how to eat foodhttp://www.howtoeatfood.com/u/jaw/sec2023-03-19T10:12:06-04:00how to eat foodHome · Wiki · Kali Linux / kali-purple / Documentation · GitLab0983a5ccc228b618a3ce3de43f80b4142023-03-19T10:12:06-04:002023-03-19T10:12:06-04:00jawHome · Wiki · Kali Linux / kali-purple / Documentation · GitLabA movement to make enterprise grade security accessible to everyone.Cookie stealing: the new perimeter bypass – Sophos News49519d02fe0aeae6802bb032280368c02022-10-05T15:50:11-04:002022-10-05T15:50:11-04:00jawCookie stealing: the new perimeter bypass – Sophos NewsWhy Doesn’t Your CI Pipeline Have Security Bug Testing?3b454fbfb4a14d3b31df45ca200dedc42022-04-10T23:02:07-04:002022-04-10T23:02:07-04:00jawWhy Doesn’t Your CI Pipeline Have Security Bug Testing?lix2ng/qdsv: Full qDSA on all Cortex-M cores. M0, M3, M4 etc.8c29c36df2406852b924ac7caee3bfbd2021-04-02T12:50:24-04:002021-04-02T12:50:24-04:00jawlix2ng/qdsv: Full qDSA on all Cortex-M cores. M0, M3, M4 etc.Software · Joost Renesc6827b1c94fed9c09e23130f927028eb2021-04-02T12:41:58-04:002021-04-02T12:41:58-04:00jawSoftware · Joost RenesCurve9767 and Fast Signature Verification – NCC Group Research64948ab45961f1b4d46b0815e0deb4012021-04-02T12:07:48-04:002021-04-02T12:07:48-04:00jawCurve9767 and Fast Signature Verification – NCC Group Researchmupq/pqm4: Post-quantum crypto library for the ARM Cortex-M4b92a37f98f0f99d0cf4b07bf8f3dfa072021-04-01T14:31:13-04:002021-04-01T14:31:13-04:00jawmupq/pqm4: Post-quantum crypto library for the ARM Cortex-M4Sick of spending time on Auth, we built an open source 'Stripe for Auth' | Hacker News3d62ba17ce244d10905d9af8e46f3e452020-12-18T11:15:11-05:002020-12-18T11:15:11-05:00jawSick of spending time on Auth, we built an open source 'Stripe for Auth' | Hacker NewsGoogle Online Security Blog: New research: How effective is basic account hygiene at preventing hijacking71fe67fa16ca148ddcb469dbfbcb49042019-05-21T08:58:47-04:002019-05-21T08:58:47-04:00jawGoogle Online Security Blog: New research: How effective is basic account hygiene at preventing hijackingOur research shows that simply adding a recovery phone number to your Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks that occurred during our investigation.ARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix Hijackinga7f7cafe34d987c7971b4d5df06cd68b2019-02-08T15:38:27-05:002019-02-08T15:38:27-05:00jawARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix HijackingLet’s talk about PAKE – A Few Thoughts on Cryptographic Engineering0acc3f535fddcf9d36ff2ea6a3ebd9a32018-10-19T23:59:17-04:002018-10-19T23:59:17-04:00jawLet’s talk about PAKE – A Few Thoughts on Cryptographic EngineeringA PAKE protocol, first introduced by Bellovin and Merritt, is a special form of cryptographic key exchange protocol. Key exchange (or “key agreement”) protocols are designed to help two parties (call them a client and server) agree on a shared key, using public-key cryptography.Librem Key – Purism1aee3752e8cccfbe5bb1fc7659be2c212018-09-23T09:46:57-04:002018-09-23T09:46:57-04:00jawLibrem Key – PurismSC4 HSMce355d6cac1b9e388253a46856d36c6d2018-09-12T21:38:02-04:002018-09-12T21:38:02-04:00jawSC4 HSMKrypton | Easy and secure web logins43745d5ee24967490590e46042f7e2ec2018-08-30T14:00:38-04:002018-08-30T14:00:38-04:00jawKrypton | Easy and secure web loginsTitan Security Key Bundle, BT & NFC FIDO U2F - Google Storeef9beae845c3edbcdc344cb1eaac51ac2018-08-30T13:59:46-04:002018-08-30T13:59:46-04:00jawTitan Security Key Bundle, BT & NFC FIDO U2F - Google StoreHow To Turn Loaded Dice into Fair Coins9098f29cb6e647ce850865941e8f18882018-08-23T13:22:51-04:002018-08-23T13:22:51-04:00jawHow To Turn Loaded Dice into Fair CoinsU2F Zerob95347c885a381fbff6c2e95bc20bce52017-12-06T18:42:13-05:002017-12-06T18:42:13-05:00jawU2F ZeroA secure and open source 2 factor authentication token.
Designed to be affordable and reliableMulticollisions in iterated hash functions. Applications to cascaded constructions.01b5066bb7c94a95dfb862757d47b7292017-04-26T14:09:32-04:002017-04-26T14:09:32-04:00jawMulticollisions in iterated hash functions. Applications to cascaded constructions.Is the concatenation of two independent hash values more secure than a single hash-value?
tl;dr: this construction is in fact insecureNIST’s new password rules – what you need to know – Naked Security2df6c6c1f0867473fea64df8958681aa2017-03-10T09:19:35-05:002017-03-10T09:19:35-05:00jawNIST’s new password rules – what you need to know – Naked SecurityWhat every Browser knows about you5c6946ac849a67224d96d9bacb55190e2016-12-21T09:15:16-05:002016-12-21T09:15:16-05:00jawWhat every Browser knows about youThe Security of Modern Password Expiration13d1a192cb01b1d89647a1295a5f66d02016-08-04T09:15:21-04:002016-08-04T09:15:21-04:00jawThe Security of Modern Password Expirationthe historical success of collision attacks does not imply a danger of pre-image attacks037040ff24776c798dbf3ac86fcdcb412016-02-14T11:50:02-05:002016-02-14T11:50:02-05:00jawthe historical success of collision attacks does not imply a danger of pre-image attacksThe main result of this investigation is that “the historical success of collision attacks does not imply a danger of pre-image attacks”.
crypt-dev - entropy loss with narrow-pipe iterated hashes09a966ed77f1ba4aebd70532afdb846f2016-01-22T15:20:21-05:002016-01-22T15:20:21-05:00jawcrypt-dev - entropy loss with narrow-pipe iterated hashesAES-CBC + Elephant diffuser A Disk Encryption Algorithm for Windows Vistafe76f09a442e170c4beac28b9d48053f2016-01-10T00:07:26-05:002016-01-10T00:07:26-05:00jawAES-CBC + Elephant diffuser A Disk Encryption Algorithm for Windows VistaThe Analysis of the Windows Vista Disk Encryption Algorithm46ba914308bb54b5b830506380b8b80d2015-12-20T16:55:32-05:002015-12-20T16:55:32-05:00jawThe Analysis of the Windows Vista Disk Encryption AlgorithmDetectify Labs6686456913b7bdcdad7c36961f5fd9172015-11-21T11:06:38-05:002015-11-21T11:06:38-05:00jawDetectify LabsAn Open Letter to Developers Everywhere (About Cryptography)b0477998503d7a21bc916cf03dbd2fc62015-11-19T14:34:19-05:002015-11-19T14:34:19-05:00jawAn Open Letter to Developers Everywhere (About Cryptography)awslabs/s2n6e5f4673af0181fcd57ec209e624445f2015-06-30T12:42:39-04:002015-06-30T12:42:39-04:00jawawslabs/s2ns2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.KeySweeper983beec34b28395e857b677cfb4fbf162015-01-13T09:23:06-05:002015-01-13T09:23:06-05:00jawKeySweeperSecure Secure Shell5c1e135ad70e56a9123c269b146e53eb2015-01-08T09:15:43-05:002015-01-08T09:15:43-05:00jawSecure Secure ShellHow To Safely Store A Password | codahale.comc2448e9e06afaadbf96ef3d3cddf265a2014-09-19T12:35:36-04:002014-09-19T12:35:36-04:00jawHow To Safely Store A Password | codahale.comStop using unsafe keyed hashes, use HMAC | root labs rdist5f7c020c02319b5ab4d23d8603ba9a7e2014-09-19T12:03:29-04:002014-09-19T12:03:29-04:00jawStop using unsafe keyed hashes, use HMAC | root labs rdistTwo-Factor Authentication Made Easy - Duo Security070bb226a9c0f2001bc8b9068166844e2014-06-04T22:02:42-04:002014-06-04T22:02:42-04:00jawTwo-Factor Authentication Made Easy - Duo SecurityIOS Securitycae60935c430ab7700995d5f6a90b7262014-03-04T09:20:26-05:002014-03-04T09:20:26-05:00jawIOS SecuritySecurity Engineering - A Guide to Building Dependable Distributed Systems6a48c5f427889d59487e7b17bc4330962014-02-27T12:50:46-05:002014-02-27T12:50:46-05:00jawSecurity Engineering - A Guide to Building Dependable Distributed SystemsSRP: Design Specificationsf64c525f0fdd4c381e56bfdd996945862014-02-12T00:43:03-05:002014-02-12T00:43:03-05:00jawSRP: Design SpecificationsSRP is the newest addition to a new class of strong authentication protocols that resist all the well-known passive and active attacks over the network. SRP borrows some elements from other key-exchange and identification protcols and adds some subtle modifications and refinements. The result is a protocol that preserves the strength and efficiency of the EKE family protocols while fixing some of their shortcomings.
Open WhisperSystems >> Open WhisperSystems9b5ee1f545d42b2142cbb00e011bfd982014-01-26T22:38:02-05:002014-01-26T22:38:02-05:00jawOpen WhisperSystems >> Open WhisperSystemsRedPhone provides end-to-end encryption for your calls, securing your conversations so that nobody can listen in.CCC-TV - 30C3 (1/4)9bd703ca13541106e7e7d6f80cca829b2014-01-26T22:36:46-05:002014-01-26T22:36:46-05:00jawCCC-TV - 30C3 (1/4)Ori File Systeme7ffd6544119a8c429c530da519d89a32014-01-25T16:34:20-05:002014-01-25T16:34:20-05:00jawOri File SystemOri is a distributed file system built for offline operation and empowers the user with control over synchronization operations and conflict resolution. We provide history through light weight snapshots and allow users to verify the history has not been tampered with. Through the use of replication instances can be resilient and recover damaged data from other nodes.
On Covert Acoustical Mesh Networks in Air - Volume 8, No. 11, November 2013 - Journal of Communicationseb412697121126d1e3bbff84fb65fb872013-11-26T09:20:01-05:002013-11-26T09:20:01-05:00jawOn Covert Acoustical Mesh Networks in Air - Volume 8, No. 11, November 2013 - Journal of CommunicationsAuthyde3d9223f55b8eb216fbb9fd129167692013-11-22T15:36:54-05:002013-11-22T15:36:54-05:00jawAuthyAuthy is the first strong authentication platform built for large-scale applications and built with the end-user in mind.
With Authy you get all the benefits of strong authentication with the simplicity that you've always wanted for your customers.Analysis of the HTTPS Certificate Ecosystem∗4bc66e96b4e64da047d9afef4c361eb52013-11-16T10:29:29-05:002013-11-16T10:29:29-05:00jawAnalysis of the HTTPS Certificate Ecosystem∗Secure Mobile Apps and Open-Source Code for a Better Tomorrow1d94a53572bad11dde1c387b4dc9046a2013-09-05T09:14:55-04:002013-09-05T09:14:55-04:00jawSecure Mobile Apps and Open-Source Code for a Better TomorrowThe Guardian Project is about more than just apps. All of our code is open-source in order to move the collective ball forward in mobile security efforts. In addition we are building developer-focused libraries, tools and source code for you to add security-oriented features and capabilities to your own apps.ZMap · The Internet Scanner61893c49b0dd976d36d2147cbd6379092013-08-20T09:13:53-04:002013-08-20T09:13:53-04:00jawZMap · The Internet ScannerKnow your Enemy: Tracking Botnets850176ece69a99e5cc006745d392edee2013-08-14T17:18:21-04:002013-08-14T17:18:21-04:00jawKnow your Enemy: Tracking BotnetsTarnovsky Deconstruct Processor - YouTube140d6201371116400c5b784953af04852013-03-05T15:08:50-05:002013-03-05T15:08:50-05:00jawTarnovsky Deconstruct Processor - YouTubeFST-01 - Wiki8d58c1a205b3e5818255d54dc921d6012013-02-25T20:51:30-05:002013-02-25T20:51:30-05:00jawFST-01 - WikiGnuK99835c4624d24a3c4e0821dc397891a42013-02-25T20:44:38-05:002013-02-25T20:44:38-05:00jawGnuKGnuk is an implementation of USB cryptographic token for GNU Privacy Guard. Gnuk supports OpenPGP card protocol version 2, and it runs on STM32F103 processor.
Easier to Get Infected With Malware on 'Good Sites' Than on Shady Sites, Cisco Says | SecurityWeek.Com086be6fe92828a0f728a7723904e94e92013-02-01T09:18:41-05:002013-02-01T09:18:41-05:00jawEasier to Get Infected With Malware on 'Good Sites' Than on Shady Sites, Cisco Says | SecurityWeek.Comdns-fuzz NSE Script379dd7681c84058ab7356eccf132d4e42013-01-19T10:47:32-05:002013-01-19T10:47:32-05:00jawdns-fuzz NSE Script