XOR story RELOADED

Security firm Syss reports what allegedly seems to me another case of XOR story, speaking of a false sense of security. In an article from H-Security, the reports a serious weakness in some Secure-pendrive certified with the FIPS 140-2 Level 2 certificate: During a successful authorisation procedure the program will, irrespective of the password, always … Leggi tutto

‘unhackable’ netbook network

“The appearance of safety was mistaken for safety itself.” (Walter Lord) It seems reasonable to me that the prefix UN- should be banned from the world of computing and technology in general. We have several examples of UN-thingies. RMS Titanic Enigma machine so why not go on with the ‘unhackable’ netbook network “There was no … Leggi tutto

Another sad XOR story: Tornado plus from Alutek

Tom Olzak from TechRepublic.com reports another sad XOR story. Whilst an indipendent confirmation would be needed, it seems that the Tornado Plus from Alutek present us with another bad XOR story: poor cryptographic knownledge and a strong target towards clueless home users. Tom says they used XOR encryption for real! OMG. More snake oil for … Leggi tutto

USB sticks and cards with fingerprint readers: another Sad XOR story

Heise-online.co.uk is reporting another sad-sad-sad XOR Story. It seems that some usb biometric pendrives are relying on the pc’software to unlock the safe partition, instead of bothering inside the chip itself. “…the controller on the stick does not decide whether to provide access to the partition; the software running on Windows does. “ It seems … Leggi tutto