The private key itself is AES-256 encrypted. After exporting Bitcoin private keys from wallet.dat file, data is stored in a TrueCrypt container on three separate flash drives. Using Shamir’s Secret Sharing algorithm, the container password is then split into three parts utilizing a 2-of-3 secret sharing model. Incorporating physical security with electronic security, each flash drive from various manufacturers is duplicated several times and, together with a CD-ROM, those items are vaulted in a bank safety deposit box in three different legal jurisdictions. To leverage geographic distribution as well, each bank stores only part of a key, so if a single deposit box is compromised, no funds are lost.
Category Archives: Technical
Sharpening Endpoint Security
Endpoints are as hard to define as they are to protect. The term traditionally referred to desktops and laptops, but endpoints now encompass smartphones, tablets, point-of-sale machines, bar code scanners, multifunction printers and practically any other device that connects to the company network. Without a well-conceived strategy, keeping track of and securing these devices is difficult and frustrating.
via Sharpening Endpoint Security – Dark Reading.
Some IT shops buy cleverly marketed products that promise off-the-shelf endpoint security using anti-malware and sandboxing. In most cases, attackers can easily bypass those defenses
US hackers attacked military websites, says China’s defence ministry
The White House has said that it has taken its concerns about cyber-theft to the highest levels of China’s government. China denied the allegations, saying it was also the victim of cyber attacks.
via BBC News – US hackers attacked military websites, says China’s defence ministry.
Xerox’s CEO Wants to Shake Up the Services Market
Can you make it such that—most calls are recorded—you can look at the calls after and figure out key things, see patterns via big data? And can you actually apply that?
via Xerox’s CEO Wants to Shake Up the Services Market | MIT Technology Review.
NASA Loses Space Station Contact; But No Danger
NASA spokesman Josh Byerly said something went wrong around 9:45 a.m. EST Tuesday during a computer software update on the station. The outpost abruptly lost all communication, voice and command from Houston.
via NASA Loses Space Station Contact; But No Danger « CBS DC.
Six months without Adobe Flash, and I feel fine
Things I miss: most YouTube videos are Flash-based (although often if you find them embedded on a page, YouTube will provide an HTML5 version on the fly). HTML5 playback in addition is smoother than FLV videos ever were. There are fewer glitches, slowdowns, jitters and so forth.
Interesting read. I went without Flash for awhile a few years ago on when 64 bit was new on the linux box because I couldn’t get it to work and it became too much of a PITA and a waste of time to figure out. I hardly ever use YouTube however.
Security Firm Bit9 Hacked, Used to Spread Malware
An hour after being contacted by KrebsOnSecurity, Bit9 published a blog post acknowledging a break-in. The company said attackers managed to compromise some of Bit9′s systems that were not protected by the company’s own software. Once inside, the firm said, attackers were able to steal Bit9′s secret code-signing certificates.
via Security Firm Bit9 Hacked, Used to Spread Malware — Krebs on Security.
Telefonica and Big Data
In addition, he notes there are a number of analytics experiments underway at different operating units, including Vivo in Brazil, which is pushing ahead with projects around location analysis, Web navigation analysis based on deep packet inspection (DPI) data, and call center message analysis.
via . Telefonica Battles Big Data Hype
I found the mention of DPI in their big data strategy rather interesting as well as location analysis. The kind of location analysis a telecom operator can perform on vast populations is mind boggling.
50 Million Potentially Vulnerable to UPnP Flaws
Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol SSDP requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol SOAP. This level of exposure was far higher than researchers had expected, according to the report.
via 50 Million Potentially Vulnerable to UPnP Flaws | threatpost.
AV-TEST – The Independent IT-Security Institute: Nov/Dec 2012
AV-TEST – The Independent IT-Security Institute: Nov/Dec 2012.
This is an interesting link to test results of various anti virus vendors’ products. I don’t use AV and looking at these results it looks like in general AV doesn’t protect all that much. I have not dug any deeper into their methodology however.