Charles Guillemet

@P3b7_

CTO . Cryptography, (Hardware) Security research. Interested in Tech, Security, Cryptography, Blockchain. Built the Donjon ()

Grenoble
Vrijeme pridruživanja: rujan 2018.

Tweetovi

Blokirali ste korisnika/cu @P3b7_

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @P3b7_

  1. proslijedio/la je Tweet
    3. velj

    TeamViewer stored user passwords encrypted, not hashed, and the key is now public

    Poništi
  2. proslijedio/la je Tweet
    2. velj
    Odgovor korisniku/ci

    I do like that Trezor is all OSS (primary value IMHO) but in practice I believe it has limited value. The Ledger “smart card pattern” vs “using generic processors” brings a lot of value when assessing against associated threat models.

    Poništi
  3. proslijedio/la je Tweet
    2. velj

    I am starting a blog. First post is about the StarkWare Hash Challenge

    Poništi
  4. 31. sij
    Prikaži ovu nit
    Poništi
  5. 31. sij

    Still, it's more secure to HODL with a Hardware wallet rather than in an exchange Considering an attacker w/ a physical access to the Trezor, a STRONG passphrase mitigates the attack An attacker with simply a malware on your PC/mobile would get your exchange creds in 1 min...

    Prikaži ovu nit
    Poništi
  6. 31. sij

    "We responsibly disclosed the full details of this attack to the Trezor team [...]. We are going public with this vulnerability disclosure now so that the crypto community can protect themselves before a fix is released by the Trezor team." The attack is not fixable, so ...

    Poništi
  7. proslijedio/la je Tweet
    31. sij

    2/2. The attack is indeed feasible with a low-cost hardware. We built our own card to ensure this. With a few additional efforts you might be able to dump the WHOLE chip in less than 1 minute

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    31. sij

    1/2. Congrats for contributing to secure the ecosystem! Your attack is very close to the one we implemented a year ago As the attack is not fixable, we preferred not sharing the details to avoid exploitation on the field.

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    31. sij
    Odgovor korisniku/ci
    Poništi
  10. proslijedio/la je Tweet
    31. sij

    Let’s take back control, for real! On the day of the , we empower people to take control and experience the . Learn more:

    Poništi
  11. Poništi
  12. proslijedio/la je Tweet
    28. sij

    A photo is a mathematical representation of your face.

    Poništi
  13. proslijedio/la je Tweet
    27. sij

    Yet another Intel CPU flaw affects SGX. 2020: Please stop cheating by "solving" crypto problems with SGX magic, it does not work.

    Poništi
  14. 27. sij
    Poništi
  15. proslijedio/la je Tweet
    26. sij

    Elliptic curve crypto sucks :-p "Extrapolating (...), at similar classical security levels, elliptic curve cryptography is less secure than RSA against a quantum attack

    Poništi
  16. 26. sij

    Bitcoin Gold (BTG) has been 51% attacked again. 2 deep reorgs in 2 days, both of which contained double-spends... No real market rection... ¯\_(ツ)_/¯

    Poništi
  17. proslijedio/la je Tweet

    So what does an IoT device need? A hardware root of trust should be provided by the device. This should be a unique identifier and a key which is signed by a mutually trusted authority.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    19. velj 2019.

    LASCAR : Ledger's Advanced Side A fast, versatile, and python3 designed to facilitate Side-Channel Analysis

    Poništi
  19. proslijedio/la je Tweet
    24. sij

    This article is dear to me. While Luc ( ) wrote the article and did the in-depth analysis, I did the record of the scenario and the initial analysis with REVEN. It wasn't much, but as primarily a developer this was a small dive in RE and good dogfooding.

    Poništi
  20. proslijedio/la je Tweet
    23. sij

    NEW: is partnering with dapp provider FLETA, offering legally compliant custody solutions as part of its expansion push in Asia. David Pan / reports

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·