I recently built a new computer and enabled BitLocker on it. When doing so, it asked me to save my recovery key, but I didn’t have a working printer or a flash drive to hand to save my recovery key to (also it doesn’t seem sane to store the recovery key in cleartext on a… Read More Recovering BitLocker when the BCD has been modified
I’m doing a talk about cryptography at Securi-Tay 2014 on the 15th of January, up in Dundee, Scotland. The talk is aimed at people who are interested in cryptography from a practical perspective, but are put off by the slew of hieroglyphs and maths-speak that tends to plague the field. The talk is entitled “Breaking… Read More Talking about crypto at Securi-Tay 2014 (Dundee, Scotland)
In light of the numerous recent attacks against SSL, I thought I’d offer up a quick and simple crypto lesson about why MAC-then-encrypt schemes are bad. This post will require only a minimum of knowledge about cryptography, so hopefully it’ll be useful to a wide range of people. This is not designed to be a… Read More A quick crypto lesson – why “MAC then encrypt” is a bad choice
You’d think that people writing botnets would be well versed in systems security, but from a quick look around I see that most botnets have some serious problems. The biggest issue with any botnet is command and control. How can the owner communicate with their bot nodes without having people steal their botnet by sniffing… Read More Why are botnets so bad at authentication?