On 09/15/2010 11:48 AM, Adam Fields wrote:
On Wed, Sep 15, 2010 at 03:16:34AM -0700, Jacob Appelbaum wrote:
[...]
What Steve has written is mostly true - though I was not working alone,
we did it in an afternoon. It took quite a bit of effort to get Haystack
to take this seriously. Eventually
On 09/14/2010 09:57 AM, Steve Weis wrote:
There have been significant developments around Haystack since the
last message on this thread. Jacob Applebaum obtained a copy and found
serious vulnerabilities that could put its users at risk. He convinced
Haystack to immediately suspend operations.
Hello *,
In the spirit of giving and sharing, I felt it would be nice to enable
other Noisebridgers (and friends of Noisebridge) to play around with
bugs in SSL/TLS.
Moxie was just over and we'd discussed releasing this certificate for
some time. He's already released a few certificates and I
Ivan Krstić wrote:
On Sep 22, 2009, at 5:57 AM, Darren J Moffat wrote:
There is also a sleep mode issue identified by the NSA
Unlike FileVault whose keys (have to) persist in memory for the duration
of the login session, individual encrypted disk images are mounted on
demand and their keys
Ivan Krsti? wrote:
On Jun 27, 2009, at 6:57 PM, Perry E. Metzger wrote:
Does anyone have a recommended encrypted password storage program for
the mac?
System applications and non-broken 3rd party applications on OS X store
credentials in Keychain, which is a system facility for keeping
Hello,
I wanted to chime in more during the previous x509 discussions but I was
delayed by some research.
I thought that I'd like to chime in that this new research about
attacking x509 is now released. We gave a talk about it at the 25c3
about an hour or two ago.
MD5 considered harmful today:
Perry E. Metzger wrote:
A pretty scary paper from the Usenix LEET conference:
http://www.usenix.org/event/leet08/tech/full_papers/king/king_html/
The paper describes how, by adding a very small number of gates to a
microprocessor design (small enough that it would be hard to notice
them),
recover and make a pretty good confirmation. This means we don't have to
do reverse engineering to find keys and we can correct for errors.
Our keyfinder could be used with firewire and I think it stands on its own.
Regards,
Jacob Appelbaum
provides a method to read
those areas of disk, it's just a matter of finding them.
Regards,
Jacob Appelbaum
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
or strange byte ordering, the physical properties of the
memory chips are going to be difficult to overcome.
As our paper states: There is no easy solution to this problem.
I'm happy to field questions if this is the proper forum.
Best,
Jacob Appelbaum
.
The adverts claim 128-bit AES hardware encryption, but they don't tell
us how it is used.
Without transparency, I'd rather stick with software. It has issues, we
now know about another one.
Regards,
Jacob Appelbaum
-
The Cryptography
, !matched,
active, busy 0, retain count 8
| +-o TPM class IOACPIPlatformDevice, registered, matched, active,
busy 0, retain count 6
Regards,
Jacob Appelbaum
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
12 matches
Mail list logo