb-nuts to find out what your saying!!! Reminds me of the old addage.... Better safe ------------------ | ||
|
Elite Bodybuilder
Posts: 695 |
good info! ------------------ | ||
|
Cool Novice
Posts: 28 |
well, did meanone crack that pgp thing from cton yet? | ||
|
Pro Bodybuilder
Posts: 560 |
Green u got mail Mass Monster | ||
|
Novice
Posts: 6 |
well ok...... [email protected] |
All times are ET (US) | |
 |
|
|
posted February 08, 2001 02:47 AM
