Encrypting for Apple's Secure Enclave

post type iconMay 31, 2018 - 2200 Words -
Encryption, once you have a safe and well-implemented algorithm, is all about the keys. Lose control of your keys, and it’s “Game over, man!” What if we could put our keys somewhere completely out of reach, where even their owner can’t get to them? Yibikeys and HSMs can provide that security, but they’re external devices. However, recent iOS devices and MacBook Pros have something just as good: the Secure Enclave (SE).

Infosec Conference Badge Display

post type iconOct 17, 2017 - 600 Words -
post image
My first infosec con was the first ShmooCon, in 2005. Then I went to Black Hat and DEFCON. Then ShmooCon again. Then Vegas again. And before long, I had a whole lot of badges cluttering up drawers. Probably a code violation. (Circuit breakers are behind these doors). In 2010 I won, as part of the ShmooCon crypto contest, a stuffed moose head for the wall (“But not a real moose head, that’s cruel 🎶”).

Technology Sucks

post type iconSep 12, 2017 - 1500 Words -
post image
Technology today is flat-out amazing. When I was a kid, walking uphill through the snow to get to school, cordless phones were massive (and amplitude modulated near the broadcast band), and video recorders had wired remotes. If you could quantify it, I’d venture that today’s capabilities are 3 or 4 orders of magnitude above what we had 30 years ago. And at some point, almost without exception, I’ve hated every piece of technology I own.