Exploits Censorship

Many people wanted, many times without success, criminalize any researcher investing time in bug hunting, specially in security related applications.

In many societies, this is a TABU, some people think that found a vulnerability and develop a proof of concept, is the equivalent of making a weapon. They argue that such exploits could be used to carry attacks, at the end of day, that could affect the property and life.

Continue reading Exploits Censorship

Alice and bob are no longer online

In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?

But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”

Continue reading Alice and bob are no longer online

Fedora 11 Review

Fedora 11 was released on date June 9, 2009 after a lot of delays caused by bugs in the installer. This new version of fedora is one of the best releases from fedora 1.

The main features are:

  • 20 seconds boot
  • EXT4 used by default
  • Finger print reader capacity enabled on gdm and screen savers
  • Fixes on QEMU and KVM integration
  • Kernel 2.6.29 with 2.6.30 backport
  • Realtime kernel feature, less battery consumption!
  • AES-256 use with XTS-256 by default for whole hard drive cypher
  • Yum presto (Delta RPMS)
  • Per application independent volume control
  • DNS Security
  • Less memory consumption
  • KDE 4.2 (Available from fedora 9 in updates)
  • Firefox 3.5

Next… a review of these features…
Continue reading Fedora 11 Review

Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10

Fedora, and some others Linux distributions doesn’t provide you any simple way to setup the cypher properties on root filesystem.

Here, we will provide you enough information about the cypher process on fedora and one technique to speed up and/or secure up the cypher using XTS instead CBC-ESSIV
Continue reading Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10

Corporate LDAP Servers Weakness Statistics

Based in my securityfocus topic responce, and also in some information security audits that i’ve done, i think in the idea to statistical prove the attack risk level at some organization.

Number of accounts Having almost one weak key probability
10 0.401 – 40.1%
25 0.722 – 72.2%
50 0.923 – 92.3%
100 0.994 – 99.4%

Continue reading Corporate LDAP Servers Weakness Statistics