randomness

(get it in RSS or Atom)

Breach at eBay, bugs in Chip-and-PIN, busts for Blackshades - 60 Sec Security [VIDEO]

2014-05-24-thumb-250

Will the breach at eBay beat Adobe for size? Is Chip and PIN really as safe as they say? How many countries took action busting malware crooks?

All the answers in 60 Sec Security for 24 May 2014...

Chip-and-PIN should be "Chip-and-Skim," say Cambridge card-cloners

cc-250

Back in 2011, cryptographers at the University of Cambridge were approached by a man whose bank refused to refund a series of disputed transactions.

So they set out to answer the question, "Is it reasonable to assume the infallibility of Chip-and-PIN transactions?"

SSCC 128 - Learning from 2013 for a safer, more secure 2014 [PODCAST]

sscc-thumb-250

Our weekly security podcast looks back at the big blunders of 2013 to find out what went wrong.

Let Chet and Duck help you plan for a safer and more secure 2014!

The OpenSSL software bug that saves you from surveillance!

random-250

Bugs in pseudorandom number generators are usually cause for concern, at least in cryptographic circles.

But this story is different.

It's the curious case of the OpenSSL randomness bug with a happy ending!

Drupal security update fixes a laundry list of problems, including "predictable random numbers"

drupal-250

The Debian Linux security team recently pushed out a wry security advisory for popular web CMS Drupal.

In amongst the laundry list of fixes was a common modern malady - non-cryptographic random numbers used cryptographically...

Android randomness, Sniffer dustbins, Unpatch Wednesday, ATM skimming - 60 Sec Security [VIDEO]

2013-08-17-sniffer-bins-250

How does a bug in Android put your Bitcoins at risk? Why did the City of London bin its bins? What was Unpatch Wednesday? What to do with a 3D printer after you've made your own gun?

Find out in 60 seconds!

Android random number flaw implicated in Bitcoin thefts

bc-android-250

Bitcoin is in the news again.

Seems that a random number problem on the Android platform is letting crooks get away with cryptographic fraud to make off with other people's BTCs...

Android security fail, Cryptocat tartan, Nintendo crack - 60 Sec Security [VIDEO]

2013-07-13-googlehole-250

Are cryptographic holes the new buffer overflows?

Take a look at this week's 60 Second Security video and let us know what you think!

Anatomy of a pseudorandom number generator - visualising Cryptocat's buggy PRNG

colourmap-250

Paul Ducklin digs into one of the cryptographic flaws recently found in Cryptocat, a secure messaging application.

Don't worry if you aren't a statistician or a computer scientist...Duck doesn't get very mathematical, and has produced some very groovy images!

Anatomy of a bug - misplaced parenthesis threatens NetBSD's random numbers

random-250

NetBSD recently patched a programming bug in its kernel that affected the sanctity of the operating system's random numbers.

One lousy parenthesis misplaced by just two characters...

Kim Dotcom takes issue with critics taking issue with his new MEGA service

The party-time news of the past weekend was the launch of Kim Dotcom's comeback file sharing service, Mega.

Crypto critics have already taken issue with some aspects of Mega's implementation, and Dotcom has taken issue right back at them...

Sophos Techknow - Understanding SSL

techknow-logo-250-150

To many of us, SSL isn't much more than "the padlock in the browser." But how does it work? Who verifies SSL certificates? How do we know we can trust them? What happens if we realise we can't?

Duck and Chet discuss all this, and more, in this episode of the Techknow podcast.

BSides Austin - Verizon DBIR, cloud security and the importance of randomness

BSides Austin - Verizon DBIR, Cloud and the importance of randomness

A summary of talks from BSides Austin including the Verizon Data Breach Investigation Report, the state of cloud security and the importance of high quality random numbers in cryptography.

Randomness in cryptography - the devil's in the details

Randomness in cryptography - the devil's in the details

Kiwicon opened with a software engineering talk which was intensely focused - a case study of a single-line bug in a single source file in a single module in a 70MBbyte programming language distro.

Paul Ducklin reports from Wellington, New Zealand.