Re: Free Rootkit with Every New Intel Machine

2007-06-27 Thread Jacob Appelbaum
, !matched, active, busy 0, retain count 8 | +-o TPM class IOACPIPlatformDevice, registered, matched, active, busy 0, retain count 6 Regards, Jacob Appelbaum - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: cold boot attacks on disk encryption

2008-02-21 Thread Jacob Appelbaum
or strange byte ordering, the physical properties of the memory chips are going to be difficult to overcome. As our paper states: There is no easy solution to this problem. I'm happy to field questions if this is the proper forum. Best, Jacob Appelbaum

Re: cold boot attacks on disk encryption

2008-02-21 Thread Jacob Appelbaum
. The adverts claim 128-bit AES hardware encryption, but they don't tell us how it is used. Without transparency, I'd rather stick with software. It has issues, we now know about another one. Regards, Jacob Appelbaum - The Cryptography

Re: cold boot attacks on disk encryption

2008-02-22 Thread Jacob Appelbaum
provides a method to read those areas of disk, it's just a matter of finding them. Regards, Jacob Appelbaum - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: wrt Cold Boot Attacks on Disk Encryption

2008-03-15 Thread Jacob Appelbaum
recover and make a pretty good confirmation. This means we don't have to do reverse engineering to find keys and we can correct for errors. Our keyfinder could be used with firewire and I think it stands on its own. Regards, Jacob Appelbaum

Re: Designing and implementing malicious hardware

2008-04-24 Thread Jacob Appelbaum
Perry E. Metzger wrote: A pretty scary paper from the Usenix LEET conference: The paper describes how, by adding a very small number of gates to a microprocessor design (small enough that it would be hard to notice them),

MD5 considered harmful today

2008-12-30 Thread Jacob Appelbaum
Hello, I wanted to chime in more during the previous x509 discussions but I was delayed by some research. I thought that I'd like to chime in that this new research about attacking x509 is now released. We gave a talk about it at the 25c3 about an hour or two ago. MD5 considered harmful today:

Re: password safes for mac

2009-06-30 Thread Jacob Appelbaum
Ivan Krsti? wrote: On Jun 27, 2009, at 6:57 PM, Perry E. Metzger wrote: Does anyone have a recommended encrypted password storage program for the mac? System applications and non-broken 3rd party applications on OS X store credentials in Keychain, which is a system facility for keeping

Re: FileVault on other than home directories on MacOS?

2009-09-28 Thread Jacob Appelbaum
Ivan Krstić wrote: On Sep 22, 2009, at 5:57 AM, Darren J Moffat wrote: There is also a sleep mode issue identified by the NSA Unlike FileVault whose keys (have to) persist in memory for the duration of the login session, individual encrypted disk images are mounted on demand and their keys

Merry Certmas! CN=*\

2009-09-30 Thread Jacob Appelbaum
Hello *, In the spirit of giving and sharing, I felt it would be nice to enable other Noisebridgers (and friends of Noisebridge) to play around with bugs in SSL/TLS. Moxie was just over and we'd discussed releasing this certificate for some time. He's already released a few certificates and I

Re: Haystack redux

2010-09-15 Thread Jacob Appelbaum
On 09/14/2010 09:57 AM, Steve Weis wrote: There have been significant developments around Haystack since the last message on this thread. Jacob Applebaum obtained a copy and found serious vulnerabilities that could put its users at risk. He convinced Haystack to immediately suspend operations.

Re: Haystack redux

2010-09-16 Thread Jacob Appelbaum
On 09/15/2010 11:48 AM, Adam Fields wrote: On Wed, Sep 15, 2010 at 03:16:34AM -0700, Jacob Appelbaum wrote: [...] What Steve has written is mostly true - though I was not working alone, we did it in an afternoon. It took quite a bit of effort to get Haystack to take this seriously. Eventually