Home » Posts tagged "channel" (Page 2)

## 兩個都用 Slack 的公司可以直接在 Slack 上合作了

Slack 推出的新功能 Shared Channels：「Introducing Shared Channels: Where you can work with anyone in Slack」。

Shared Channels are a new kind of channel that connects two separate organizations, creating a common space for both sides to make use of Slack’s communication features and platform integrations when working together.

Accept the request: The other organization’s admin will receive a direct message from Slackbot, from which they can accept your request and add the channel to their workspace.

## 利用 Side-channel 資訊判斷被 HTTPS 保護的 Netflix 影片資訊

To support our analysis, we created a fingerprint database comprised of 42,027 Netflix videos. Given this collection of fingerprints, we show that our system can differentiate between videos with greater than 99.99% accuracy. Moreover, when tested against 200 random 20-minute video streams, our system identified 99.5% of the videos with the majority of the identifications occurring less than two and a half minutes into the video stream.

## OpenSSL 的 DSA 被 Side-channel attack 打爆

A unique feature of our work is that we target common cryptographic protocols. Previous works that demonstrate cache-timing key-recovery attack only target the cryptographic primitives, ignoring potential cache noise from the protocol implementation. In contrast, we present end-to-end attacks on two common cryptographic protocols: SSH and TLS. We are, therefore, the first to demonstrate that cache-timing attacks are a threat not only when executing the cryptographic primitives but also in the presence of the cache activity of the whole protocol suite.

260 SSH-2 handshakes to extract a 1024/160-bit DSA host key from an OpenSSH server, and 580 TLS 1.2 handshakes to extract a 2048/256-bit DSA key from an stunnel server.

CVE 編號為 CVE-2016-2178OpenSSL 全系列 (包括 fork 出去的版本) 與 OpenSSH 只要是 DSA 的實作都中獎...

## 在 C 裡 Concurrency 的 Library

```#include <libdill.h>
#include <stdio.h>
#include <stdlib.h>

coroutine int worker(const char *text) {
while(1) {
printf("%s\n", text);
msleep(now() + random() % 500);
}
return 0;
}

int main() {
go(worker("Hello!"));
go(worker("World!"));
msleep(now() + 5000);
return 0;
}```

## 密碼系統的 Monoculture

A major feature of these changes includes the dropping of traditional encryption algorithms and mechanisms like RSA, DH, ECDH/ECDSA, SHA-2, and AES, for a completely different set of mechanisms, including Curve25519 (designed by Dan Bernstein et al), EdDSA (Bernstein and colleagues), Poly1305 (Bernstein again) and ChaCha20 (by, you guessed it, Bernstein).

## 對 ECDSA 實體非破壞性的 Side Channel 攻擊

After observing the elliptic-curve DOUBLE and ADD operations during a few thousand signatures, the secret signing key can be completely reconstructed.

## 2015 年的 Turing Award 由 Whitfield Diffie 與 Martin E. Hellman 獲得

Diffie–Hellman key exchange 是全世界第一個 (1976 年) 在公開頻道上建立 shared secret 的演算法，直到現在都還廣泛的被使用，可以防禦被動式的監聽攻擊：

The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel.

a secure communication protocol is said to have forward secrecy if compromise of long-term keys does not compromise past session keys.

## 限制 WeeChat 中 buffers.pl 的寬度

WeeChat 上的 buffers.pl 是個很好用的套件，可以在側邊列出 channel，像是這樣：

`#mpdm-gslin--persona--personb--personc--persond--persone----1`