Powered by RND
PodcastsTechnologieSecurity Cryptography Whatever
Luister naar Security Cryptography Whatever in de app
Luister naar Security Cryptography Whatever in de app
(2.067)(250 021)
Favorieten opslaan
Wekker
Slaaptimer

Security Cryptography Whatever

Podcast Security Cryptography Whatever
Deirdre Connolly, Thomas Ptacek, David Adrian
Some cryptography & security people talk about security, cryptography, and whatever else is happening.

Beschikbare afleveringen

5 van 50
  • Quantum Willow with John Schanck and Samuel Jacques
    THE QUANTUM COMPUTERS ARE COMING...right? We got Samuel Jacques and John Schanck at short notice to answer that question plus a bunch of other about error correcting codes, logical qubits, T-gates, and more about Google's new quantum computer Willow.Transcript: https://securitycryptographywhatever.com/2024/12/18/quantum-willowLinks:- https://blog.google/technology/research/google-willow-quantum-chip/ - https://research.google/blog/making-quantum-error-correction-work/- https://blog.google/technology/google-deepmind/alphaqubit-quantum-error-correction/  - https://www.nature.com/articles/s41586-024-08449-y- Sam’s ‘Landscape of Quantum Computing’ chart: https://sam-jaques.appspot.com/quantum\_landscape\_2024  - The above, originally published in 2021: https://sam-jaques.appspot.com/quantum\_landscape- https://sam-jaques.appspot.com- https://jmschanck.info/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
    --------  
    53:36
  • Dual_EC_DRBG with Justin Schuh and Matthew Green
    Nothing we have ever recorded on SCW has brought so much joy toDavid. However, at several points during the episode, we may have witnessed Matthew Green's soul leave his body.Our esteemed guests Justin Schuh and Matt Green joined us to debate whether `Dual_EC_DRBG` was intentionally backdoored by the NSA or 'just' a major fuckup.Transcript: https://securitycryptographywhatever.com/2024/12/07/dual-ec-drbgLinks:- Dicky George at InfiltrateCon 2014, 'Life at Both Ends of the Barrel - An NSA Targeting Retrospective': [https://youtu.be/qq-LCyRp6bU?si=MyTBKomkIVaxSy1Q](https://youtu.be/qq-LCyRp6bU?si=MyTBKomkIVaxSy1Q)- Dicky George: [https://www.nsa.gov/Press-Room/Digital-Media-Center/Biographies/Biography-View-Page/Article/3330261/richard-dickie-george/](https://www.nsa.gov/Press-Room/Digital-Media-Center/Biographies/Biography-View-Page/Article/3330261/richard-dickie-george/)- NYTimes on Sigint Enabling Project: [https://archive.nytimes.com/www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html](https://archive.nytimes.com/www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html)- On the Practical Exploitability of Dual ECin TLS Implementations: [https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-checkoway.pdf](https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-checkoway.pdf)- Wired - Researchers Solve Juniper Backdoor Mystery; Signs Point to NSA [https://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/](https://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/)- ProPublica - Revealed: The NSA's Secret Campaign to Crack, Undermine Internet Security [https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption](https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption)- DDoSecrets - Sigint Enabling Project: [https://data.ddosecrets.com/Snowden%20archive/sigint-enabling-project.pdf](https://data.ddosecrets.com/Snowden%20archive/sigint-enabling-project.pdf)- IAD: [https://www.iad.gov/](https://www.iad.gov/)- Ars Technica - “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic: [https://web.archive.org/web/20151222023311/http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/](https://web.archive.org/web/20151222023311/http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/)- 2015 IMPORTANT JUNIPER SECURITY ANNOUNCEMENT: [https://web.archive.org/web/20151221171526/http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554](https://web.archive.org/web/20151221171526/http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554)- Extended Random Values for TLS: [https://datatracker.ietf.org/doc/html/draft-rescorla-tls-extended-random-00](https://datatracker.ietf.org/doc/html/draft-rescorla-tls-extended-random-00)- The Art of Software Security Assessment: [https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426](https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426)"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
    --------  
    1:07:45
  • A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep
    You may not be rewriting the world in Rust, but if you follow the findings of the Android team and our guest Jeff Vander Stoep, you'll drive down your memory-unsafety vulnerabilities more than 2X below the industry average over time! 🎉Transcript: https://securitycryptographywhatever.com/2024/10/15/a-little-bit-of-rust-goes-a-long-way/Links:- https://security.googleblog.com/2024/09/eliminating-memory-safety-vulnerabilities-Android.html- “Safe Coding”: https://dl.acm.org/doi/10.1145/3651621- “effectiveness of security design”: https://docs.google.com/presentation/d/16LZ6T-tcjgp3T8_N3m0pa5kNA1DwIsuMcQYDhpMU7uU/edit#slide=id.g3e7cac054a_0_89- https://security.googleblog.com/2024/02/improving-interoperability-between-rust-and-c.html- https://github.com/google/crubit- https://github.com/google/autocxx- https://en.wikipedia.org/wiki/Stagefright_(bug)- https://security.googleblog.com/2021/04/rust-in-android-platform.html- https://chromium.googlesource.com/chromium/src/+/master/docs/security/rule-of-2.md- https://www.usenix.org/conference/usenixsecurity22/presentation/alexopoulos-https://kb.meinbergglobal.com/kb/time_sync/ntp/ntp_vulnerabilities_reported_2023-04- https://blog.isosceles.com/the-legacy-of-stagefright/- https://research.google/pubs/secure-by-design-googles-perspective-on-memory-safety/- https://www.youtube.com/watch?v=QrrH2lcl9ew- https://source.android.com/docs/setup/build/rust/building-rust-modules/overview- https://github.com/rust-lang/rust-bindgen- https://security.googleblog.com/2021/06/rustc-interop-in-android-platform.html"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
    --------  
    1:13:55
  • Campaign Security with [REDACTED]
    With the 2024 United States Presidential Election right around the corner, we talk to an unnamed guest who has worked on cybersecurity for political campaigns in the United States since 2004. We recorded this in late August, 2024.Transcript: https://securitycryptographywhatever.com/2024/10/13/campaign-security/Links:- Active Measures by Thomas Rind: https://us.macmillan.com/books/9780374287269/activemeasures- Aurora: https://en.wikipedia.org/wiki/Operation\_Aurora- Google APP announcement, October 2017: https://www.wired.com/story/google-advanced-protection-locks-down-accounts/- XXD: https://linux.die.net/man/1/xxd- Adobe Reader October 2016 Security Update: https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
    --------  
    1:23:39
  • Telegram with Matthew Green
    We finally have an excuse to tear down Telegram! Their CEO got arrested by the French, apparently not because the cryptography in Telegram is bad, but special guest Matt Green joined us to talk about how the cryptography is bad anyway, and you probably shouldn't use Telegram as a secure messenger of any kind!Transcript: https://securitycryptographywhatever.com/2024/09/06/telegramLinks:- https://blog.cryptographyengineering.com/2024/08/25/telegram-is-not-really-an-encrypted-messaging-app/- Lavabit / Ladar Levinson: https://en.wikipedia.org/wiki/Lavabit- Pavel Durov indictment statement from French authorities: https://www.tribunal-de-paris.justice.fr/sites/default/files/2024-08/2024-08-28%20-%20CP%20TELEGRAM%20mise%20en%20examen.pdf- MTProto 2.0 protocol spec: https://core.telegram.org/api/end-to-end- https://words.filippo.io/dispatches/telegram-ecdh/- MTProto 1.0 (old no longer used): - https://web.archive.org/web/20131220000537/https://core.telegram.org/api/end-to-end#key-generation- OTR: https://otr.cypherpunks.ca/otr-wpes.pdf- AES and sha2 used in ‘Infinite Garble Extension’ mode: https://eprint.iacr.org/2015/1177.pdf- Four Attacks and a Proof for Telegram: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9833666- History of Telegram e2ee chats availability: https://en.wikipedia.org/wiki/Telegram_(software)#Architecture- https://securitycryptographywhatever.com/2023/01/27/threema/- https://securitycryptographywhatever.com/2022/11/02/Matrix-with-Martin-Albrecht-Dan-Jones/- https://en.wikipedia.org/wiki/Matrix_(protocol), introduced in September 2014"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
    --------  
    1:04:04

Meer Technologie podcasts

Over Security Cryptography Whatever

Some cryptography & security people talk about security, cryptography, and whatever else is happening.
Podcast website

Luister naar Security Cryptography Whatever, Cryptocast | BNR en vele andere podcasts van over de hele wereld met de radio.net-app

Ontvang de gratis radio.net app

  • Zenders en podcasts om te bookmarken
  • Streamen via Wi-Fi of Bluetooth
  • Ondersteunt Carplay & Android Auto
  • Veel andere app-functies
Social
v7.1.0 | © 2007-2024 radio.de GmbH
Generated: 12/19/2024 - 4:52:15 AM