Random   •   Archives   •   RSS   •   About   •   Contact > Tag: Security

How to patch Heartbleed OpenSSL defect (libssl) on Ubuntu

Lots of people claim that you need to upgrade openssl package, but this will not fix the issue.

The issue is not the openssl package, it is one of the libraries that the package relies on (libssl).

The output of openssl version -a command …

Continue Reading

how to drain an iPhone battery without needing passcode

  1. Press home button [ ]
  2. Slide camera button up
  3. Slide mode to video
  4. Turn on flash
  5. Put iPhone on table with light pointed down
  6. Walk away inconspicuously

Extra points if you set the camera to record (just don't record yourself or sounds) which will fill up the iPhone capacity.

Continue Reading

nosslsearch cname is a bad idea and solution

Google SafeSearch and SSL Search for Schools suggests implementing the following changes to the network:
To utilize the no SSL option for your network, configure the DNS entry for www.google.com to be a CNAME for nosslsearch.google.com.

Here are the reasons why this is a bad idea …
Continue Reading

How to capture HTTPS SSL TLS packets with wireshark

This article will explain how to use wireshark to capture TCP/IP packets. Specifically I will show how to capture encrypted (HTTPS) packets and attempt to document the "dance" a client and server do to build an SSL tunnel.

What is Wireshark?

Wireshark is a network protocol analyzer for Windows …

Continue Reading

Block cipher lab

Consider the following block cipher. Suppose that each block cipher T simply reverses the order of the eight input bits (so that, for example 11110000 becomes 00001111).
Further suppose that the 64-bit scrambler does not modify any bits. With n = 3 iterations and the original 64-bit input equal to 10100000 …
Continue Reading

Monoalphabetic Cipher and Inverse Written in Python

introduction and background

A monoalphabetic cipher uses fixed substitution over the entire message.

You can build a monoalphabetic cipher using a Python dictionary, like so:

monoalpha_cipher = {
    'a': 'm',
    'b': 'n',
    'c': 'b',
    'd': 'v',
    'e': 'c',
    'f': 'x',
    'g': 'z …
Continue Reading

Why does a Hash provide better message integrity then an Internet checksum?

Why does a Hash provide better message integrity then an Internet checksum?

Hash function and checksum function both return a value which cannot be reversed.

An Internet checksum (TCP checksum or IP checksum) is designed to detect common errors quickly and efficiently. An Internet checksum does not attempt to prevent …
Continue Reading

Symmetric Encryption vs Public Key Encryption

How many keys are involved for symmetric key encryption? How about public key encryption?

Suppose you have N people who want to communicate with each other using symmetric keys. All communication between any two people, i and j, is visible to group N. Only person i and person j can …

Continue Reading

Attributes of an 8-block cipher

Consider an 8-block cipher and answer the following:

How many possible input blocks does this cipher have?

How many possible mappings are there?

If we view each mapping as a key, then how many possible keys does this cipher have?

To find the input blocks of this cipher we raise …

Continue Reading

Reasons why some Internet entities might want secure communication

Continue Reading

What are the differences between message confidentiality and message integrity

Continue Reading

Security Professionals: Yes we appear vulnerable but that attack vector will never happen

In loom of recent internet attacks many institutions have started scrambling in attempt to "strengthen" their security stance. I agree that auditing our systems and networks for potential flaws seems appropriate at this time to prevent getting "caught with our pants down". Incidentally, I have recently witnessed the introduction of …

Continue Reading

Dropbox Encryption with TrueCrypt

The best security acts like an onion.

Continue Reading
© Russell Ballestrini.