Recently, news broke about a new possible offline attack on WPA2 using PMKID. To summarize the attack, WPA2 protected APs can end up broadcasting PMKID values which can then be used to offline-brute-force the password.
These PMKID values are computed this way:
PMKID = HMAC-SHA1-128(PMK, "PMK Name" | MAC_AP | MAC_STA)
I travel a lot so I'm down to like 30 minutes of packing per any kind of trip. I always bring one carry-on suitcase for any trips up to 2 weeks (that I never check in unless forced) -- I have an Away suitcase because it's got a built-in (removable) battery, and amazing wheels.
| from fractions import gcd, Fraction | |
| def intSqrt(n): | |
| """ | |
| Computes the integer square root of n, i.e. | |
| the greatest x : x*x <= n | |
| """ | |
| x = n | |
| y = (x + n // x) // 2 |
The proposal you’re about to read is not just a proposal. We have a working implementation of almost everything we discussed here. We encourage you to checkout and build our branch: our fork, with the relevant branch selected. Building and using the implementation will give you a better understanding of what using it as a developer is like.
Our implementation ended up differing from the proposal on some minor points. As our last action item before making a PR, we’re writing documentation on what we did. While I loathe pointing to tests in lieu of documentation, they will be helpful until we complete writing docs: the unit tests.
This repo also contains a bundled version of npm that has a new command, asset. You can read the documentation for and goals of that comma
In order of first appearance in The Morning Paper.
| // ecdh implements a simple way to perform Diffie-Hellman Key Exchange using | |
| // Curve25519 on the command line. | |
| // | |
| // NOTE: this is a toy for fun. Don't use it. | |
| // | |
| // See https://godoc.org/golang.org/x/crypto/curve25519 and | |
| // https://cr.yp.to/ecdh.html for more info. | |
| // | |
| // The final shared secret given is the raw shared secret bytes from DH and is | |
| // not typically suitable for direct use as an encryption key as it can leak |
| <!DOCTYPE html> | |
| <html> | |
| <head><title>Fizzlefade</title></head> | |
| <body> | |
| <canvas id="framebuffer" width="320" height="200"></canvas> | |
| <script type="text/javascript"> | |
| /* Fizzlefade using a Feistel network. |
Kinesis Freestyle (Terrible key switches. Mushy and un-lovable)
Kinesis Freestyle Edge (Traditional layout with too many keys, mech switches, proably too big to be tented easily/properly)
Matias Ergo Pro (Looks pretty great. Have not tried.)
ErgoDox Kit (Currently, my everyday keyboard. Can buy pre-assembled on eBay.)
ErgoDox EZ (Prolly the best option for most people.)
On Twitter the other day, I was lamenting the state of OCSP stapling support on Linux servers, and got asked by several people to write-up what I think the requirements are for OCSP stapling support.
Support for keeping a long-lived (disk) cache of OCSP responses.
This should be fairly simple. Any restarting of the service shouldn't blow away previous responses that were obtained. This doesn't need to be disk, just stable - and disk is an easy stable storage for most server
