Profile cover photo
Profile photo
Mikko Sazonov
Developer, consultant, tinkerer and cat herder
Developer, consultant, tinkerer and cat herder
About
Mikko's posts

Post has attachment
Have been playing with Docker lately. Particularly love how the image handling is done there. Were it around a couple of years back, it would have definitely saved me quite a bit of work.

Not convinced by their "ambassador pattern" for inter-container communication, though - it's more of an excuse not to deal with communication between docker instances and all the related hairiness.

Post has attachment
Story with the dual EC random number generator has another chapter to it. Researchers actually compared BSAFE, OpenSSL and SChannel libraries, replacing the unknown elliptic curve with one better known and more easily analyzed.

Summa summarum: RSA's C-binary's implementation is even more vulnerable than originally thought of (remember, it's the only one library that defaults to using dual EC DRBG).

As a fun little detail, OpenSSL's dual EC DRBG implementation was actually broken in the first place - guess no one ever had a reason to try out the orders of magnitude slower non-standard random number generator. Also, there's an extension in RSA's TLS implementation, which allows for sampling of larger pools of random numbers from the server, if enabled. Latter was provided by the same three-letter organisation they got the $10M of funding from.

Would have loved to see GnuTLS and NSS mentioned there... wonder if they ever implemented said random number generator.

Post has attachment
Okay, this is awesome - someone came up with an idea of doing a side channel attack on RSA through sound emitted while the algorithm is being run. Whitepaper (first link on the page) is a bit lengthy, but fun to skim through.

Best part:
"Thus, an attacker can measure the chassis potential by merely touching the laptop chassis with his hand. Surreptitiously, the attacker can simultaneously measure his own body potential relative to the room’s ground potential, e.g., by having a concealed differential probe touching both his body and some nearby conductive grounded surface in the room. Perhaps surprisingly, even this circuitous measurement offers sufficient signal-to-noise ratio for the key extraction attack."

Just had a mental image of a shady character sneaking into a datacenter and prodding at the servers there with their finger to get the SSH RSA keys. :)

Post has attachment
Cool to see more progress on that project. :)

Post has attachment
After Microsoft's weird game sharing policy announcements, this one really made me laugh.

Post has attachment
Guess where this is from? It's a nature reserve around Lammassaari, only 5 km away from the very centre of Helsinki.
PhotoPhotoPhoto
Path to Lammassaari
3 Photos - View album

Post has attachment
Awesome, watch it.

As a side note, the production quality is surprisingly good, considering it was filmed in space.

Post has attachment
Okay, that is just impressive.

Post has attachment
Hats off to this guy both for the hack and taking a picture of it running OpenTTD! :)

I wasn't aware that high resolution displays were so cheap and relatively easy to connect to. Actually makes me wonder, if building a grid of 4 ipad screens to get a 4k-ish display surface would be worth the time and effort. The bezel seems not so bad and the total price is ridiculously low.

Got a few chuckles out of these messages in my dmesg log:
[   21.289339] nvidia: module license 'NVIDIA' taints kernel.
[   21.289342] nvidia: module license 'NVIDIA' taints kernel.
Wait while more posts are being loaded