Blog‎ > ‎

Kali, Tails, Data Structures, Synchronization, Bitcoin Security, WiFi, H2, Warrant, E2EE, Mr.Robot

posted Jul 16, 2016, 1:26 AM by Sami Lehtinen   [ updated Jul 16, 2016, 1:26 AM ]
  • Did a set of training tasks & experiments with Kali and Tails. Just to maintain capability and skills if and when required.
  • Very nice article Data structures for external memory - Liked it, timings, measurements, different approaches and solutions.
  • Linux kernel synchronization primitives - sequential locks - That's one way of doing it. Using counter and checking it is very efficient. Yet it can lead to situation where lot of resources are wasted because tasks need to be repeated. Of course this is one of the problems that such locking could cause. This is one example of 'opportunistic locking' (OpLock) as it's called in Windows or Optimistic Concurrency Control I've written a lot about it earlier.
  • A list of Bitcoin related computer security incidents - Btw. This is quite awesome list. 38 incidents listed so far. Race condition, account take over, social engineering, backups, application vulnerabilities , insiders. All kind of attack vectors were used. Often even one trick isn't enough, they combine multiple to get around the obstacles preventing a successful hack.
  • Reminded myself about WiFi interference - troubleshooting basics. Nothing new. I knew it all. But if you are having trouble with WiFi, it's worth of checking this out.
  • Real–world HTTP/2: 400gb of images per day - That's one of the reasons why I've implemented HTTP/2 (h2 and h2c) for my services.
  • Asciinema - Why Python is better than Go - They listed all the stuff why I also really like Python.
  • Mr.Robot Easter Egg for S02E01 - Nice, nothing surprising yet. All 'standard' and well known encodings.
  • Microsoft: Our search warrant case: An important decision for people everywhere - This is interesting case. And something we've been waiting to see out. I personally think this is the only sane way to get it done and follows the Privacy Shield policies.
  • Telegram E2EE encryption is much faster than WhatsApp's. I guess WhatsApp is doing some overkill public key encryption repeatedly on every message making it slow and consuming a lot of battery and CPU resources. Afaik, that's bit excess. Like generating new 2048 fresh bit RSA key for every individual message and signing it with long term RSA key. Aka, ephemeral keys for every message. Yes yes, I know. There's documentation available which I could read. But I'm not that interested right now. I'm just reporting poor UX which in this case isn't great because of the slowness. Telegrams Approach where key is renewed using 'sane' interval is much better.
  • Something different? Checked Russian Tupolev Tu-214R ELINT aircraft specifications.