Crypto & Security

Comment

Comment by Brooke Fujita on August 21, 2008 at 11:58am

In case you didn't know, the image for this group is of a 3-rotor Enigma, the cipher machine created by Nazi Germany for use in World War II.

As luck would have it, I just watched that Matthew McConaughey movie U-571 on NHK Satellite TV the other night. Can't believe the tomatometer for this stinker is leaning towards the fresher side. History was re-written in order to sell this movie. Argh, I am only sorry that I tuned in too late to see Jon Bon Jovi get decapitated by flying debris. Seriously.

By the way, one of the major historical inaccuracies: the British Navy scored the first Enigma machine when they captured U-110 in May of 1941. But even before that, Polish mathematicians in Poland's cipher bureau had figured out the internal wirings of the Enigma machine, and at great risk, managed to pass this information along to the Allies in 1939 just before the German invasion.

The advanced encryption used by Germany led to the development of cryptanalysis at Britain's Bletchley Park, and of course paved the way for modern computing.

Comment by Brooke Fujita on August 6, 2008 at 5:56pm

Dan Kaminsky finally outlined the DNS vulnerability that was reported about 4 weeks ago (article on The Register). It appears to be a DNS forgery variant of DNS cache poisoning. If an attacker of a DNS server can quickly and correctly guess a 16-bit transaction ID, then the attacker will be able to replace DNS entries with their own spoofed ones. There has been one confirmed attack so far, where the attacker caused AT&T subscribers to be re-routed to fake Google pages.

For the curious, you might want to see how safe your ISP's DNS servers are. Try the "Check My DNS" button on Dan Kaminsky's site; or the "Test My DNS" link here. The key here is to see the amount of randomness of transaction IDs and query source ports in your ISP's DNS servers.

• ‹ Previous
• 1
• 2
• Next ›
• Page