Archive | Cryptography


12 November 2010 | 8,474 views

PGP Users Locked Out With Latest OS X Update

For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily. If you are just looking for a quick solution, you [...]

Continue Reading


10 November 2010 | 9,751 views

Hotmail Always-On Encryption Breaks Microsoft’s Own Apps

Oh look, Microsoft is late to the party again? They are finally launching full-session SSL encryption to Hotmail a mere 2 years after Google did the same thing for Gmail. It looks like the release of FireSheep really has had an impact on web-application vendors due to the amount of mainstream media coverage it got [...]

Continue Reading


13 October 2010 | 8,977 views

Facebook Introduces OTP (One-time Password) Functionality

Nice to see an innovation on the security front for once rather than endless ‘feature’ updates and announcements of ‘the next big thing’. Facebook has had its fair share of security woes so it’s nice to see they are doing something which I think may be genuinely useful for it’s burgeoning user base. A lot [...]

Continue Reading


27 July 2010 | 31,411 views

WPA2 Vulnerability Discovered – “Hole 196″ – A Flaw In GTK (Group Temporal Key)

Well as it tends to be, when something is scrutinized for long enough and with enough depth flaws will be uncovered. This time the victim is WPA2 – the strongest protection for your Wi-fi network which is standardized. WEP fell long ago and there’s a myriad of WEP Cracking tools available. In 2008 it was [...]

Continue Reading


24 March 2010 | 7,409 views

Website Auto-complete Leaks Data Even Over Encrypted Link

I’m always fascinated by side-channel attacks where the attack is focused on the underlying architecture of the cryptosystem and the data echos it creates rather than the algorithm or implementation itself. Similar somewhat to the recent breaking of OpenSSL using power fluctuations. This time some researcher type fellas focused on the digital noise autocomplete webforms [...]

Continue Reading


05 March 2010 | 10,221 views

Boffins Crack OpenSSL Library Using Power Fluctuations

Now this is a very interesting technique, as far as I know I’ve not seen anything similar to this before. It’s like a rather bizarre meld of hardware hacking and software exploitation using cryptographic algorithm cracking techniques. Some rather smart fellas have found a way to extract the private SSL key from a device by [...]

Continue Reading


12 May 2009 | 4,718 views

Ensuring Data Security During Hardware Disposal

After our recent story about the trading of BlackBerries for data theft the issue has emerged again this time more towards the secure disposal of data stored on PC hard disks. If a company or organisation has a decent data/information security policy in place (Like ISO27001 for example) they should have a secure destruction/disposal policy [...]

Continue Reading


08 May 2009 | 10,671 views

Explosion Of BlackBerry Trading In Nigeria – Data Theft

The number of Crackberry Blackberry users is increasing exponentially – especially since they released the much sexier Bold and the latest touch-screen Storm. The latest revelation is that used BlackBerries are being traded, not by the value of the phone but by the value of the data contained on the phone! It just shows most [...]

Continue Reading


05 December 2008 | 46,817 views

The World’s Fastest MD5 Cracker – BarsWF

BarsWF is basically an MD5 cracking tool and at the moment, is currently the fastest. Right now on nVidia 9600GT/C2D 3Ghz CUDA version does 350 M keys/sec, SSE2 version does 108 M keys/sec. You may check benchmarks of all known good MD5 bruteforcers here. Changes in 0.8 Added checks for errors when calling CUDA kernel. [...]

Continue Reading


03 October 2008 | 8,429 views

THC-ePassports – THC Clones Biometric ePassport – Elvis Presley Passport

I guess most people have been led to believe this new generation of ePassports or biometric passports are more secure, will help us keep our privacy intact and help us mitigate against identity theft. Well how wrong the propaganda is! THC (famous for their tools and research in security) has just released some technical information, [...]

Continue Reading