- Bruce Schneier has a post up at the Schneier on Security blog that serves as sort of a response to the famous Black Hat 2013 Cryptopocalypse paper. Again, this is one of those subject areas where my skills are weak; I don’t know who is right or wrong here (or if both sides are both part right and part wrong) but I wanted to point out Schneier’s post in the interest of giving equal time to the other side.
- Here’s a link to Justin Engler’s GitHub repo, which includes build info for R2B2 (the PIN cracking robot), the control software, presentation slides (though I’m not sure if these are from DEFCON 21) and some interesting material related to PINs. (By way of the presentation slides, here’s another interesting bit of PIN related statistical information.)
- If you’re interested in the “Android master key” bug, here’s a link to Jeff Forristal’s BlackHat 2013 presentation. (If you don’t know what that is, “The vulnerability involves discrepancies in how Android applications are cryptographically verified & installed, allowing for APK code modification without breaking the cryptographic signature; that in turn is a simple step away from system access & control.”)
- Two interesting and related things from Daniel Crowley: “The Way of the Cryptologist” and cribdrag, a tool for cryptanalysis of “ciphertext encrypted using an XOR operation with a predictable key” (for example, ciphertexts encrypted with a one-time pad, where somebody reused the one-time pad. Bad mojo. Don’t do that).
- Hoorah! Hoorah! The Doug DePerry/Tom Ritter/Andrew Rahimi “Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell” presentation just went up. This link takes you to the iSEC Partners website, where you can find both slides and video.
- Nicholas Baldanos has been updating his blog with more information on the ccTalk protocol. Part 1: details of the protocol. Part 2: coin acceptor handling.
Archive for August 19th, 2013
A small handful of DEFCON 21 (and related) notes: August 19, 2013.
Monday, August 19th, 2013This brings a smile to my face.
Monday, August 19th, 2013The Post Office is issuing an Inverted Jenny stamp.
The 2013 Inverted Jenny has a face value of $2 (13 cents in 1918 money) instead of the 24 cent face value of the original. I’ll be interested in seeing what else the USPS changes.
And here’s an old article from Smithsonian about the Inverted Jenny, for those unfamiliar with the story.
(I’m not a big stamp collector; I dabbled in it a little when I was young, with the help of my mother, and somewhere I think I have a Bicentennial first day cover. As I get older, though, I’ve started purchasing USPS first day covers for people and subjects that interest me. See also: the Battle of Lake Erie.)
(And, yes, somewhere I have a copy of George Amick’s book, The Inverted Jenny: Money, Mystery, Mania
(Of course, the Inverted Jenny story touches on another subject of interest to me: the Green family.)