Cryptosmith

I have been reading the ACM’s Model Curriculum on Information Technology (a prototype “IT” major) with a special eye towards the information security coverage. I’ve been teaching information security courses and recently developed a major in the area.

The curriculum provides minimum times to cover major topics in the field, like 3 hours to cover “Fundamental Aspects” including the “history” of information assurance and security. After factoring out the other dozen ‘learning outcomes’ for that topic, one is left with six minutes to cover the “history” of information security. Continue Reading »

Posted under History of Technology & Information Security | No Comments »

This is one for the books. Several OpenSSL implementations, including Denbian and its children, including Ubuntu, have been crippled since September 2006. It’s described on the metasploit web site.

The pseudo-random number generator (PRNG) was broken such that it only used the Unix process ID as the unchanging random input to the generator process. In other words, these security packages could not generate more than 32,768 different keys (since there were only 32,768 different process IDs on Unix). Continue Reading »

Posted under Information Security | No Comments »

As noted earlier, I’m now using SSL to secure parts of my site. I used to have arrangements like that at Visi.com, my old ISP, but I’m making better use of it with WordPress and such.

Continue Reading »

Posted under Household Tech & Information Security & WordPress | No Comments »

I have finally merged my WordPress blog site and my old Cryptosmith content under a single Cryptosmith URL. I also installed SSL: it seemed appropriate for a security related site.

There is a link at the top right column of each page that goes to the ‘old’ web site home page. All the previous contents reside there, at least for now.

The whole process was complicated by several factors, all related to GoDaddy, my current ISP. Continue Reading »

Posted under Household Tech | No Comments »