Daniel Bleichenbachers Padding Oracle Attack optimized  
26.6.12, 15:59 - Dies und Das
gepostet von web doc
Ever thought of using a small USB RSA Credential for logging in your secure areas?
bad idea
Romain Bardou, Riccardo Focardi, Yusuke Kawamoto, Lorenzo Simionato, Graham Steel, Joe-Kai Tsay describe fast a way to hack the secret key out of many of those little devices. The security issue was discovered by Daniel Bleichenbacher in 98 (=known for a long time), but never fixed. The new discoveries speed up the attack, so a key can be hacked in 13 minutes [source]

as always in the history of cryptography, it's just a bad implementation of a good idea (called RSA-PKCS#1v1.5 ).

To get a detailed (understandable) description, read M. Greens blog
http://blog.cryptographyengineering.com ... aphic.html

brandnew C64 game "soulless" review 
23.6.12, 18:10 - retro & C64
gepostet von web doc

i've made some pictures of unboxing soulless, if you want you can take a closer look at my g+ account (link at the bottom or here https://plus.google.com/photos/107748635654090594500/albums/5756833618624327665 )

the game is of middle to hard difficulty, especially jumping is tricky (and thus jumping is the major part of the game ....). thats my only point of critique, other than Andy

The gameplay reminds of "impossible mission": you have to move your character around rooms in a labyrinth and search the inside for parts of a puzzle. the artwork is of course totally different. the story is placed in a mistery/fantasy world rather than a futuristic underground cave system (a bit like in antiraid).

a lot of gimmicks are in the box: stickers, a CDROM with bonus material like maps an an interview with the authors,, the disk / tape / crt images and so on...) The Cartridge is violett (!) which glows when plugged in, another point for atmosphere. All Parts are professionally produced with high quality printings.

I still need to get better and find more time for training. Btw: at every single start the puzzle tiles are hidden somewhere else, which makes the game playable even after the first run.

Amazing to get a high quality c64 game for a computer after such a long time.
All in all:
90 / 100 %

TPM TC UEFI and Richards rants, part 2, Linus answers 
12.6.12, 11:22 - Linux
gepostet von web doc
Remember what i said half a year ago?
If UEFI is implemented the right way, there is no need to fear anything, and no need to trouble over microsofts call to make computers more save. even i do admit to use TMP n some cases.

http://www.netzherpes.de/blog/index.php ... 019-095156

now I am reading an interesting debate about just this with Linus Torvalds, and he is exactly saying this:
I’m certainly not a huge UEFI fan, but at the same time I see why you might want to have signed bootup etc.[...] Yes, yes, the sky is falling, and I should be running around like a headless chicken in despair over signing keys. But as long as you can disable the key checking in order for kernel developers to be able to do their job, signed binaries really can be a (small) part of good security. I could see myself installing a key of my own in a machine that supports it.


Even the he Linux foundation suggests how Secure Boot should be used with Linux:
Some observers have expressed concerns that secure boot could be used to exclude open systems from the market, but, as we have shown above, there is no need for things to be that way. [...]

http://www.linuxfoundation.org/publicat ... -platforms

It's so nice to know I'm not the only one that thinks this way :-D

soulless 1st impression 
8.6.12, 15:46 - retro & C64
gepostet von web doc
ein kleiner vorabblick in das spiel, welches in der bestellbestätigung schon als digitalcopie mitgeliefert wurde:
das gameplay erinnert an eine mischung aus rick dangerous und impossible mission. der schwierigkeitsgrad ist hoch, die steurerung prazise, aber nicht perfekt, das hüpfen vom fleck weg ist schwierig

mehr wenn das paeckchen da is
Soulless - a new C64 game by G. Rottensteiner 
4.6.12, 14:15 - retro & C64
gepostet von web doc
Finally available on Cart, disk or download:


(link http://www.rgcd.co.uk/p/shop.html )

wer mehr dazu lesen möchte, kann das hier tun, ich mache mir selbst ein bild und warte auf mein Modul (nein, ich werde nicht auf CSDB lunzen ;-) )

<<alpha <Zurück | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | Weiter> omega>>