One thing I really like about Netflix is their excellent device and browser support. Unlike a certain other streaming service (the one from the company also selling books and clouds), which wouldn't allow watching their streams using an Android tablet (bizarrely, smartphones were somehow allowed...?) and requires Flash and ...
Are you using vim, tmux, a graphical Linux desktop and are you experiencing random sluggishness when starting your editor? If not, you can skip this one.
This is something that had been bugging me for ages, first at work on my workstation, then at home: Long-running tmux sessions would sporadically ...
In the previous post of this series, I've roughly described the operating environment of a password or private key agent; this time, I'll try to summarize the basic structure and tasks of such an agent.
Many people, myself included, use tools like ssh-agent or gpg-agent to protect their private keys from theft without sacrificing the convenience of password-less logins. Presumably even more people use some kind of password manager, whether that is the one included with their operating system or a third-party one. I've ...
If you're using a relatively recent version of Ubuntu, chances are that you have encountered spurious slowdowns that might be related to a very specific DNS failure. For me, it was the fact that ping to a host without a reverse DNS entry would only transmit a single ICMP ...
Today, Apple has enabled its cloud-based password synchronization service, iCloud Keychain. The service promises to safely store and synchronize passwords and other sensitive user data like credit card numbers among multiple devices. Apple claims that the information is protected with AES, but that alone is meaningless without knowing where that ...
By now, everybody involved in implementing algorithms using the DSA or the ECDSA signature schemes should really understand the importance of a proper secret nonce as one of the inputs for a signature.
Update (2013-08-31): Apple has asked me to refrain from publishing any details on this security-relevant bug for the time being; I hope that a fix will be released soon. When that happens (or after a reasonable amount of time has passed), the original post will be restored.
There has been a bit of drama about the theft of some 55 Bitcoins (worth about $5500 at the current exchange rate), with the common denominator that all of the corresponding private keys were stored in Android wallets. While this is not nearly the first case of Bitcoin theft, it ...
I've got a peculiar hobby: I like to worry about very specific implementation details of technologies I don't really understand at all; one of them being GPUs and graphics drivers.
On one hand, it's really simple: In almost every computing device, there is a GPU. This is ...
This summer term, I'm taking a really interesting course on computer security: While the lectures are pretty theoretical (one of the topics is a proof that shows that proving the general security properties of certain models is equivalent to the halting problem, which is done by implementing a turing ...
Recently, I've been experimenting with Wireshark for my bachelor's thesis, monitoring the performance of TCP uploads from my notebook to my web server. A while ago, I had also swapped my router for a nicer model capable of gigabit ethernet and 5 GHz wifi (due to increasing congestion ...
As I've written before, VPNs can lead to insecure situations when used with IPv6 enabled networks.
The easiest way to mitigate that problem is actually just to enable IPv6 tunneling over the VPN itself, provided your VPN gateway has IPv6 connectivity and you have a spare /64 subnet you ...
As you can see in the footer, this blog is powered by Pelican, a static blog generator written in Python. It's really simple to use and fits my requirements nicely – I can write posts offline on my notebook and view the results in my browser with the included web ...
Recently, I had to find a way to do variable indirection in a shell script. More specifically, I wanted to write a function that takes two arguments and interprets one of them as a string, and the other one as a variable to which that string should be added – a ...
The attacks arise from statistical flaws in the keystream generated by the RC4 algorithm which become apparent in TLS ciphertexts when the same plaintext is ...
This weekend, the server on which this blog is hosted will be moved from Graz to Vienna. If all goes well, there will be a short outage on Saturday evening/night, and much better connectivity afterwards.
A while ago, I have configured a small OpenVPN for personal use (mostly for security when using public wireless networks) with OpenVPN. The setup is pretty easy, thanks to a very helpful tutorial (in German) and the sensible default settings of OpenVPN itself. (Setting up the certificate infrastructure was a ...
This weekend, I finally reinstalled OpenWrt on my home router. I've been using a nightly build for several months now, and it had been working just fine, but unfortunately, the opkg (OpenWrt's package manager) repositories for the nightly builds are updated every few days, and all of the ...
This is going to be my new personal blog. Topics will vary from programming and technical stuff to random thoughts about (possibly non-technical) things.