Mafia Boss Secures His Data with Caesar Cipher
This is just too funny not to blog about it...You might have heard that the mafia boss Bernardo Provenzano has been arrested recently. Now people found out that he used some "cryptography" in his...
View ArticlePodsploiting
The RedTeam, a penetration testing group, has released two security advisories which explain security holes in two podcast clients (podcatchers).Both exploits are possible because the input of the...
View ArticleClik here to view.
Google Earth for Linux - Beta
OK, so Goole has finally released a first version of Google Earth for Linux (beta, of course).Well, maybe this time they really mean it when they say "beta"... Here's some quick observations:Of course,...
View ArticleAnonymous Google Earth over Tor
I'm probably not the first one to notice this, but you can actually use Google Earth anonymously (upon first glance at least) over Tor. It seems all the traffic (downloads of maps and textures etc.)...
View ArticleScatterChat - secure, anonymous, free, cross-platform Instant Messaging client
ScatterChat is a new cross-platform IM client announced by the Cult of the Dead Cow / Hacktivismo (during the HOPE conference, it seems).From the website: ScatterChat is a HACKTIVIST WEAPON designed to...
View ArticleClik here to view.
Testing stuff with QEMU - Part 1: SELinux support in Debian unstable [Update]
Update: "Testing stuff with QEMU"-articles published so far:Part 3: Debian GNU/kFreeBSDPart 2: MenuetOS, a tiny OS written in 100% assembly languagePart 1: SELinux support in Debian unstableHere's a...
View ArticleClik here to view.
User-friendly SELinux policy editing in vim or Eclipse (using SLIDE)
After you have installed a minimum SELinux setup in QEMU, you might want to tweak and edit the policy to fit your needs.A nice, graphical method to do so is to use SLIDE, written by Tresys (and...
View ArticleWhy voting machines suck and undermine democracy [Update]
If there are electronic voting machines where you live, and you've ever considered using one of those... well, you should probably reconsider.In this CNN report (M4V video, 13 MB) Avi Rubin explains...
View ArticleClik here to view.
SELinux by Example - Using Security Enhanced Linux
Recently in my (physical) mailbox: SELinux by Example by Frank Mayer, Karl MacMillan, David Caplan. The most recent and up-to-date book about SELinux I know about, written by some of the most involved...
View ArticleTowards a moderately paranoid Debian laptop setup [Update]
I was planning to set up my laptop from scratch for a while now... so I did.PreparationFirst, go home. No, really! Do all of this at home in a non-hostile, firewalled network. You don't want to be in a...
View ArticleNVIDIA Binary Graphics Driver Root Exploit
A security advisory was released today which warns about a severe security issue in the binary-only NVIDIA drivers: The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that...
View ArticleFamous Unsolved Codes and Ciphers
Here's a nice list of Famous Unsolved Codes and Ciphers.Makes an interesting read for a rainy day... Or if you want to give one of the codes a try and solve it, go ahead, and let us know the results...
View ArticleSerious remotely exploitable hole in GnuPG
Just in case you haven't heard of this yet: GnuPG<= 1.4.5 contains a remotely exploitable security issue which has been fixed in 1.4.6.You should really upgrade ASAP, as this problem can...
View ArticleOpenOffice / OpenDocument and MS Office 2007 / Open XML security
Interesting paper from the PacSec 2006 security conference: OpenOffice / OpenDocument and MS Office 2007 / Open XML security (PDF)Not too surprising when you come to think of it, there are tons of...
View ArticleClik here to view.
LinuxBIOS talk video recording from FOSDEM 2007
Highly recommended for anybody who might be even remotely interested in LinuxBIOS:There's a video recording (OGG, 234 MB) of the LinuxBIOS talk at FOSDEM 2007 by LinuxBIOS-founder Ron Minnich.The talk...
View ArticleRAID5 + dm-crypt + LVM + ext3 Debian install and benchmarks
OK, so I've setup a RAID5 at home because I'm getting tired of failed disk drives and data losses.Some notes:The system consists of 3 x 300 GB IDE drives in software RAID5 (standard Linux kernel and...
View ArticleLest We Remember: Cold Boot Attacks on Encryption Keys
Just in case you haven't already read about this... Some researchers from Princeton have published a paper about methods which can be used to attack full-disk-encryption (FDE) schemes.They have...
View ArticleResizing a dm-crypt / LVM / ext3 partition
I've bought a new hard drive for my laptop recently, because I finally got fed up with my constantly-full disk. Having to browse around in $HOME looking for stuff which can be safely deleted just...
View ArticleClik here to view.
Speed up Linux crypto operations on the One A110 laptop with VIA Padlock
OK, so I've been hacking on and testing my shiny new One A110 mini-laptop during the last few days and I must say I'm very happy with it. I'll write up some more details later (check the wiki if you're...
View ArticleDIY secure pseudo-DDNS setup using ssh
Here's a quick HOWTO for setting up your own secure pseudo-dynamic DNS (DDNS) server.It's not a "real" DDNS service, i.e. you won't be able to use standard DNS tools or protocols to talk to the server,...
View ArticleClik here to view.
Configure Firefox/Iceweasel 3 to be more secure / usable / bearable
Today seems to be Firefox/Iceweasel 3 Bashing Day on Planet Debian, so let me join the fun :)I agree with most other people that the default Firefox/Iceweasel 3 config is not ideal, so here's what I...
View ArticleClik here to view.
Underhanded C Contest 2008: Leaky Redaction
This year's Underhanded C Contest has been announced. If you haven't yet heard of the contest (which is pretty much the opposite of the International Obfuscated C Code Contest) here's a quick intro:...
View ArticleUpdated DIY Dynamic DNS solution HOWTO
I've just updated my DIY secure pseudo-DDNS setup using ssh article/HOWTO a bit, in order to make it simpler to set up (no more extra scripts required) and a bit more secure (by using command= and...
View ArticleCreating 32768 bit RSA keys for fun and profit
Have you ever wondered how long it would take to create a 32768 bit RSA key with ssh-keygen? Well, I did. $ time ssh-keygen -t rsa -b 32768 -f ~/.ssh/tmp32768 -N foobar -q real 244m31.259s user...
View ArticleClik here to view.
Physical memory attacks via Firewire/DMA - Part 1: Overview and Mitigation...
This is part 1 of a series on articles about the Firewire security issues mentioned below.For many years now, attacks via Firewire / i.LINK / IEEE 1394 have been a known security issue. Basically, if...
View ArticleDear virus/worm/rootkit/botnet writer...
...next time you write such a piece of malware, how about making it do something useful (instead of nefarious) for a change, say, have your botnet zombies become Tor exit nodes? kthxbye.
View ArticleFalling on your back for fun and profit -- human airbag device
Fun stuff I just stumbled over: a personal/human airbag from Japan, supposedly meant for elderly people who might fall and injure themselves.Watch a video of the airbag in action on Youtube (no need...
View ArticleClik here to view.
Google Tech Talks: coreboot (aka LinuxBIOS): The Free/Open-Source x86 Firmware
Here's a nice opportunity for everyone to learn more about coreboot, a Free Software / Open Source firmware/BIOS for x86 PCs.Ron Minnich, founder of the LinuxBIOS (now called coreboot) project, Peter...
View ArticleNote to self: Missing lvm2 and cryptsetup packages lead to non-working initrd...
I recently almost died from a heart attack because after a really horrible crash (don't ask), Debian unstable on my laptop wouldn't boot anymore. The system hung at "Waiting for root filesystem...",...
View ArticleHow to setup an encrypted USB-disk software-RAID-1 on Debian GNU/Linux using...
This is what I set up for backups recently using a cheap USB-enclosure which can house 2 SATA disks and shows them as 2 USB mass-storage devices to my system (using only one USB cable). Without any...
View Article