Explore >> Select a destination
|
You are here 
|
www.daemonology.net | ||
| | | | |
blog.cryptographyengineering.com
|
|
| | | | | If you've hung around this blog for a while, you probablyknow how much I like to complain. (Really, quite a lot.) You might even be familiar with one of my favorite complaints:dumb cryptostandards. More specifically:dumb standards promulgated by smart people. The people in question almost always have justifications for whatever earth-shakingly stupid decision they're about... | |
| | | | |
rdist.root.org
|
|
| | | | | NaCl is a new crypto library, courtesy of Dan Bernstein of qmail fame and Tanja Lange. After my series of posts on why crypto libraries have seriously hurt web security by offering an API that is too low-level, I was pleased to find NaCl's main interface is high-level. In addition to the kind of fanatical... | |
| | | | |
notsosecure.com
|
|
| | | | | In this blog post we will discuss a case study where we were successful in exploiting a faulty password reset functionality. The end result was that we were able to set a newpassword onany arbitrary user account. We could do this because of a weak cryptographic implementation, in this case the functionality was utilising Electronic Code Book (ECB) mode encryption. | |
| | | | |
www.eficode.com
|
|
| | | Take a look at our display of work and the set of clients we have been building the future of software development with. | ||
