pull down to refresh
21 sats \ 0 replies \ @rizzling 25 Jun \ parent \ on: Is 24 words seed safer than 12 words in terms of bruteforcing the private key bitcoin_beginners
first; you did not understand me -> 12! = 479001600 that is the total number os possibilities assuming you have a 12 word seed (and you know all of the words but not the order)
second: if we assume that you have the capabilities (both technical and financial pov) a 12 word seed is a joke for 1000 qubits (or even more assuming perfect syncronization of superstates and the binary compilation and algorithms far beyond basic grover for error correction and so much more) - I know that most likely nobody will understand what I am talking about but anyway...it takes some days and you got the result.
-> what is important to notice: nobody performs such attacks in practice yet, there are endless reasons why it's not a real option to the time of writing. but this will change in the next decades.
you need to improve your understaning of cryptography basics ;) brute forcing the seed phrase means try every possible combination of words. assuming you have 12 word phrase and you KNOW the exact 12 words but not the order its simple 12! (around 500.000.000 possibilities, takes a second to brute force with good gpu) BUT if you dont know any of the 12 words you have to try every possible combination (use the word list) and this differs extremely to a simple sum of 12! :P
the hashes (in binary) have the same structure and lenghts thats correct, but you (better to say hashcat or whatever u are using^^) is deriving them from all the different combinations of possible words. the longer the seed phrase the longer it takes....anyway its pointless to try to brute force a seed phrase from ZK ^^
always pick 24 (+ 2 extra words if possible)!
its exponentially harder to brute force a 24 word seed phrase than a 12 word seed. pure math nothing else. And if the client looses his phrase it doesnt matter if he picked 12 or 24. he wont remember the phrase by memory anyway (at least 99% if them).
it's possible to brute force a 12 word seed in some days with the right ressources (most likely only avaiable for secret services and such who have quantum computers with at least ~100 qubits). That's not the case for 24 word seed. Such an attack would exceed the average lifetime of a human ;)
Milei calls himslef a 'libertarian'....that's an insult to all real libertarians....
He's nothing but a disgusting blabbermouth without a backbone who will do anything for money. He has merely understood how to deceive... may he burn in hell.
A people that allows such a person to actively support the atrocities carried out by the terrorist organization Israel in the name of the country is nothing but a bunch of inferior scum.
this is very useful. I have written the same for liquid layer as well like 2 years ago :D (never released it, as I found an issue with how liquid works while coding the tool)
perfection is only possible in theory as long as you are the best in a specific field. but you cant verify that....so in practice impossible yeah :D
Yes ofc but that approach is way to high if we talk about private communication in general (and not just in the contect of emails). you need to go to the lowest level.
I am full anon for a loooong time. but the opsec is extremely expensive on that level. it starts with the hardware and all providers you use. I would never communicate with TCP/IP for a safe connection! And have you ever thought about the charging cables you use for your devices ;) ?! Unfortunately I cant specify the last statement in this env^^
the problem is not that it's optional, the problem is that it's even possible and furthermore that they reward such behaviour....^^
oh yeah in case that you find anything on your device(s) you might need to do some more things. but from that what you describe it sounds more like a third party was hacked/leaked or acted malicious and sold the data
Either at least one of your devices was compromised or else a company (or any other third party) leaked your data most likely because of an attack.
That what you describe is typical for a carding attack, somebody has your debit card data as well as ohter personal information like address, phone, email etc. but I dont think that the attacker has other data which are necessary to effectivly use the card, like your IP address, useragents, session cookies etc. otherwise he would sim swap your number. If so the consequences would have been far beyond receiving a sms with otp :)
Ofc check all your devices and anaylse your opsec. but imo it's enough to block the card and get a new one. you can change your phonenumber and email adress as well but that depens on your specific cost-benefit ratio.
its iterative. and it defenitly needs a bunch of scripts to handle the communication with the API and the command execution. there are some tools like gpt-engineer or gpt-pilot, which - unfortunately - dont work very well. the approach is not low enough imo.
definetly use a vm, some good bash scripts for the api requests with the right parameters to get a response which has some specific synthax so that it can be parsed effictively. use the response to either execute commands (downloads, file creation etc) or request more client input (since 4o this can be even the client infront of a camera ;)). than use the console logs and other relevant log data for the next iteration. sorry for the very rough explanation, but I think it's enough to understand why the process can potentially produce not just couple of mils, no I mean mire like 100mil+.
oh and possible but NOT recommended for obvious reasons: its no problem to even involve a wallet/payment data and give gpt the ability to create other vms in the google cloud and deploy and get a domain etc.
Unfortunately, I don't have the time to answer more detailed right now, but in various countries the investigative authorities (investigators and agents) often use Signal to communicate with undercover informants. especially in the secret service area. telegram is almost never used. There are various ways to evaluate this, but I suspect that Signal cooperates with some institutions