1

I just learned about this podcast today. Enjoy!

1
1

In this talk we will discuss the radio jailbreaking journey that enabled us to perform the first public disclosure and security analysis of the proprietary cryptography used in TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, prisons, emergency services and military operators. Besides governemental applications, TETRA is also widely deployed in industrial environments such as factory campuses, harbor container terminals and airports, as well as critical infrastructure such as SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities. For over two decades, the underlying algorithms have remained secret and bound with restrictive NDAs prohibiting public scrutiny of this highly critical technology. As such, TETRA was one of the last bastions of widely deployed secret proprietary cryptography. We will discuss in detail how we managed to obtain the primitives and remain legally at liberty to publish our findings.

2
submitted 1 year ago* (last edited 1 year ago) by cyph3rPunk@infosec.pub to c/ethereum@infosec.pub

Part 2

Part 3

Part 4

The motivation for Formal Verification Security of smart contracts is still a crucial challenge: we all remember the DAO, parity hacks, a bunch of smaller attacks and the most recent delayed hard fork. We would like to see the future in which we can be way more confident about our code.

Depending how you count, event over a half a billion dollars (by today’s Ethereum evaluation), was lost in a couple of biggest smart contract hacks.

What about if behind every responsible piece of code stands pure solid mathematics instead of personal conviction of developers? With formal verification tools for Ethereum finally maturing, it is now not only possible but also practical.

In this and following post we will be getting step by step into the world of K-framework, which allows to formally verify EVM smart contracts.

3
1
1

Spies used to meet in the park to exchange code words, now things have moved on - Robert Miles explains the principle of Public/Private Key Cryptography

note1: Yes, it should have been 'Obi Wan' not 'Obi One' :) note2: The string of 'garbage' text in the two examples should have been different to illustrate more clearly that there are two different systems in use.

33

Sipeed Lichee Pi 4A RISC-V SBC review and Debian demo. This is the first RISC-V computer I’ve tested that's provided a usable desktop computing experience right out of the box. End-user RISC-V is starting to arrive! :)

You can learn more about the Lichee Pi 4A on its web page here: https://sipeed.com/licheepi4a

And the board has excellent documentation here: https://wiki.sipeed.com/licheepi4a.html

Note that the hardware I used in this video was purchased from AliExpress: https://www.aliexpress.com/item/10050...

I have reviewed four previous RISC-V SBCs, including the StarFive VisionFive 2, which also (after some messing around) provides a good desktop experience:

• VisionFive 2: RISC-V Quad Core Low Co...

I also have an 2023 update on RISC-V developments here:

• RISC-V 2023 Update: From Embedded Com...

And my general introduction to RISC-V is here:

• Explaining RISC-V: An x86 & ARM Alter...

For additional ExplainingComputers videos and other content, you learn about becoming a channel member here:

/ @explainingcomputers

More videos on computing and related topics can be found at:

/ @explainingcomputers

You may also like my ExplainingTheFuture channel at:

/ @explainingthefuture

Chapters: 00:00 Introduction 00:45 Unboxing 03:33 Specifications 07:26 First Boot 10:37 Debian Demo 18:10 Another Milestone

1
submitted 1 year ago* (last edited 1 year ago) by cyph3rPunk@infosec.pub to c/cypherpunk@infosec.pub

Slides - https://authress.io/l/codemotion

Conference: Codemotion Madrid 2023 https://talks.codemotion.com/why-you-...

Can someone recommend a more secure method? I've been told many times that using git for secret management would present a potential vulnerability.

1
1

Ethereum is a platform that makes it possible for any developer to write and distribute next-generation decentralized applications.

Borrowing the concept of distributed consensus and cryptographic proof that makes cryptocurrencies such as Bitcoin so effective in trustless payments, Ethereum extends the use of these technologies to trustless agreements. This allows developers to easily build innovative new products on a censorship and collusion-resistant foundation.

Ethereum will go live in Q4 2014, in the meantime we are regularly releasing alpha software so you can try your hand at building distributed applications.


Main site: https://www.ethereum.org

Forums: https://forum.ethereum.org

Github: https://github.com/ethereum

Blog: http://blog.ethereum.org

Code Releases: https://code.ethereum.org

Wiki: http://wiki.ethereum.org

Meetups: http://ethereum.meetup.com

Whitepaper: http://ethereum.org/ethereum.html

Facebook: https://www.facebook.com/ethereumproject

Google+: http://google.com/+EthereumOrgOfficial

IRC Freenode: #ethereum

1

Using blockchain for voting could be risky, as the technology could introduce “new vulnerabilities” to elections, according to a new Government Accountability Office report.

While some organizations have argued that blockchain-based systems would make elections more secure and easier to audit, “there might be added points of attack that could compromise elections,” the report said.

“We talked to a number of experts who all indicated that they did not believe blockchain was the magic bullet answer for making voting systems more secure,” Karen Howard, the GAO’s director of Science, Technology Assessment and Analytics, told Protocol.

The GAO report, titled “Blockchain: Emerging Technology Offers Benefits for Some Applications but Faces Challenges,” examined the potential of the technology, including in the public sector. Overall, the report “found that blockchain is useful for some applications but limited or even problematic for others.”

“For example, because of its tamper resistance, it may be useful for applications involving many participants who do not necessarily trust each other,” the report said. “But it may be overly complex for a few trusted users, where traditional spreadsheets and databases may be more helpful.”

One area where blockchain shows some promise is in supply chain management, Howard said.

“The federal government is a major purchaser and supply chain tracking is a major function,” she said. The GAO found that blockchain technology could potentially be used “to replace or make more efficient” certain processes such as supply chain tracking and recording contracts, Howard said.


I disagree with this tiny little article, of course. But, I wanted to play devil's advocate for a moment on this idea.


Top Teddit comment by /u/denverpilot:

"Summary of article:

Tracking things with a cryptographically solid chain of custody might be hard… because… hand wave… we like spreadsheets better and our admin level people are dumb.

And we’ll distract and talk about supply chains instead because… that sounds more interesting… even though we were tasked with looking at voting.

I don’t think the bureaucrat understood the assignment."

view more: ‹ prev next ›

cyph3rPunk

joined 1 year ago
MODERATOR OF