Not long after md5, the computation progress has made another victim. Last week, it was made public that the SHA-1 hash function should be now considered vulnerable. The discovery bring up that the computation to create a collision hash has been dramaticaly reduced. As a consequence, the SHA-1 function can’t warranty anymore the uniquity – [...]
MD5 was found vulnerable a few years ago. Recently, a team succeeded in producing a fake CA SSL certificate. MD5 or SHA-1 is the algorithm used to authenticate the peer in SSL messages. If it gets compromised, and using various combined technics, it becomes possible to do a MiM attack. But too much noise has [...]
I am using a client certificate to authenticate against some Apache HTTPS website. By default, Firefox 3 has a very annoying setting : it will prompt you with a box to select your certificate, every time the browser access to a file. I quickly realized that there is not setting in the preference tab to [...]
Since the new cold boot attack hack is on the news, touching most of the software encryption solutions, I have wondered if it had any chance to concern also hardware encryption. Hardware encryption is provided by a few laptop makers, generally on high-range an business models. It has much less performance impact than software encryption, [...]
Damned ! A team of researchers found a way to defeat all the most common disk encryption methods – including dm-crypt for Linux that I previously described on this blog. All systems are actually concerned, because the attack is low level. It is based on the RAM chips properties. After shutdown, and therefore no more [...]
Some Md5 password implementation – without a salt, become more insecure than ever. There is an issue right now with WordPress, I hope they will fix it soon ! Check this interesting article. No need to take out your rainbow tables anymore, just google your hash ! I hope your password is strong enough… You [...]
I finally encrypted some partitions of my hard drive.
An external hard drive that I just bought (320 Gb) that allowed me to back up my entire /home partition and consider encrypting it.
I got a weired issue with Linux clients while it worked fine with Windows machines. For some reason, the /etc/resolv.conf did not get updated.
I found out a workaround thanks to this page.
Of course, your server configuration file must contain (if 192.168.1.1 is your DNS server):
push "dhcp-option DNS 192.168.1.1"
