The recent Apple iPhone versus the FBI case being tried in the court of public opinion is an interesting example of the fact that encryption, and the use of encryption, can be created by any individual or any business to protect their data. All those spy movies where computers easily crack password codes are just plain fantasy. A well-engineered encrypted password cannot be broken. Unless, of course, the person that created the encryption is forced to put in a back door for the FBI.
The point is, if I really wanted to encrypt something from all entities, I would not rely on a commercial encryption version provided by Apple or my browser, because, as we have seen, the FBI will use whatever muscle they have to make sure that they can get in.
When you are done with the the encryption exercise below, you can go ahead and tattoo your bank password on your face without a worry that anybody would ever figure it out.
Let’s start with a typical password that you might use for a bank account “alfred!1”
First we’ll take the alphanumeric value of each letter such that a=01, l=12, f=06, r=18, e=05 d=04. And for the 1 we can use first letter of the alphabet so that 1=A, 2=B etc. So you could just make your password 011206180504!A, which is the numeric representation of alfred!1 (note I just left the “!” alone)
Now lets put some meaningless garbage on the front of the password. Two meaningless letters, such as CD.
Now lets add 2 to the original numbers in the password, so now we get
CD031408200706!A
Now take the day of the month you were born in and add it to the first number. 03+21 = 24, I was born June 21
So now we have CF241408200706!A
Each time you apply a step to the password encryption the more difficult cracking it becomes. I did not take this one far enough to make it impregnable to a sophisticated hacker, but hopefully you see the point. Just keep applying rules to your password changing it at each step. The more steps you apply, the more mathematically safe your password encryption becomes.
The advantage of creating your own encryption scheme is that all you need to do is remember how to unwind these steps to recover your password, you do not need to remember your actual password, so any time the bank forces you to change your password go ahead and change it, and write it down on your hand, or face, or all over your refrigerator. As long as you remember your encoding method, you can keep your passwords in plain site.
Believe it or not I actually write my encrypted pin codes on my ATM cards!
IT Security Business Is Your Frenemy
September 27, 2015 — netequalizerIs there a security company out there working in conjunction with a hacker, possibly creating the demand for their services? The old Insurance protection shakedown turned high tech? And, if so, how would you know? I try to make it clear to our customers that we are not in the security business for this very reason, but for most IT equipment and consulting companies security is becoming their main business driver.
If the world’s largest automaker will commit fraud to gain an advantage, there must be a few security companies out there that might rationalize breaking into a companies network, while at the same time offering them security equipment in order to make a sale. Perhaps they are not meeting their sales goals, or facing bankruptcy, or just trying to grow. The fact is, IT investment in security is big business. The train is rolling down the tracks, and just like our war on drugs, increased spending and manpower seems to have no measurable results. Who makes more money, companies that make bank vaults, or the criminals that attempt to rob banks? I bet, if you add up all the revenue gleaned from stolen credit cards or other electronic assets, that it is pennies on the dollar when compared to spending on IT security.
Share this:
Like this: