Huge double boxset of Android patches lands after Qualcomm disk encryption blown open

Sunday, 10-July-2016 Leave a comment


What a coincidence

Google has released two bundles of Android security patches this month: a smaller one to handle bugs in the operating system, and a larger package that tackles a raft of driver-level issues, particularly with Qualcomm’s hardware.…

Huge double boxset of Android patches lands after Qualcomm disk encryption blown open
Iain Thomson
Wed, 06 Jul 2016 19:03:10 GMT

Categories: Uncategorized

OpenNTPD 5.7p1 Released

Monday, 19-January-2015 Leave a comment


Brent Cook (bcook@), still flush from success in creating the portable version of LibreSSL, has turned his hand to to OpenNTPD:

After a long hiatus, the latest version of OpenNTPD is available once again in a portable release.

  • Support for a new build infrastructure based on the LibreSSL framework. Source code is integrated directly from the OpenBSD tree with few manual changes, easing maintenance.
  • Removed support for several OSes pending test reports and updated portability code.
  • Supports the Simple Network Time Protocol version 4 as described in RFC 5905
  • Added route virtualization (rdomain) support.
  • Added ntpctl(8), which allows for querying ntpd(8) at runtime.
  • Finer-grained clock adjustment via adjfreq / ntp_adjtime where available.
  • Improved latency on heavily-loaded machines.

Hopefully those who’ve repackaged the previous releases for their OSes will update in due course.

OpenNTPD 5.7p1 Released
Fri, 09 Jan 2015 08:48:12 GMT

Categories: Uncategorized Tags: , ,

Announcing EMET 5.0 Technical Preview

Wednesday, 26-February-2014 Leave a comment

Announcing EMET 5.0 Technical Preview

Today, we are thrilled to announce a preview release of the next version of the Enhanced Mitigation Experience Toolkit, better known as EMET. You can download EMET 5.0 Technical Preview here. This Technical Preview introduces new features and enhancements that we expect to be key components of the final EMET 5.0 release. We are releasing this technical preview to gather customer feedback about the new features and enhancements. Your feedback will affect the final EMET 5.0 technical implementation. We encourage you to download this Technical Preview, try it out in a test environment, and let us know how you would like these features and enhancements to show up in the final version. If you are in San Francisco, California, for the RSA Conference USA 2014, please join us at the Microsoft booth (number 3005) for a demo of EMET 5.0 Technical Preview and give us feedback directly in person.  Several members of the EMET team will be demonstrating at the Microsoft booth for the entire Conference.

As mentioned, this Technical Preview release implements new features to disrupt and block the attacks that we have detected and analyzed over the past several months. The techniques used in these attacks have inspired us with new mitigation ideas to disrupt exploitation and raise the cost to write reliable exploits. The EMET 5.0 Technical Preview also implements additional defensive mechanisms to reduce exposure from attacks.

The two new features introduced in EMET 5.0 Technical Preview are the Attack Surface Reduction (ASR) and the Export Address Table Filtering Plus (EAF+). Similar to what we have done with EMET 3.5 Technical Preview, where we introduced a new set of mitigations to counter Return Oriented Programming (ROP), we are introducing these two new mitigations and ask for your feedback on how they can be improved. Of course, they are a “work in progress.” Our goal is to have them polished for the final version of EMET 5.0.

Continue reading the blog post here

Categories: Uncategorized

SafeCurves: choosing safe curves for elliptic-curve cryptography

Monday, 17-February-2014 Leave a comment

SafeCurves: choosing safe curves for elliptic-curve cryptography

Categories: Uncategorized

New algorithm finds you, even in untagged photos

Monday, 17-February-2014 Leave a comment

New algorithm finds you, even in untagged photos

Categories: Uncategorized

Dealing with DoS/DDoS attacks? BCP38 is your friend.

Monday, 17-February-2014 Leave a comment

Dealing with DoS/DDoS attacks? BCP38 is your friend.

Categories: Uncategorized

A revised version of the tcpcrypt draft (opportunistic TCP encryption) has been released.

Monday, 17-February-2014 Leave a comment

Cryptographic protection of TCP Streams (tcpcrypt)

Categories: Uncategorized