Taylor Hornby
Taylor Hornby
I have a hobby of auditing random crypto code I find on github, so I took a look at this one. There are two problems I found: First, the way...
This library does not validate the checksum in the mnemonic seed phrase prior to use. In the context of a cryptocurrency wallet, this could lead to loss of funds, for...
http://www.wired.com/2014/07/usb-security/ In summary: - A USB stick's firmware can be malicious and take control of the system. - Malware on a system can install the malicious firmware onto a USB...
http://www.scifgroup.com/category/scif-standards/ The Grugq says on Twitter "If you’re serious about building an air gapped system, learn about SCIF operational procedures."
Document a system for managing passwords. It's unreasonable to memorize them all, and actually since we are going for "physical attack necessary", it might be alright to write them down...
In practice, vulnerabilities in Tails will be found, and we have to get the new version (although, we should _not_ update, unless a vulnerability actually affects our use case, since...
Possible Feature: Return as soon as the first partial or non-partial match is found. This would make the complexity of running a query more predictable, and prevent DoS on crackstation.net...
The sorting of an NTLM index is taking forever. I'm guessing that's because there's tons of passwords with the same 7-character prefix in a row, and it's causing quicksort to...
From email: > Your online assembler is wonderful but is there any chance you > could support comments? (Semiconon comments) It's kind of hard to > upload large pieces of...
- Link to my twitter in the navbar is broken - A bunch of 404 links / domains that are now placeholders. I guess run a scanning tool? - Some...