Profile

Cover photo
Mikko Sazonov
Attended Aalto University
171,210 views
AboutPosts

Stream

Mikko Sazonov

Shared publicly  - 
 
Have been playing with Docker lately. Particularly love how the image handling is done there. Were it around a couple of years back, it would have definitely saved me quite a bit of work.

Not convinced by their "ambassador pattern" for inter-container communication, though - it's more of an excuse not to deal with communication between docker instances and all the related hairiness.
Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications, whether on laptops, data center VMs, or the cloud.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Okay, this is awesome - someone came up with an idea of doing a side channel attack on RSA through sound emitted while the algorithm is being run. Whitepaper (first link on the page) is a bit lengthy, but fun to skim through.

Best part:
"Thus, an attacker can measure the chassis potential by merely touching the laptop chassis with his hand. Surreptitiously, the attacker can simultaneously measure his own body potential relative to the room’s ground potential, e.g., by having a concealed differential probe touching both his body and some nearby conductive grounded surface in the room. Perhaps surprisingly, even this circuitous measurement offers sufficient signal-to-noise ratio for the key extraction attack."

Just had a mental image of a shady character sneaking into a datacenter and prodding at the servers there with their finger to get the SSH RSA keys. :)
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
After Microsoft's weird game sharing policy announcements, this one really made me laugh.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Awesome, watch it.

As a side note, the production quality is surprisingly good, considering it was filmed in space.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Hats off to this guy both for the hack and taking a picture of it running OpenTTD! :)

I wasn't aware that high resolution displays were so cheap and relatively easy to connect to. Actually makes me wonder, if building a grid of 4 ipad screens to get a 4k-ish display surface would be worth the time and effort. The bezel seems not so bad and the total price is ridiculously low.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Simply mesmerizing.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Story with the dual EC random number generator has another chapter to it. Researchers actually compared BSAFE, OpenSSL and SChannel libraries, replacing the unknown elliptic curve with one better known and more easily analyzed.

Summa summarum: RSA's C-binary's implementation is even more vulnerable than originally thought of (remember, it's the only one library that defaults to using dual EC DRBG).

As a fun little detail, OpenSSL's dual EC DRBG implementation was actually broken in the first place - guess no one ever had a reason to try out the orders of magnitude slower non-standard random number generator. Also, there's an extension in RSA's TLS implementation, which allows for sampling of larger pools of random numbers from the server, if enabled. Latter was provided by the same three-letter organisation they got the $10M of funding from.

Would have loved to see GnuTLS and NSS mentioned there... wonder if they ever implemented said random number generator.
On the Practical Exploitability of Dual EC in TLS Implementations. Paper authors: Stephen Checkoway, Johns Hopkins Matt Fredrikson, U Wisconsin Ruben Niederhagen, TU Eindhoven Matt Green, Johns Hopkins Tanja Lange, TU Eindhoven Tom Ristenpart, U Wisconsin Daniel J. Bernstein, UIC / TU Eindhoven ...
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Cool to see more progress on that project. :)
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Guess where this is from? It's a nature reserve around Lammassaari, only 5 km away from the very centre of Helsinki.
2
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Okay, that is just impressive.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
Got a few chuckles out of these messages in my dmesg log:
[   21.289339] nvidia: module license 'NVIDIA' taints kernel.
[   21.289342] nvidia: module license 'NVIDIA' taints kernel.
1
Add a comment...

Mikko Sazonov

Shared publicly  - 
 
http://coffitivity.com & http://rainymood.com work well together. I suggest keeping both open if you're looking for something different to break the silence.
Stream the sounds of a coffee shop at work! Coffitivity is the virtual solution to research showing moderate ambient noise helps enhance creative cognition!
1
Add a comment...
Story
Tagline
Developer, consultant, tinkerer and cat herder
Education
  • Aalto University
    CS / Distributed systems, 2015
Links
Work
Occupation
Painting code, weaving nets and herding servers
Basic Information
Gender
Male