Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


James last won the day on July 20 2016

James had the most liked content!

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

James's Achievements


Rookie (2/14)

  • Conversation Starter
  • First Post
  • Collaborator
  • Week One Done
  • One Month Later

Recent Badges



  1. Peter Eckersley, one of the original founders of Let’s Encrypt, passed away at CPMC Davies Hospital in San Francisco on 2nd September 2022. He had been diagnosed with cancer on 31 August, but died of complications during pre-operative preparations to treat the disease. https://community.letsencrypt.org/t/peter-eckersley-may-his-memory-be-a-blessing/183854 https://nakedsecurity.sophos.com/2022/09/04/peter-eckersley-co-creator-of-lets-encrypt-dies-at-just-43/ https://en.wikipedia.org/wiki/Peter_Eckersley_(computer_scientist)
  2. A cipher key was written in the form of a defined monomer sequence, dissolved in isopropanol and mixed with glycerol and soot. This created an ink that was used to write a letter. The 256-bit cipher key was successfully recovered by the recipient of the letter by extracting with dichloromethane and following instructions for sequencing. https://pubs.acs.org/doi/pdf/10.1021/acscentsci.2c00460
  3. Microsoft SEAL prior to v3.6 using the Brakerski/Fan-Vercauteren (BFV) protocol is vulnerable to a power-based side-channel attack. Aydin Aysu at North Carolina State University demonstrated that by monitoring power consumption in a device that is encoding data for homomorphic encryption, you can read the data as it is being encrypted. https://securityboulevard.com/2022/06/researchers-demonstrate-they-can-steal-data-during-homomorphic-encryption/
  4. Microsoft SEAL is an open-source homomorphic encryption library that enables running computations directly on encrypted data. A cloud provider does not have unencrypted access to the data they are storing and computing on. SEAL comes with two homomorphic encryption schemes. BFV allows modular arithmetic on encrypted integers. CKKS allows additions and multiplications on encrypted real or complex numbers, but yields only approximate results. https://www.microsoft.com/en-us/research/project/microsoft-seal/
  5. James


    VeraCrypt 1.25.9 was released February 19th 2022. Downloads are available from https://www.veracrypt.fr/en/Downloads.html for Windows, Mac, Linux (CentOs, Debian, Ubuntu, OpenSUSE), Raspberry Pi and FreeBSD.
  6. The Treasury has announced that it will regulate some cryptocurrencies as part of a wider plan to make the UK a hub for digital payment companies. Separately, the Treasury said it will ask The Royal Mint to create a Non-Fungible Token (NFT). The Treasury has not yet confirmed which stablecoins will be regulated, however well-known ones include Tether and Binance USD. https://www.bbc.co.uk/news/business-60983561
  7. CentOS 8 is EOL and no longer supported, so an encryption vulnerability poses a challenge. The LUKS (Linux Unified Key Setup) issue stems around the re-encryption process during key change and weakens security for an encrypted block device. CVE-2021-4122 https://thehackernews.com/2022/01/patching-centos-8-encryption-bug-is.html
  8. James


    POODLE means Padding Oracle on Downgraded Legacy Encryption. It allows an attacker to eavesdrop on encrypted HTTPS communications using the SSL 3.0 protocol. To protect a server against POODLE attacks you can disable SSL 3.0, or TLS 1.1 and TLS 1.2. The POODLE vulnerability was discovered by Google in 2014, reference CVE-2014-3566. Additional information is available from https://www.makeuseof.com/what-is-the-poodle-attack/
  9. Arqit has announced the release of the first version of its QuantumCloud service. The software enables customers to secure the communications channels and data of any cloud, edge or end-point device. The launch of Arqit satellites in 2023 will replace terrestrial systems as the root source of randomness in QuantumCloud. https://finance.yahoo.com/news/arqit-releases-quantumcloud-deliver-stronger-042000026.html
  10. And now you can’t. However Musk has suggested he may change his mind again if Bitcoin has better eco-considerations. https://www.cnbc.com/2021/06/14/bitcoin-btc-soars-after-musk-says-tesla-could-accept-the-crypto-again.html
  11. A crypto flaw has been found in the GPRS (2G) mobile data standard. The researchers (Christof Beierle, et al) said the vulnerability in the GEA/1 algorithm is unlikely to have been an accident, and was probably created as a backdoor for law enforcement. Instead of 64-bit protection it only provides 40-bit and is vulnerable to downgrade attacks. GEA/1, GEA/2 and GEA/3 are known to have weaknesses. https://eprint.iacr.org/2021/819 https://abcnews.go.com/Business/wireStory/security-flaw-found-2g-mobile-data-encryption-standard-78309008 https://www.theregister.com/2021/06/17/gprs_encryption_backdoor/
  12. Arqit has announced it will develop a satellite-based quantum technology encryption network for the United States, Japan, Canada, Italy, Belgium and Austria. Known as the Federated Quantum System (FQS) the satellites will distribute quantum keys to data centres using a protocol called ARQ19. The FQS satellites will be assembled at the National Satellite Test Facility in Harwell near Oxford and launched by Virgin Orbit in 2023. Commercial partners include BT, Sumitomo Corporation, Northrop Grumman, Leonardo, QinetiQ Space N.V., qtlabs and Honeywell. Italy, Belgium and Austria are also partners in a European quantum communications network called EuroQCI. https://www.prnewswire.com/news-releases/international-partners-and-government-agencies-join-arqits-federated-quantum-system-301310846.html https://spacenews.com/governments-ally-for-federated-quantum-encryption-satellite-network/
  13. James


    VeraCrypt 1.24-Update8 (November 28th 2020)has been released for MacOSX 10.9 and later. It fixes compatibility issues with macOS Big Sur, especially on Apple Silicon M1 with macFUSE 4.0.x.
  14. DiskCryptor has been modified by the Mamba ransomware. The FBI have advised that if any of the DiskCryptor files are detected prior to the second reboot, attempts should be made to determine if the myConf.txt is still accessible. If so, then the password can be recovered without paying the ransom. https://www.aha.org/system/files/media/file/2021/03/fbi-tlp-white-report-mamba-ransomware-weaponizing-diskcryptor-3-23-21.pdf
  15. DiskCryptor is a free and open-source full disk encryption system for Microsoft Windows. It allows a PC’s entire hard drive or individual partitions to be encrypted, including where the OS is installed. DiskCryptor uses either AES-256, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption. DiskCryptor has not been updated since 2014. VeraCrypt is now used as an alternative.
  • Create New...