« earlier | later » Page 4 of 11

Blind Return Oriented Programming (BROP) edit / delete

"Evolving" an ROP attack against an automatically-restarting server. This works by finding two gadgets whose behaviour you can distinguish (e.g. crashing vs. hanging), then constructing ROP chains that will have different behaviour depending on how many items are popped, then trying lots of addresses and combinations of arguments to find gadgets. Neat!

to buffer-overflow exploit rop security ... on 29 June 2015

Debiania — Migrating to LVM on LUKS edit / delete

Constructing an LVM-on-LUKS setup by hand that's the same as the Debian installer will make.

to debian encryption linux luks lvm security ... on 07 June 2015

How We Learned to Cheat at Online Poker: A Study in Software Security edit / delete

Why you want to use a good RNG and a proper shuffle algorithm.

to ag0803 games random security shuffle ... on 07 June 2015

Not A Number - Painless IPSec setup for a home network. edit / delete

A script to automate ipsec with static keys. Neat -- it takes surprisingly little code.

to crypto ipsec network security ... on 23 March 2015

Security/Projects/Bandit - OpenStack edit / delete

A security scanner for Python code.

to python security static-analysis ... on 23 March 2015

Secure Secure Shell edit / delete

Some recommendations for modern SSH configuration. (Note that we've had another major rev of SSH since this was written...)

to openssh security ssh ... on 22 March 2015

Mirage OS edit / delete

"Mirage OS is a library operating system that constructs unikernels for secure, high-performance network applications across a variety of cloud computing and mobile platforms." In OCaml. They've done some nice work around their safe TLS implementation.

to ocaml os security tls ... on 22 March 2015

The IX Multilevel-Secure UNIX System edit / delete

"A collection of papers about the IX system, a simple but comprehensive multilevel-secure operating system with mandatory access control, based on the research v10 UNIX system."

to access-control mac os security unix ... on 22 March 2015

Karl Lunt's Home Page (revised) edit / delete

Various little microcontroller projects, including a neat device to set or clear the lock bit on an SD card, and some Tandy Model 100 stuff.

to avr electronics microcontroller mmc retrocomputing sd security tandy ... on 17 March 2015

Kryptos Logic Research: OpenSSL's squaring bug, and opportunistic formal verification edit / delete

Detecting an OpenSSL bug (after the fact) using formal verification. Interesting because the original formal proof was wrong...

to formal-methods openssl security ssl ... on 16 March 2015

« earlier | later » Page 4 of 11

Browser bookmarks: tasty+ | tasty= Log in | Export | Atom

Tags related to security

- security
 
1 + academia
1 + access-control
1 + acme
1 + ag0700
1 + ag0803
2 + ag0907
6 + amusements
2 + api
1 + architecture
1 + arduino
3 + arm
1 + authentication
1 + autoconf
1 + avr
1 + backdoor
1 + bell-labs
1 + bitcoin
1 + blockchain
1 + bounds-checking
1 + bounty
1 + browser
2 + buffer
2 + buffer-overflow
2 + bug
2 + bugs
1 + build-systems
2 + c
2 + c++
4 + ca
1 + camera
1 + capability
1 + capsicum
4 + ccc
4 + certificate
1 + certificates
1 + cesrg
1 + checking
1 + chromium
1 + chroot
1 + clang
1 + cloud
1 + code
3 + compiler
1 + conference
2 + container
1 + coop
1 + coverage
1 + coverage-directed
1 + coverity
2 + cpu
1 + crime
10 + crypto
12 + cryptography
1 + cs
1 + cypherpunks
1 + debian
1 + debugging
1 + dect
1 + design
1 + dh
2 + djb
1 + ebooks
1 + ecc
1 + economics
1 + el0805
1 + elective
3 + electronics
3 + encryption
2 + ers
1 + ethereum
1 + ethical-hacking
1 + ethics
3 + exploit
1 + firefox
1 + folk-song
4 + formal-methods
1 + freedom
3 + fuzzing
2 + gameboy
5 + games
1 + gcc
1 + git
1 + goto
2 + gpg
1 + gsm
2 + hardening
5 + history
1 + homebrew
1 + homeplugav
1 + http
1 + https
1 + intel
1 + ip
1 + ipsec
1 + javascript
1 + journalism
1 + jquery
1 + kerberos
3 + kernel
1 + keyboard
1 + keylogger
1 + langsec
2 + language-design
1 + letsencrypt
1 + library
1 + licensing
12 + linux
1 + livecd
1 + lts
1 + luks
1 + lvm
1 + mac
1 + memory-safety
1 + metaphors
2 + mgo
1 + microcode
4 + microcontroller
1 + mmc
1 + mod-ers
1 + monitoring
3 + nacl
5 + network
6 + networking
1 + noise
1 + notary
1 + ocaml
1 + openssh
2 + openssl
1 + org
2 + os
2 + overflow
2 + p2p
1 + packet
1 + pam
2 + papers
1 + parser
1 + password
1 + patterns
1 + pgp
2 + philosophy
2 + phone
1 + phreaking
1 + pki
1 + playstation
1 + podcasts
2 + politics
1 + porting
1 + prime
2 + privacy
1 + privilege-separation
4 + programming
1 + proof
1 + ps2
2 + python
1 + radio
1 + ramensky
1 + random
1 + research
3 + retrocomputing
1 + retrotech
6 + reverse-engineering
1 + risc
1 + rop
1 + safe
2 + safety
4 + sandbox
1 + scanner
1 + scm
1 + scotland
1 + sd
1 + search
2 + seccomp
1 + shuffle
1 + sni
1 + snowden
14 + software
6 + software-engineering
3 + ssh
12 + ssl
4 + static-analysis
1 + stoll
1 + strategy
1 + support
1 + syscall
1 + systems
1 + tandy
1 + tcp
1 + tea
6 + teaching
1 + telecom
5 + testing
14 + tls
2 + tor
1 + tunnel
4 + unix
1 + usability
1 + usable-security
2 + usb
1 + validation
1 + varan
3 + verification
1 + video
1 + vlc
1 + vpn
1 + vulnerabilities
1 + vulnerability
3 + web
1 + webcam
1 + whistleblowing
2 + wireless
1 + wpa
1 + writing
1 + x86
1 + xbox