Open hammad93 opened 2 years ago
The initial functionality works and we will test it out soon, maybe tonight.
Was not tested because deployment had a time out and was unstable. Because there are no fail safes by design, a deployment with high availability and no downtime is necessary before further testing.
Original implementation will have no fail safes for testing and based on results safe guards will be implemented.
fail-safes will not be implemented to achieve true end-to-end encryption that is not exploitable by developer coercion
~Currently deployed~ at http://198.57.44.233:1337/ only for testing
the physical safe itself has failsafe mechanisms
It worked with the lock at 10 hours with this message
wcFMA9VEM75cwJJ9AQ//esfUD2h+W+0RAP9WMdPhiynsfotUsQh6Cic3tTEQedPvLRlcNielsBu3mESxnmc5NXqi52HwIgfCS0G8LoCviSewJ9+3jBHqE1CSw8Y86MI1oi6R1XedCb1inNdyGtO+kCf5LJhlAp6jM/ukC2gY5s0krnvp9JAyRDROxh24LMIHRcQCX4Wst1ENAx7k4T4Hg+xnU+myouncFK++NtBa8SR1bmXxg/zZ42pdSR8OvmONqRMXsskfHlrh5yCc3cwDSmSvVrUMPO+x8Szmpl+4MMUnyJ6enb2ZY6ZbknfU1PvH1EPvRckObBP1v87YK5pjW5Tai7y2ZZq8UQU6YccUjC5cBAWxuBqWEZnrbKGHAS+3cfoklNQ1H3slJdr+rID0IciXPBMI7hkanDDujrVf2JIZQ7n5yuQB1MCbUhc13q0JrKedwr/fXqlXB6wsj7Y0WgC0YknFGAbL37FfIe/RT5zjNon7rkRlI+rhKgqZ3WtohowazlZvvQV1wqS8YwPCbdDqQEEkSuSDOHFAyZy1wx21E7H75kBLc7YC4gWTQuMVm0gVq2RdbnkdUoy7kMoo+Jdgfx9FxXLcBbSxQX9ZXSmR0YOHlTVG5fZdCwm+NLdeLOWlv4/ita36QsjYTpfvlyfdMz0Rd1S80/EjDnsVBCgkyZO7kj77X2cEjH2xX/nSWQHu2nr//49ipUYpAX0VuOz1kRurY7QXhX+TCAuTleVFKgRVyOYZMTYfXdjJ5LRtqimnEeHS9Ujb/1rR7o7TiQOIZ+8zd4MDLXxcnX6yG4f9H7K7Yg0cxpv/
I currently use this tool to help with mental health.
we can implement a failsafe (or multiple) by creating another app as a backup for the private key. This way there is a fail safe with end to end encryption
because it's not ssl encrypted you can easily spoof it, but it cannot not unlock a key
what can I say, it works
When unlocking with IP, it doesn't really work well if it's not static. This pattern may cause headaches especially if the ISP changes. Maybe try a MAC address instead?
Dr Jekyl made the algorithm but Mr Hyde tested it
When unlocking with IP, it doesn't really work well if it's not static. This pattern may cause headaches especially if the ISP changes. Maybe try a MAC address instead?
Sending a one time only email with the key is the way
a case study on 3 digit combinations in time sensitive safes and the Magic number 7 plus minus 2 compared to 8 digit combination locks
Perhaps lower digit combinations are more forgettable with time? I still remember the 3 digit combo a few days after
This was a deleted comment. Please don't delete again. "Last weekend's testing yielded a noteworthy result. After setting the passcode in the safe for a week successfully, I set another time crypt for a day. However, I didn't set the cover for the batteries and from moving around the safe, the batteries came out and into the safe. This meant that the safe was inaccessible because I put the failsafe keys inside.
Initially, I was challenged to try and recover what was inside. Some suggestions, including dislodging the spring in the locking mechanism, ultimately didn't work for this type of safe. This validated that the methodology worked because I was trying to compromise it. After all, valuables were safe. Almost all methods did not work.
There was a point where panic set in because it would be difficult and time-consuming to acquire the valuables again without opening the safe. Although I was utilizing my mind to search for hacks, there was a more primal instinct that kicked in. Personally, I practice weightlifting and exercise regularly, which gave me the confidence to exert my body to physically open the safe. Even though I am vehemently against violence in any form, there was some incredible violence that happened to break open the safe and I was transformed into something I did not recognize. I grabbed a hammer and started indiscriminately smashing the safe, which was the most violence I had ever committed in my memory.
This method is not an exploit and was barely a hack. It was extremely loud, and with every contact with the hammer, the home shook. I was not living in an apartment, and nobody was home, so this would have been infeasible in any other circumstance.
The takeaway is that this cryptographic method applies to real-world settings and that there is an incredible value that may enable many other things. However, every step of the method requires precision because there are no failsafes in the algorithm by design. Another safe from the same manufacturer was ordered. Some safes are designed to withstand physical force but designing against it may lead to violent patterns.
a case study on 3 digit combinations in time sensitive safes and the Magic number 7 plus minus 2 compared to 8 digit combination locks
I still remember the 3 digit combination almost 2 weeks ago. Perhaps we can recreate another passcode but this time while multitasking? It seems like the magic number holds up since I have never remembered any of the 8 digit passcodes. There's an estimated 40 time locks with 8 digits that I've generated.
a case study on 3 digit combinations in time sensitive safes and the Magic number 7 plus minus 2 compared to 8 digit combination locks
I still remember the 3 digit combination almost 2 weeks ago. Perhaps we can recreate another passcode but this time while multitasking? It seems like the magic number holds up since I have never remembered any of the 8 digit passcodes. There's an estimated 40 time locks with 8 digits that I've generated.
to be more clear, I mean trying to multitask so there are more digits in your short term memory and it might work based on the magic number
A few days ago I had set the lock and remembered the 8 digit passcode. 7 +- 2 means 5 to 9 and 10 digits is where the distribution gets more rare.
It may have been because some of the digits belonged to my phone number and I was able to remember.
I still remember the 3 digit passcode and while it took longer after a month, I don't think there's a hard limit on when I will forget it. for example, maybe the 3 digit passcode will work for time locks longer than a month?
Something similar to this is being used for testing,
This one has max 8 digits for password
There are 2 types of these safes, the biggest difference being how the codes are reset. I bought both version of the safe and one of them suffers from the "tap" vulnerability which makes it easy to unlock without the passcode.
Something similar to this is being used for testing,
This one has max 8 digits for password
There are 2 types of these safes, the biggest difference being how the codes are reset. I bought both version of the safe and one of them suffers from the "tap" vulnerability which makes it easy to unlock without the passcode.
I was just able to test this vulnerability and it worked. This is the one where the reset button isn't inside the battery compartment.
Ordered another newer version of the safe that has an external power in case of battery loss. This would fix the vulnerability from the first safe where my cat pushed the safe off the table and dislodged the battery, making it inaccessible unless you had the failsafe keys. It was the same price, let's see how it goes.
hack this
wcFMA3VbPdc/64xJAQ/+PgspsqM2Ky0iegyeuSkqGwdBYaF3YiP2t34DFbGJFJUH74DE/Km+W3/CMKc8yHbiIQv9rXQEBKKf3yWVXyo4PkKHwfx4xQBvBhwtXliJE6yaaoVTYkvSsq8u16F7BAVeVx72+cAw6YjeCqV6a296rgBDhNHwl7fvDfrmq3HeGGsJp/4r4xUeFtWsicZnOf/HGAErPzxx9MnByPnvbNBOeWhABw/4DIcFaPT7TQKloUOaERScmQ18s0Ivnyo1q8g+D2Zp4BrRPwExhV6v2CtXWJAbSVJtGsdahCHjT1uW1INJ9SCgKdPCs6ZyX6DEmW59In37By88NhKd9x+uhCgl2d5wlfmr9zzHrhtO1hOkuf4hVh8GwrzewokhPDzFLeXZ80te/R6Y22G39JIAMoKqLfMjKjWbKJNRghV6M4TXbHvA3ON0vGE00/bE3UUkTAZqpijGBQElj0RQL4vaw3tYgpVhkgOfn+NZRMSmvSc/dtwIZsxDqFweT6iwIlCnc1bJujDk1gW6BMrRkWIx2sLbLEbD/Q9S5cVxVzR8zeUviyb0TJ/78h3IrEFexvgVWdVKmj/CQCdmuvqmDWp7PavmRz8K1YljobCV+siGtBIbOL7LJKbw0cD3dC+5psnWK9Yq2msYs3oDTB8HjAkIQ98Dlh6/iOCXfl6sCCp+mPSZLTLSUAG3LG9UJxqnQHd7gPeLl2gkz39BHAOh0T7G6ZUjqthcfZmU1Vwb24ONyybxGBlDX9BYL+KjWkEAQHO6WFkQ2ygZhilo5LqDi00m+qNZ3BQw
I still remember the 3 digit passcode and while it took longer after a month, I don't think there's a hard limit on when I will forget it. for example, maybe the 3 digit passcode will work for time locks longer than a month?
I finally forgot, maybe what it starts with and another digit?
I still remember the 3 digit passcode and while it took longer after a month, I don't think there's a hard limit on when I will forget it. for example, maybe the 3 digit passcode will work for time locks longer than a month?
I finally forgot, maybe what it starts with and another digit?
Consciously I want to forget but subconsciously I haven't.
I remembered an 8 digit passcode a day after but it has repeating digits
Because we are utilizing the magic number 7 which is symbolic.
A repeating digit is often grouped symbolically.
This happened before with personally meaningful numbers like the year of birth but this is harder to put in code.
We could just generate a new passcode until we get one without repeating digits and then run it through the algorithm.
An interesting analysis would be how others have encountered the same issues. For example, in scratch tokens, there are certain characters that aren't used because they're easily scratched away.
Something similar to this is being used for testing,
This one has max 8 digits for password