The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,888 other followers

Archive for the ‘Security’ Category

ssh – Why OpenSSH deprecated DSA keys – Information Security Stack Exchange

Posted by jpluimers on 2020/03/10

In a lot of ssh-keygen related posts, you still see DSA being mentioned, though that has been deprecated and later removed from OpenSSH.

I wondered why, so I did some digging.

TL;DR: it’s complicated:

  • different standards mandating eventually conflicting parameters,
  • extending the parameters would require protocol extension,
  • a logjam vulnerability for certain combinations of parameters and finally
  • better algorithms having become available.

Some of the related topics cannot be archived in the WayBack machine or refuse being archived at Archive.is, so here is a list of partially archived relevant links:

–jeroen

Posted in Communications Development, Development, Internet protocol suite, Power User, Security, SSH, TCP | Leave a Comment »

The Toxic Smog of the Information Age | Literary Hub

Posted by jpluimers on 2020/03/03

From 5 years ago, but now more relevant than it ever was: [WayBack] The Toxic Smog of the Information Age | Literary Hub

SCROOGLED

Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him. –Cardinal Richelieu

We don’t know enough about you. –Google CEO Eric Schmidt

Via:

–jeroen

Posted in History, Opinions, Security | Leave a Comment »

Very nice “Appendix A. Introduction to TCP/IP security” on digests, hashing, encryption, asymetric/symmetric, VPN and much more

Posted by jpluimers on 2020/03/03

For me this is still a primary starting point in case I need to know something about security which has clear pictures: [WayBack] Appendix A. Introduction to TCP/IP security (sg245383.pdf/ftp://ftp.www.ibm.com/…/sg245383.pdf, thanks to Jac Las) all on one web page.

The links are to the “Digital signatures” portion, as that’s what I needed at the time, but they are just anchors in the page.

These were the diagrams I was after:

If you want much more in-depth slide then, then go for [WayBackCryptography, from Theory to Practice which you can find back searching for IBM “Cryptography, from Theory to Practice” or “sign then hash” or “hash then sign”.

It is very different from the equally interesting presentation

–jeroen

Posted in Development, Encryption, Power User, Security, Software Development | 2 Comments »

When you have physical access to a machine, assume it is compromised

Posted by jpluimers on 2020/02/24

When you have physical access to a machine, assume it is compromised.

Sometimes the compromise can be as simple as a HID device access:

–jeroen

Read the rest of this entry »

Posted in Power User, Security | Leave a Comment »

Does anyone knows a existing implementation of bcrypt or scrypt for delphi?

Posted by jpluimers on 2020/02/19

For my link archive: [WayBack] Does anyone knows a existing implementation of bcrypt or scrypt for delphi? – Fabian S. Biehn – Google+:

–jeroen

Posted in Delphi, Development, Encryption, Power User, Security, Software Development | Leave a Comment »

 
%d bloggers like this: