I recently built a new computer and enabled BitLocker on it. When doing so, it asked me to save my recovery key, but I didn’t have a working printer or a flash drive to hand to save my recovery key to (also it doesn’t seem sane to store the recovery key in cleartext on a USB stick), so I cheated and used Print to PDF to save the recovery key to my OS drive… the one I was encrypting.
A little later I was hardening my security settings and changed the DEP policy to from the default (opt-in) to opt-out. I...
I’m doing a talk about cryptography at Securi-Tay 2014 on the 15th of January, up in Dundee, Scotland. The talk is aimed at people who are interested in cryptography from a practical perspective, but are put off by the slew of hieroglyphs and maths-speak that tends to plague the field. The talk is entitled “Breaking bad crypto without breaking your brain”. I promise that there are no Breaking Bad references in there, primarily because I seem to be the only person on earth that still hasn’t started watching...
In light of the numerous recent attacks against SSL, I thought I’d offer up a quick and simple crypto lesson about why MAC-then-encrypt schemes are bad. This post will require only a minimum of knowledge about cryptography, so hopefully it’ll be useful to a wide range of people.
This is not designed to be a full and detailed description of how SSL works, or how various attacks against it works, but rather a short primer on the subject for those who know a bit about crypto but don’t really understand how...