Archives
All the posts, in one place.
-
post
Oct 1, 2024 - 100 Words - -
puzzles
Oct 1, 2024 - 100 Words -
-
security
Oct 1, 2024 - 100 Words -
-
Tags
Oct 1, 2024 - 100 Words -
-
Types
Oct 1, 2024 - 100 Words -
- Update on August Ping Storms
-
infosec
Sep 27, 2024 - 100 Words -
- Ping Storms at GreyNoise
- Funemployment, and Next Steps
-
personal
Jul 9, 2024 - 100 Words -
-
work
Jul 9, 2024 - 100 Words -
-
hardware
Apr 26, 2021 - 100 Words -
-
home-automation
Apr 26, 2021 - 100 Words -
-
remote-keypad
Apr 26, 2021 - 100 Words -
-
Series
Apr 26, 2021 - 100 Words -
-
Using an Adafruit NeoTrellis Keypad with MQTT
Apr 26, 2021 - 2200 Words -
-
Building a remote-control home automation keypad
Apr 25, 2021 - 1100 Words -
-
code
Mar 11, 2021 - 100 Words -
- Codenames Board Generator
-
fun
Mar 11, 2021 - 100 Words -
-
1password
Nov 12, 2018 - 100 Words -
-
1Password - Full Trip from Unlock to Encryption
Nov 12, 2018 - 1900 Words -
-
cryptography
Nov 12, 2018 - 100 Words -
-
BSidesDE - A deep dive into 1Password Security
Nov 9, 2018 - 100 Words -
-
Lists
Nov 9, 2018 - 100 Words -
-
presentations
Nov 9, 2018 - 100 Words -
-
reference
Nov 9, 2018 - 100 Words -
-
1Password - Wrapping up with a few quick topics
Nov 9, 2018 - 1400 Words -
-
1Password - Local Vaults
Nov 9, 2018 - 2400 Words -
-
1Password - Into the Vaults!
Nov 9, 2018 - 1500 Words -
-
1Password - Unlocking Windows Clients
Nov 9, 2018 - 2100 Words -
-
1Password - MUKing about on the Mac
Nov 9, 2018 - 2000 Words -
-
How 1Password Works - Getting under the hood
Nov 9, 2018 - 800 Words -
-
Encrypting for Apple's Secure Enclave
May 31, 2018 - 2200 Words -
-
ios
May 31, 2018 - 100 Words -
-
macos
May 31, 2018 - 100 Words -
-
crafts
Oct 17, 2017 - 100 Words -
-
Infosec Conference Badge Display
Oct 17, 2017 - 600 Words -
-
woodworking
Oct 17, 2017 - 100 Words -
-
engineering
Sep 12, 2017 - 100 Words -
-
rant
Sep 12, 2017 - 100 Words -
-
technology
Sep 12, 2017 - 100 Words -
-
Technology Sucks
Sep 12, 2017 - 1500 Words -
-
astronomy
Aug 24, 2017 - 100 Words -
-
Eclipse.
Aug 24, 2017 - 3900 Words -
-
photography
Aug 24, 2017 - 100 Words -
-
travel
Aug 24, 2017 - 100 Words -
-
iPhone Secure Enclave Firmware Key Found
Aug 17, 2017 - 1700 Words -
-
New Website Engine
Aug 7, 2017 - 800 Words -
-
software
Aug 7, 2017 - 100 Words -
-
homestuff
Aug 3, 2017 - 100 Words -
-
New Standing Desk
Aug 3, 2017 - 1100 Words -
-
ShmooCon 2017 Badge (and more) Contest - Solutions
Jan 20, 2017 - 8500 Words -
-
puzzle-data
Jan 20, 2017 - 100 Words -
-
ShmooCon 2017 Badge (and more) Contest - Challenges
Jan 20, 2017 - 1400 Words -
-
BSidesROC - A (not so quick) Primer on iOS Encryption
Apr 23, 2016 - 100 Words -
-
Poem Codes - WWII Crypto Techniques
Mar 27, 2016 - 2700 Words -
-
Put away the tin-foil: The Apple unlock case is complicated enough
Feb 19, 2016 - 2100 Words -
-
mobile
Feb 10, 2016 - 100 Words -
-
Mobile App Authentication using TouchID and Tidas
Feb 10, 2016 - 1000 Words -
- Blizzard of 2016 Time-lapse
-
weather
Jan 22, 2016 - 100 Words -
-
ShmooCon - My Hash Is My Passport: Understanding Web and Mobile Authentication
Jan 17, 2016 - 400 Words -
- DLP Considered Harmful - A Rant about Reliable Certificate Pinning
-
pki
Nov 24, 2015 - 100 Words -
-
Thoughts on CyberUL and Infosec Research
Jul 29, 2015 - 1900 Words -
-
passwords
Apr 21, 2015 - 100 Words -
-
Salt as a Service: Interesting approach to hashing passwords
Apr 21, 2015 - 1100 Words -
-
Nails in the Crypt - White Paper
Mar 6, 2015 - 100 Words -
-
papers
Mar 6, 2015 - 100 Words -
- Lenovo, CA Certs, and Trust
- ShmooCon - Knock Knock: A Survey of iOS Authentication Methods
-
appletv
Nov 18, 2014 - 100 Words -
-
DerbyCon 2013 - Apple TV and Raspberry Pi Slides
Nov 18, 2014 - 100 Words -
-
reverse-engineering
Nov 18, 2014 - 100 Words -
- Bypassing the lockout delay on iOS devices
-
Why I hate voting.
Nov 4, 2014 - 800 Words -
-
What's the deal with keyless entry car thefts?
Oct 28, 2014 - 1100 Words -
-
link
Oct 27, 2014 - 100 Words -
- MCX - a lousy substitute for proven technology
-
privacy
Oct 27, 2014 - 100 Words -
- iPhone SMS forwarding -- cool, but may be risky
- Rebutting FUD and privacy issues surrounding Yosemite Spotlight
-
NoVA Hackers - iOS Cryptography Slides
Oct 14, 2014 - 700 Words -
- Even more posts about iOS encryption
-
A (not so) quick primer on iOS encryption
Oct 6, 2014 - 3900 Words -
- Beacons being deployed in NYC phone booths
-
data
Sep 5, 2014 - 100 Words -
- Internet of SCADA, or, why does my HVAC blow?
-
Praetorian Crypto Challenge
Aug 25, 2014 - 600 Words - -
Stealing user events from foreground apps on Android
Aug 22, 2014 - 200 Words -
-
BSidesLV 2014 Badge Contest
Aug 10, 2014 - 4400 Words -
-
BSidesLV 2014 Badge Contest - Challenges
Aug 10, 2014 - 500 Words -
-
BSLV 2014 - Breaking PRNGs
Aug 6, 2014 - 400 Words -
-
Duo Security Bypasses PayPal 2FA for Mobile Apps
Jun 25, 2014 - 300 Words -
-
Early look at iOS 8 configuration profile changes
Jun 18, 2014 - 200 Words -
-
More Mobile Malware Melodrama
Jun 17, 2014 - 500 Words -
- iOS Malware - Still FUDish, not quite a Real Problem (yet)
-
crazy-ideas
Jun 2, 2014 - 100 Words -
-
Memory Pressure, Capacity Limits, and Ubiquitous Computing
Jun 2, 2014 - 900 Words -
-
Making Tunnelblick + Google Authenticator Easier to Use
May 30, 2014 - 1100 Words -
- Apple ID Compromise and Device Lockout
-
iOS Backups are Still Broken
May 19, 2014 - 500 Words -
-
How much of your email goes through Google?
May 12, 2014 - 200 Words -
-
bugs
May 8, 2014 - 100 Words -
- Inadvertent OS X Mail Loading of Images in SPAM
-
osx
May 8, 2014 - 100 Words -
-
Dark Reading on the VZ DBIR puzzle
May 6, 2014 - 100 Words -
-
Referrer considered harmful: Leaking location of obscurely shared docs
May 6, 2014 - 300 Words -
- Apple ID Madness
-
howto
May 4, 2014 - 100 Words -
-
blabbering
May 2, 2014 - 100 Words -
-
It's time to (re)start.
May 2, 2014 - 300 Words -
-
BSidesROC 2014 - Crypto Puzzle
Apr 5, 2014 - 100 Words -
-
About
Apr 1, 2014 - 700 Words -
-
crosspost
Mar 10, 2014 - 100 Words -
- Sanitize your outputs: Apple ID Password Logfile Disclosure
- CVE-2014-1279 - Password Disclosure via Apple TV Touch Setup
-
More Fun with Apple TV Hacking (and Manual RSA Signature Validation)
Feb 21, 2014 - 1800 Words -
-
Apple TV Hacking, Counterattacks, and Certificate Pinning
Feb 11, 2014 - 1000 Words -
-
ShmooCon 2014 - Crypto Puzzle Slides
Jan 19, 2014 - 100 Words -
-
Good fun with bad crypto
Jan 15, 2014 - 1300 Words -
-
Raspberry Pi Media Center on AppleTV - No Jailbreak Required
Sep 29, 2013 - 2600 Words -
-
iStupid: the indescreet SSID tool
Jun 19, 2013 - 200 Words -
-
Hijacking accounts using unicode magic
Jun 18, 2013 - 200 Words -
-
Apple's security strategy: make it invisible
Jun 14, 2013 - 200 Words -
-
A chameleon for your streams
Jun 13, 2013 - 200 Words -
-
iOS 7 and Mavericks: New feature roundup from a security perspective – Intrepidus Group - Insight
Jun 11, 2013 - 100 Words -
- iOS 7 and Mavericks: New feature roundup from a security perspective
-
Android Security Overview
Jun 5, 2013 - 100 Words -
-
Skout server leaked nearly-exact location information on users
May 31, 2013 - 200 Words -
-
Auto-updating iOS apps
May 22, 2013 - 100 Words -
-
Two-factor authentication for Twitter: One account at a time
May 22, 2013 - 200 Words -
-
Google Hangouts and XMPP
May 17, 2013 - 400 Words -
-
Recovering iPhone Restrictions Passcode
May 16, 2013 - 100 Words -
-
Social Share Privacy
May 16, 2013 - 200 Words -
-
How To Safely Store A Password
May 16, 2013 - 100 Words -
-
Apple, Forensics, Law Enforcement, and FUD
May 13, 2013 - 1400 Words -
- iSniff your Wi-Fi and GPS your House
-
risk
May 10, 2013 - 100 Words -
-
tools
May 10, 2013 - 100 Words -
-
archived-comments
May 10, 2013 - 100 Words -
-
iSniff your WiFi - Archived Comments
May 10, 2013 - 600 Words - -
DBIR Cover Challenge 2013
Apr 29, 2013 - 2400 Words -
-
2013 DBIR Puzzle - Archived Comments
Apr 29, 2013 - 300 Words -
- iOS Configuration Profile Ransomware
-
phishing
Apr 11, 2013 - 100 Words -
-
ShmooCon 2013 - Crypto Puzzle Slides
Feb 17, 2013 - 100 Words -
-
conferences
Feb 12, 2013 - 100 Words -
-
Getting ready for ShmooCon
Feb 12, 2013 - 300 Words -
- Evading evasi0n: iOS 6 Jailbreak Prevention
-
mdm
Feb 5, 2013 - 100 Words -
-
Tracking Down the UDID Source - Archived Comments
Sep 10, 2012 - 1100 Words -
-
breach
Sep 10, 2012 - 100 Words -
-
Fidelis Decode This 2012 - Archived Comments
Sep 10, 2012 - 100 Words -
- Tracking Down the UDID Breach Source
- What the flagnog? The Apple / FBI UDID breach, simplified.
-
Winning the Decode This! puzzle at Black Hat
Aug 17, 2012 - 300 Words -
-
Fidelis Security Systems' Decode This 2012
Aug 17, 2012 - 1200 Words -
-
FidSecSys Decode This 2012 Ciphertext and Hints
Aug 17, 2012 - 200 Words -
- Apple's iOS Security Overview
-
Apple Using Unsalted Hashes Too?
Jun 7, 2012 - 600 Words -
-
Verizon 2012 DBIR Challenge
Mar 28, 2012 - 400 Words -
-
2012 DBIR Puzzle - Archived Comments
Mar 28, 2012 - 600 Words -
-
2012 Verizon DBIR Cover Challenge
Mar 28, 2012 - 3700 Words -
-
Verizon 2012 DBIR Sources
Mar 28, 2012 - 400 Words -
- Quick Look at Apple Configurator
-
MDM Hacks - Archived Comments
Feb 27, 2012 - 400 Words -
- iOS MDM: Preventing Disassociation DOS and Potemkin Devices
-
Verifying a Detached S/MIME Signature in Python
Feb 21, 2012 - 600 Words -
-
BSides Phoenix 2012 Badge Puzzle
Feb 19, 2012 - 1500 Words -
-
BSidesPHX 2012 Images
Feb 19, 2012 - 100 Words -
-
Changes to iOS 5.0 MDM - Archived Comments
Feb 15, 2012 - 1100 Words -
-
ShmooCon 2008 Puzzle - Archived Comments
Feb 10, 2012 - 300 Words -
-
ShmooCon 2008 Badge Puzzle
Feb 4, 2012 - 1900 Words -
-
ShmooCon 2012 Puzzle - Archived Comments
Feb 4, 2012 - 1700 Words -
-
ShmooCon 2012 Badge Puzzle
Feb 3, 2012 - 1800 Words -
-
ShmooCon 2012 Puzzle Data
Feb 3, 2012 - 100 Words -
-
ShmooCon 2012 Puzzle Slides
Feb 3, 2012 - 100 Words -
-
Changes to Apple MDM for iOS 5.x
Jan 31, 2012 - 300 Words -
- ShmooCon 2012 - Apple MDM Slides
- iOS MDM Command Reference
- Finding Which Root CAs You Actually Use
-
BlackHat 2011 Fidelis Puzzle - Archived Comments
Aug 30, 2011 - 100 Words -
-
How to Lose $1000 in Vegas Without Even Gambling
Aug 30, 2011 - 1900 Words -
-
Fidelis Security "Decode This" Black Hat Challenge
Aug 30, 2011 - 100 Words -
-
First Anniversary
Aug 23, 2011 - 600 Words -
-
BlackHat 2011 Preview - Archived Comments
Aug 21, 2011 - 100 Words -
- Strengths and Weaknesses in Apple's MDM System
- BlackHat 2011 - Apple MDM Paper
- BlackHat 2011 - Apple MDM Slides
-
CarolinaCon Flag Puzzle - Archived Comments
Jul 28, 2011 - 200 Words -
-
DEF CON 16 Puzzle - Archived Comments
Jul 28, 2011 - 100 Words -
-
Inside Apple's MDM Black Box -- Black Hat USA 2011
Jul 28, 2011 - 500 Words -
-
Great Googly Moogly! I'm speaking at Black Hat!
Jul 28, 2011 - 800 Words -
-
DEF CON 16 Punch Card Puzzle
Jul 27, 2011 - 1400 Words -
-
Nails in the Crypt - Archvied Comments
May 23, 2011 - 400 Words -
-
CarolinaCon Flag Puzzle
May 8, 2011 - 1800 Words -
- Analysis of iOS Location Data from Multiple Devices
- Is the iOS 4 location tracking privacy issue overblown?
-
The 2009 Verizon Data Breach Investigation Report
Apr 12, 2011 - 1500 Words -
-
2009 Verizon DBIR Ciphertext
Apr 12, 2011 - 100 Words -
-
NoVAHackers - Nails in the Crypt slides
Apr 11, 2011 - 100 Words -
-
Quantifying the Unknown: Measuring a Theoretical SecurID Attack
Mar 22, 2011 - 1700 Words -
-
The RSA/SecurID Compromise: What is my risk?
Mar 18, 2011 - 900 Words -
-
RSA/SecurID Compromise - Archived Comments
Mar 18, 2011 - 1500 Words -
-
iOS Overlays - Archived Comments
Mar 12, 2011 - 100 Words -
- VeriFone vs Square - A Draw?
-
Crazy idea for multi-user iPads
Feb 25, 2011 - 700 Words -
- Simple Bypass of Safari Restrictions on iOS
- Bypassing MDM Restrictions for Mobile Safari on iOS 4.2
-
ShmooCon 2011 Puzzle - Archived Comments
Feb 9, 2011 - 100 Words -
-
ShmooCon 2011 Badge Contest
Feb 9, 2011 - 4400 Words -
-
ShmooCon 7 Ciphertexts
Feb 9, 2011 - 1200 Words -
-
Breaking a 147-Year-Old Message
Dec 30, 2010 - 4000 Words -
-
Civil War Code Ciphertext
Dec 30, 2010 - 300 Words -
-
Civil War Ciphers Fall!
Dec 30, 2010 - 900 Words -
-
Nails in the Crypt
Dec 22, 2010 - 800 Words -
-
Rainbow Tables for Unix DES Crypt(3) Hashes
Dec 20, 2010 - 600 Words -
-
ToorCon 12 Puzzle - Archived Comments
Dec 7, 2010 - 400 Words -
-
ToorCon 12 Badge Puzzle Ciphertexts
Dec 6, 2010 - 400 Words -
-
ToorCon 12 Badge Puzzle
Dec 6, 2010 - 4500 Words -
-
THOTCON Pre-Sale Code Puzzle
Nov 22, 2010 - 2700 Words -
-
DEF CON 18 Crypto Challenge
Sep 2, 2010 - 3700 Words -
-
DEF CON 18 Crypto Challenge Ciphertexts
Sep 2, 2010 - 600 Words -
-
Puzzles and Contests
Aug 29, 2010 - 1800 Words -
-
ShmooCon 2010 Badge Puzzle Data
Aug 29, 2010 - 100 Words -
-
ShmooCon 2010 Badge Contest
Aug 29, 2010 - 2400 Words -
-
Quahogcon Flag Puzzle - Archived Comments
Aug 24, 2010 - 300 Words -
-
QuahogCon Flag Puzzle
May 20, 2010 - 1900 Words -
-
THOTCON 0x1 - Archived Comments
May 11, 2010 - 200 Words -
-
THOTCON 0x1 Puzzle
May 11, 2010 - 2900 Words -
-
ShmooCon 2009 Badge Contest
Apr 27, 2010 - 2000 Words -
-
Crazy Security Con Weekend!
Apr 23, 2010 - 500 Words -
-
khanfu
Apr 23, 2010 - 100 Words -
-
Belief-vs-Skepticism - Archived Comments
Apr 20, 2010 - 900 Words -
-
Blind Belief vs Excessive Skepticism
Apr 20, 2010 - 1300 Words -
-
Half-Baked Idea: Isolate Browser Security Contexts to Limit XSS Attacks
Apr 14, 2010 - 1300 Words -
-
It's Time To Start
Apr 14, 2010 - 200 Words -
-
Jan 1, 0001 - 5400 Words -
-
Projects
Jan 1, 0001 - 500 Words -
-
Publications
Jan 1, 0001 - 200 Words -
-
Talks and Presentations
Jan 1, 0001 - 200 Words -
-
Topics
Jan 1, 0001 - 300 Words -