Re: Just update the microcode (was: Re: defending against evil in all layers of hardware and software)

2008-04-29 Thread Sebastian Krahmer
The signature in the microcode update has not the same meaning as within crypto. For intel chips it has 31bits and basically contains a revision number. The requirements for the BIOS for checking microcode updates are in short: check the crc and ensure that older revisions cant replace new ones

Re: More US bank silliness

2008-09-08 Thread Sebastian Krahmer
Hi, This reminds me the most weird SSL related error message I have ever seen and which is there since ages: Beside that the certificate is wrong :-) regards, Sebastian On Mon, Sep 08, 2008 at 01:29:34AM +1200, Peter Gutmann wrote: In the ongoing comedy of errors that

OpenSSH patch against traffic analysis

2008-12-23 Thread Sebastian Krahmer
Hi, I wrote a patch to force openssh to use constant time and packet-size on the SSHv2 connection so observers of traffic cant correlate SSH connections to each other. You can find it here: l8er, Sebastian -- ~~ ~~ perl ~~

Re: [Cryptography] Good private email

2013-08-27 Thread Sebastian Krahmer
On Mon, Aug 26, 2013 at 07:12:21AM -0400, Richard Salz wrote: I don't think you need all that much to get good secure private email. You need a client that can make PEM pretty seamless; reduce it to a button that says encrypt when possible. You need the client to be able to generate a