TherMod Communication: Low Power or Hot Air?

The Kirchhoff-Law-Johnson-Noise KLJN secure key exchange scheme leverages statistical physics to enable secure communication with zero average power flow in a wired channel. While the original KLJN scheme requires significant power for operation, a recent wireless modification, TherMod, proposed ...

'Unbreakable' Smart Lock Draws FTC Ire for Deceptive Security Claims

The Federal Trade Commission has slapped Tapplock, the maker of smart padlocks that it bills as “unbreakable,” with an official complaint that could lead to fines down the road. The agency alleges that the company engaged in false and deceptive claims about its security practices, after the lock...

Smart Locks: Dumb Security

Dave Lodge and I presented at the BSides Manchester pre-party, aka ‘beersides’ on the subject of not very smart locks. Doubtless you’ve already seen our work on the Tapplock over BLE and the API, our hardware work on the Fipilock, and maybe even our smart lock security interview with hardware.io...

Amazon Linux AMI : openssl (ALAS-2018-1065)

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

Buffer Overflow still exists in Netscape <= 4.76

Hello. I have noticed that the buffer overflow discovered by Michal Zalewski and covered extensively by the different unix distributions is still present in netscape 4.76 even though they claim it is not. Refer to these links for background information:...