1. Serious vulnerability found in elliptic curve PRNG - cryptographers freak out.

    16 November 2007

    A major component of cryptographic systems are pseudorandom number generators used to pull values out of thin air for the purposes of generating session keys and the bignum components of crypto keys, among other things. This is done so that an eavesdropping attacker can't predict ahead of time what a particular key is going to be and decrypt traffic as it's transmitted. Another reason is that it's easier to generate a pseudorandom number and check it for certain properties all at once than it is to work up such a number by hand and check it against those properties every …

    Read more...

  2. Grassroots mycoremediation in the Bay area.

    16 November 2007

    If you've been watching the news these past few days, you've probably come across the bruhaha over a fuel tanker crashing into the San Francisco Bay Bridge, dumping tens of thousands of gallons of petrochemical fuel into the water and forcing a number of beaches to close, to say nothing of the impact upon the environment. San Francisco, long a haven for the unconventional, unusual, and inventive, has birthed an unusual and effective method for cleaning up and disposing of the spilled fuel: Pads made of human hair and oyster mushroom mycelia. The principle underlying the effort is a simple …

    Read more...

  3. White House staff ordered to follow national archival law.

    16 November 2007

    The Bush regime has been notorious from the beginning for violating a basic federal law, the Presidential Records Act of 1978 (44 USC 2201-2207), which states that all presidential correspondence and communications must be permanently archived. Bush is interesting in that he is the first president to outright ignore e-mail from his constituents, which caused a minor scandal until American Idol hit the airwaves back in the early years of this decade. At any rate, this matter keeps popping up like a bad penny, most notably White House staff members using GOP e-mail servers to avoid the archival of their …

    Read more...

  4. Military develops firewall appliance for battlefield networks.

    14 November 2007

    Following battlefield tales that Hezbollah had compromised the IDF communications network during operations in Lebanon last year, defense contractors have developed Meshnet, a hardware and software firewall appliance to protect the data networks of battlefield equipment, on the chance that someone would figure out how to infect them with malicious agents of some sort in the near future. Meshnet is supposedly based upon the Sidewinder Security Appliance from Secure Computing, but includes specialized hardware that deals with the network protocols and connection gear used in the control systems of tanks, armored personnel carriers, or what have you along with anti-spyware …

    Read more...

  5. Practical HERF: No longer an urban legend?

    14 November 2007

    For years, HERF weapons (high energy radio frequency) have been the stuff of science fiction and urban legends of the hacker underground. The underlying premise is simple: Integrated circuitry is vulnerable to various forms of radio frequency emissions, and such interference can either disrupt the functioning of or outright destroy circuitry. In theory, these weapons are relatively easy to construct with a decent grasp of electronics and high voltage electrical engineering with readily available parts, but actual examples of such are rarely verified. Personally, I've heard some tales coming out of a certain hacker con in the west (which was …

    Read more...

  6. I would've written something but there was this duck...

    13 November 2007

    The past two weekends have been more or less non-stop running around so I haven't been writing about them lately. To make a long story short, Lyssa and I are fixing up the apartment a bit more and so are doing quite a bit of reorganizing. This weekend just passed we bought a new dresser from Ikea which wound up being an all weekend job of assembly. Last night we had to run back out there (and made it from Virginia to Maryland in record time on the beltway let me tell you, though most of it was due to …

    Read more...

  7. Hushmail rolls over on some of its users.

    08 November 2007

    For years, the webmail service provided by Hushmail has been an example of weak anonymity and privacy: They don't ask for much to set up an account, they will happily auto-generate an e-mail address for you, users connect via SSL, and they will encrypt and digitally sign any messages a user sends through their service. They also claim that all messages are stored in encrypted form on their disk arrays, so that even if someone did demand a copy of a message from a certain address it would be worthless to them (ostensibly, public key encryption is used on the …

    Read more...

  8. US House of Representatives passes workplace LGBT rights bill.

    08 November 2007

    After months of campaigning, pulling wires, writing letters, sending e-mails, and making telephone calls, we've managed to score a victory in the US House of Representatives - yesterday they passed a bill that would make it illegal to discriminate against gays, lesbians, and bisexuals in the workplace. We've been working towards this for close to three decades now, and quite frankly it's about time. This is the twenty-first century, and the fact that it was ever possible to be fired because of whom you happen to fancy during off-hours is as antiquated a notion as serfdom. Unfortunately, and this is what …

    Read more...

  9. Were they looking for terrorists or a Grateful Dead concert?

    07 November 2007

    The Federal Bureau of Investigation is so hot to uncover dastardly plots of domestic terrorism in this country that, for at time at least, they were mining such fields of data as who bought what from middle eastern grocery stores to determine who might be a religious extremist and terrorist. Yep - they thought sales of falafel might help them generate the results that they're pressured to produce for the people on high. Thankfully, common sense prevailed (did they hire a four year old to check their logic or something?) and they spiked the plan in 2006. The article makes a …

    Read more...

  10. Sorry 'bout the downtime, folks.

    07 November 2007

    A good bit of yesterday was spent monitoring Leandra as she upgraded her systemware and applications, which amounted to watching the output of various compilation batches (thank you, Portage) and making sure that nothing went horribly wrong. However, something did, in the form of a major change between revisions of the Apache web server, which had the net effect of making all of the config files obsolete and unusable. I discovered it last night while watching Leandra boot back up, but was too tired after work to do anything about it.

    It appears that service is restored to all of …

    Read more...

150 / 207