Profile

Cover photo
Gary Marriott
Works at Gary Marriott Consulting
Attended Northgate Highschool
Lives in Toronto
62 followers|157,153 views
AboutPostsPhotosYouTube+1'sReviews

Stream

Gary Marriott

commented on a post on Blogger.
Shared publicly  - 
 
This is a good write up but its outcome depends very much on the assumptions made. Yes Scrypt can be weaker than Bcrypt (if you use specific chosen parameters). Also where parallelizable is stated in step two, that is a function of using the P parameter above 1 (which I do not recommend) .

Finally, a much better way to use scrypt for password hashing is to use it AS the pluggable function in a modified PBKDF2 such that the outer (non-parallelizable) loop is run for a specific time for the give hardware e.g. 1 second. Then the iteration count is passed forward on the front of the output hash. AND With the inner scrypt set with P=1 and the other parameters set to be well above the maximum size of available local memory for ASIC, FPGA, GPU or CPU L1/L2 caches.
1
Add a comment...

Gary Marriott

Discussion  - 
 
 
I have to say, even if the US and UK both make sweeping requirements that all commercial encryption products have LEO back doors. AND that all their allies follow suit. It will still be a futile effort for the following reasons:-

a) Open source software cannot be controlled in this way by any one or group of entities (ideas cannot be un-invented).

b) An encrypted communication (excluding headers) is by definition indistinguishable from random noise. Thus a double encrypted communication looks just the same as a single encrypted one. So a mandated encryption scheme can be used to wrap an open source secure one.

c) Evil doers have to be assumed to be just a smart as the people chasing them, so will utilise a) and b) to look legitimate.

d) Everyone else, not doing a) & b) is vulnerable to the same Evil doers gaining access to the LEO secured keys.

In the end, this idea is not only foolhardy but possibly exactly what the bad guys want.
2 comments on original post
4
Lauren Weinstein's profile photoDave Howe's profile photo
11 comments
 
And the narrative has been, so far... "show me a case where the current capabilities made the difference" - when asked that, so far they have always backed down and retreated into generalities, claims of currently open cases and so forth.

But yeah. This has nothing to do with the given excuses, but providing sufficient fear to congress that their wishlist can be voted though - we already know they aren't above lying openly to congress (and aren't punished for giving "least untruthful" answers) so there is no actual downside to making claims that can't be backed up (or at least to date there has been no reason for them to worry about that)
Add a comment...

Gary Marriott

Shared publicly  - 
 
Its almost magic, in the sense that SQRL's technology is sufficiently advanced to appear so. And yet it is anonymous, secure and simple.
 
Hey everyone! Something cool to share:
Yesterday (Tuesday) during our weekly Security Now! podcast, I used a working beta iOS SQRL client on an iPhone (supporting the nearly finished SQRL secure identity authentication system), to log onto Leo's computer 452 miles away!
Here's the 4-minute segment showing how it went. Check it out! More coming soon, Thanks!!
16 comments on original post
1
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
Let me add a few more from my home County, with hints:-
Garboldisham
Gippeswyk (now called Ipswich)
Dallinghoo
Gislingham - (Jiz-ling-am)
Ousden
Stowlangtoft
Thelnetham - CLUE: The first TH is a thorn and the second is T-H so "Thel-net-am"
And finally
Uggeshall
1
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
Almost the first fact out of his mouth is so far from being right it hurts. So the furthest thing you can see with the naked eye is the Andromeda Galaxy at 4,200,000 Light Years. Ok, excluding that you can also see other galaxies under good seeing that are much further than that away lets go for distance, how about 12.9 Billion Light years! >>

Presently the farthest naked eye object that could ever have been seen is the optical component of a gamma ray burst GRB 080319B to be exact that reached visual magnitude 5.7. Its redshift of z=0.937 places is approximately...

12,900,000,000 Light Years away

that is

122,100,000,000,000,000,000,000 Km

So far away that it actually went off when the universe was only half its present age of 13.2 Billion Years
1
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
Now I'm not saying that the NK leadership should not be taken down a peg or two(thousand). But, whoever is really in charge in the US, lets do it for the right reasons, OK. Not for something you latched onto that is ultimately not provable.

Because we remember the Iraq WMD reports that turned out to mostly hot air and how that led to invasion, regime change and now an ongoing low level conflict that is causing more casualties every day.

We also remember how the invention of Al-Qaeda as an organised coherent top down managed entity was perpetrated by the FBI from scant evidence of a loosely associated group of disaffected extremists with one spoiled rich kid acting as the money man. This was done so that existing laws of conspiracy could be made to apply to this "group".

In the end, my main fear is that using the Sony Internet-attack (cyber being a bad buzzword), linking it to a nation state actor and linking that to actual terrorist attacks which were perhaps coordinated over the internet will lead to government acts that will criminalise us all and deprive us of the few human rights we have left. See:- http://www.bbc.com/news/uk-politics-30778424 and http://www.washingtonpost.com/world/french-police-arrest-at-least-8-people-evaculate-train-station-after-bomb-threat/2015/01/16/80acd4dc-9d0c-11e4-bcfb-059ec7a93ddc_story.html
1
Add a comment...
Have him in circles
62 people
Alan Majer's profile photo
Ahron Train's profile photo
Christopher Olah's profile photo
Reg. Charney's profile photo
Deborah Sword's profile photo
Charanpal Singh's profile photo
Peter Marriott's profile photo
Maurice Cacho's profile photo
Khalid Baheyeldin's profile photo

Gary Marriott

Discussion  - 
 
A nice summary of why the FBI etx wants back-doors and why it will not help them from Bruce Schneier:
https://www.schneier.com/blog/archives/2015/07/back_doors_wont.html

To summarise his summary, to stop a determined adversary from 'going dark' it is not enough to just put back-doors in security products under your control; you need to do this to ALL SECURITY PRODUCTS EVERYWHERE! or prevent their use by EVERYONE!

At which point any nation doing this would be come less free than North Korea.

Seems the proposal is akin to cracking shelling peanuts with a thermonuclear device.
9
4
Jos Poortvliet's profile photoBob Looter's profile photo
Add a comment...

Gary Marriott

Shared publicly  - 
 
I have to say, even if the US and UK both make sweeping requirements that all commercial encryption products have LEO back doors. AND that all their allies follow suit. It will still be a futile effort for the following reasons:-

a) Open source software cannot be controlled in this way by any one or group of entities (ideas cannot be un-invented).

b) An encrypted communication (excluding headers) is by definition indistinguishable from random noise. Thus a double encrypted communication looks just the same as a single encrypted one. So a mandated encryption scheme can be used to wrap an open source secure one.

c) Evil doers have to be assumed to be just a smart as the people chasing them, so will utilise a) and b) to look legitimate.

d) Everyone else, not doing a) & b) is vulnerable to the same Evil doers gaining access to the LEO secured keys.

In the end, this idea is not only foolhardy but possibly exactly what the bad guys want.
1
1
D Wigglesworth's profile photoGary Marriott's profile photo
2 comments
 
I believe what I'm advocating can be summed up like this: You know that there is legislation that criminalizes tampering with DRM on things like music and movies? Well... I'm only saying that that kind of thinking should be applied to my own personal (private) data. Simple.

The complicated part is how to actually implement this so that it can have a practical benefit. But it appears to be well within reach. 
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
Clearly though the banning of this 'Toy' was due to people who share the presenters stated belief that small magnetic spheres are a suitable childrens toy. These 'Toys' were designed as adult executive toys, to be sold to adults. If we follow that logic then perhaps guns, bombs and for that matter all sharp or heavy objects should be banned to prevent idiots from putting them in the hands of children.
1
Aron Lankester's profile photo
 
I think we should also ban those toys some adults use to drive to work in.. They are certainly not suitable for children! Moving parts, can contain combustible products... Yup!! Not suitable at all 
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
There is one that even BBC announcers get wrong that one is WITHAM which is not pronounced wi-th-am but wit-ham. Which like many older placenames traces back to the anglo-saxons who's alphabet included the letter Thorn (þ) see: http://en.wikipedia.org/wiki/Thorn_%28letter%29 which in a word gives the th sound while the apearence of TH in the middle of a word is more correctly said hard T, hard H. e.g


From the Cronicles:
"On þyssum geare man halgode þet mynster æt Westmynstre on Cyldamæsse dæg"
In this year the monastery at Westminster was hallowed on Childermas day
1
Add a comment...

Gary Marriott

Shared publicly  - 
 
National Post: U.S. knows North Korea hacked Sony because NSA had already broke into country’s computer network: officials. http://google.com/newsstand/s/CBIwvMX9rSA.

So what the NSA is saying is that it know the Sony hack was NK because the NSA had completely compromised NK networks. This from an organisation already willing to lie to congress, seems to me its just a likely that the NSA used their infiltration of NK networks to attack Sony themselves and pin the blame on NK to further an as yet undisclosed agenda. 
The trail that led U.S. officials to blame North Korea for the cyberattack winds back to 2010, when the NSA scrambled to break into the country's computer systems
1
Gary Marriott's profile photo
 
Also we only have the word of a man willing to lie to congress that he only spoke of trivialities when having an intimate dinner with his NK opposite number, shenanigans?
Add a comment...

Gary Marriott

commented on a video on YouTube.
Shared publicly  - 
 
Same idea as apocryphal Washington's axe, the idea and the construct continues to exist by the original item is eventually completely replaced. Therefore the axe exists and in every way is identical to that which the great man used but it consists of completely new materials, gradually replaced over the Millennia so it is also NOT Washington's axe and did not last to today. 
1
Add a comment...
People
Have him in circles
62 people
Alan Majer's profile photo
Ahron Train's profile photo
Christopher Olah's profile photo
Reg. Charney's profile photo
Deborah Sword's profile photo
Charanpal Singh's profile photo
Peter Marriott's profile photo
Maurice Cacho's profile photo
Khalid Baheyeldin's profile photo
Education
  • Northgate Highschool
  • Sidegate Lane Primary
  • Suffolk College
  • Open University
Basic Information
Gender
Male
Work
Occupation
Wandering Genius / Web developer
Employment
  • Gary Marriott Consulting
    CK&BW, 2010 - present
  • Cyberwalker Media Inc
    Wandering Genius / Web developer, 2010 - 2010
  • British Telecommunications Plc
    1996 - 2009
  • Electronic Techniques Anglia Ltd
    1993 - 1996
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Toronto
Previously
Ipswich - London - Toronto
Gary Marriott's +1's are the things they like, agree with, or want to recommend.
Gizmag
plus.google.com

New and emerging technology news

Adobe AIR
market.android.com

Enjoy your favorite web applications with Adobe AIR. Enjoy your favorite web applications with Adobe AIR. Adobe AIR enables you to have you

IMDb Movies & TV
market.android.com

Search the world's largest collection: · Over 1.5 million movie and TV titles · Over 3.2 million celebrities, actors, actresses, directors a

Baby Sign Language Dict. Demo
market.android.com

PLEASE READ: **This is an EXAMPLE of what the BIG 300+ Word app will be like. There are only a few signs in this app as a free demo for you!

Location Scout
market.android.com

Location Scout - Discover filming locations for thousands of movies. Ever wondered which movies were filmed at or near your current location

Campaign for "santorum" neologism - Wikipedia, the free encyclopedia
en.wikipedia.org

We have laws in states, like the one at the Supreme Court right now, that has sodomy laws and they were there for a purpose. Because, again,

Santorum
spreadingsantorum.com

Santorum 1. The frothy mix of lube and fecal matter that is sometimes the byproduct of anal sex. 2. Senator Rick Santorum

A real pleasure, eating with my 4 year old son. Food is plentiful and of really good quality. Little touches like comp' side dishes make all the difference. Its now 8 months later and this place only gets better.
Public - 3 months ago
reviewed 3 months ago
Always fresh, always good, always friendly and always reasonable prices hence 5 stars. I eat here at least once a week with my son who otherwise can be picky but here he loves it all.
Public - a year ago
reviewed a year ago
5 reviews
Map
Map
Map
Food is fine, coffee even drinkable. But completely incompetent staff. On a simple order of two two items already on display they managed to make 9 separate mistakes. Which although they made right they did so with bad grace and much muttering.
Public - 3 months ago
reviewed 3 months ago
Nice food, great coffee, pleasant relaxing place. Well worth getting off the beaten track for. P.S. try the Panini's.
Public - a year ago
reviewed a year ago