Tag: crypto

  1. Proposed bill will require wiretapping, cryptographic insecurity of services operating within the USA.

    28 September 2010

    Once upon a time, monitoring someone's communications was a relatively simple matter for law enforcement: they sent someone out to the pole or the side of the house with a hex driver and patched a transmitter into the pair of wires leading into the building that would kick on and send both ends of any conversations to a listening post some distance away. Since then, technology's changed just a bit (consider this my entry for the Understatement of the Year Award) but the powers that be are finding themselves hard pressed to keep up. In the year 1994 a law …

    Read more...

  2. Chaos, robots, and Faith and the Muse - all in DC!

    01 May 2010

    Last Friday evening brought with a second attempt at the Chaos in DC meetup in Silver Spring, Maryland. I'd driven out there straight from work because I wound up leaving the office late, and when you factor in travel time it really wasn't a good idea to to do too much driving that night. In other words, there was no way I was going to drive two hours home through rush hour traffic on the DC Beltway, get there when the meetup began to pick up a few things and meet up with Jason, and then drive two hours back …

    Read more...

  3. Electronics projects to make you sit up and take notice.

    04 November 2009

    During my daily morning mainline injection of news on the Net this week, a couple of electronics projects caught my eye that I hadn't seen before. The first is a project from SparkFun Electronics that uses higher voltage than I'm used to working with - a Geiger counter kit with a USB interface. The kit is constructed around the popular ATmega 168 microcontroller, which means that the basic Arduino development kit can be used to write code that pulls samples from the Geiger-Muller tube (powered by a tiny high voltage power supply) and outputs numerical values over USB, where the 'counter …

    Read more...

  4. Practical whole disk encryption, or, how to frustrate data forensics.

    23 February 2009

    When you get right down to it, the best way for an attacker to get hold of your data is to shut the box down, pull the drive, and rip a sector-by-sector image to analyze offsite. It might not be quick (depending on the speed of the hard drive, speed of the storage drive, and a number of other factors) but if you're not there when it's done you might not know that it ever happened. However, if you encrypt data at the level of the drive, they can copy the drive all they want but they won't be able …

    Read more...

  5. WPA/TKIP partially broken?

    06 November 2008

    Just when you thought it was safe to raise an antenna and go wireless again, along comes another attack to make you think twice. A pair of security researchers, Erik Tews and Martin Beck, will present a new attack against WPA (Wi-Fi Protected Access) at the PacSec conference next week. If you're not up on wireless network technologies, WPA is the system developed to secure wireless network traffic after WEP was found to be too insecure. The basic purpose of WPA is to encrypt all data traffic between a wireless client and an access point (modulo the control packets, of …

    Read more...

  6. Maybe I should write about things other than myself for a while.

    11 October 2008

    If you're involved in the retrocomputing or PC history scenes, chances are you've heard of double-sided floppy disks that are formatted for one system on side A and another system on side B. For example, I've got a copy of the game Ninja which had the C-64 version of the game on one side and the Atari port on the other. At the time this was a pretty straightforward thing to do because drives only read one side of a disk at a time. A couple of weeks back, PC historian Trixter came across a highly unusual 5 1/4 …

    Read more...

  7. FIXED - Truecrypt v6.0a released.

    14 July 2008

    I'm well over a week late with this post, but better late than never. The Truecrypt Foundation announced on 8 July 2008 that v6.0a of Truecrypt, the cross-platform disk encryption package was released to the Net, along with its source code. Judging by the changelogs, it stands head and shoulders above the last releases (v5.1 and v5.1a) in several important respects. First and foremost, the new release takes full advantage of systems that have more than one CPU in them (like many laptops these days), so if you're using whole disk encryption storage I/O will be …

    Read more...

  8. Cutting the power doesn't necessarily mean that memory is cleared.

    25 February 2008

    It has long been a piece of grassroots wisdom that when the power to your computer goes dead, you're up a certain creek without a means of propulsion: Whatever you were doing at the time had gone to the great bit bucket in the sky, and unless you'd just saved your work you could kiss your next couple of hours goodbye while reconstructing everything. However, from a technical standpoint this isn't actually true. Modern-day DRAM can actually hold usable data for a finite but non-zero period of time after the main power's been cut off. This has actually been known …

    Read more...

  9. Federal judge decrees that divulging your PGP passphrase violates the fifth amendment.

    20 December 2007

    I can't say that I'm wild about the circumstances behind this (in fact, it's taken two days to calm down sufficiently to write about it without ranting), but the ramifications of this ruling are far-reaching and not a bit relevant these days.

    In 2006, a Canadian citizen named Sebastien Boucher crossed the border into the United States and was stopped. His laptop was searched by US Customs agents. Allegedly, thousands of images related to child pornography were found on the drive (in case you haven't heard, US ICE (Immigration and Customs Enforcement) reserves the right to examine and make disk …

    Read more...

  10. Situation report from Austin, Texas.

    29 November 2007

    Things have finally slowed down somewhat in Austin, affording me the opportunity to write a long-overdue update. Workdays have been long (averaging thirteen hours out of every twenty-four), which is why I've been quiet lately.

    From what I've seen of Austin, it's a pretty nice place. I"m situated a stone's throw from the airport, and within visual distance of the highway system, which has been both relaxing (coming from an urban background) and a pleasant change of pace from the places that I'm usually put up by my employers.

    Two nights ago Tiffany (co-worker and fellow foot soldier fighting …

    Read more...

2 / 4