cryptosmith

Cryptosmith

Here is a crypto version of “Selling It,” a long-running back-page column in the magazine Consumer Reports. For those unsure of the acronyms, “SHA-256” stands for a version of the Secure Hash Algorithm yielding a 256-bit output. SHA is not encryption. People have used hash algorithms for encryption, but the ... Read More

My previous posting on the Proud Boys spam email speculated that voter records were widely available for such purposes. Here’s a story from 2017 reporting that voter data for about 198 million Americans was spilled from a “storage bucket” on Amazon’s Simple Storage Service (S3). The story shines a light ... Read More

The Proud Boys emails aren't actual threats. They're the lowest form of anonymous spam ... Read More

Members of the University of Minnesota’s MSSE Class of 2021: I am offering a Cloud Security elective based on the Coursera Cloud Security specialization currently under development. The first course, Cloud Security Basics, is already live. The remaining three courses go live this fall. If we think of networked computing being ... Read More

Like most people, I'm drawn to those small lists of "rules" that promise to make our lives better. Brian Krebs reposted a list back in May that we all need to share with our older loved ones: three basic rules of online safety ... Read More

Here’s an article from last year’s Scientific American: The Mathematics of (Hacking) Passwords. If you remember your logarithms, it’s a decent read. If you don’t, you can skip the math and read the details: why longer passwords are better. (The left-hand diagram comes from Figure 2.6 of Authentication.) ... Read More

I recently received an email sporting “Wells Fargo” logos. It asked me to do a survey. It was actually sent from the domain ‘morpace.com,’ which used to belong to a product survey company. When I googled the name ‘morpace’ the first thing I found was that the company had probably ... Read More

Just because the email (or letter) directs you to a phone number doesn’t mean you aren’t being phished. The nearby image shows part of a recent phishing email. It claims that I ordered a laptop/tablet from Microsoft for delivery to an unfamiliar address in Las Vegas. I’ve warned readers in ... Read More

I’ve been recording video lectures for a Coursera specialization in cloud computing. The first of the four courses is available right now. I’ve been asked to describe how I do this, so here we go. The nearby image shows how the videos appear: I’m on the right, talking, and we ... Read More

In other posts I describe how I’m producing videos for a Coursera specialization. This is a solo operation. I don’t have someone to hold the camera or answer the phone while I’m recording. When things go well, I produce exactly two, audio-synced video streams: the slide show presentation and my ... Read More