Recent Posts

Full Disk Encryption 😇 Keep your data private, even if you lose your device Having an attacker with physical access to your device is one of the worst scenarios. If the data is not encrypted on the disk, then the attacker can simply disassemble your device, get the HDD/SDD, put it in his machine, and read the data. For this reason, encrypting your … Read More »

Password Managers I recently thought about good solutions for passwords in general. I have found one with which I was ok for a while, but more and more services get compromised. Try haveibeenpwned.com or Firefox Monitor to see if you are affected. One easy way to keep the damage small is … Read More »

Autofill Phishing Autofill phishing is a simple technique I wasn't aware of until a few hours ago. It simply uses the fact that we are so used to filling out forms, that we usually let our Browser fill out the forms. Maybe we check if there is data which we don't want … Read More »

Vertex coloring This is a quick article I had for quite a while as a draft. It might not be finished or have other problems, but I still want to share it. The problem The Vertex Coloring problem can be described like this: Vertex Coloring Let $G = (V, E)$ be an undirected … Read More »

Kollisionsresistente Hashfunktionen und Einwegfunktionen Definitionen Sei $f:X \rightarrow Y$ eine Funktion. $f$ heißt eine Einwegfunktion, genau dann wenn für alle $x \in X$ gilt: $y := f(x)$ kann in Polynomialzeit berechnet werden Für die Berechnung eines Urbildes $x$ aus $y$ existiert kein randomisierter Algorithmus, der in Polynomialzeit läuft. Eine Funktion $H:\{0,1 … Read More »

SQL Injections SQL is a language that allows prorammers to access data in databases. Most of the time (always?) you pass your queries in form of strings to the database. In online services it is quite common that the programmer formulates a template and the user fills in variables. Example: IMDb Take … Read More »

Data Backup Strategies Yesterday, I thought what would happen if my internal or external hard drive crashed. The hard disk of this computer contains 53 GB of data (on Linux: df -H). As my home folder only contains 35.3 GB of data, 17.7 GB seem to be programs. 21.1 GB … Read More »

Semantische Sicherheit In der Vorlesung vom 25.04.2013 hat Prof. Hofheinz gesagt, dass man semantische Sicherheit praktisch nicht beweisen kann, da man zuerst $\mathcal{P} \neq \mathcal{NP}$ beweisen müsste. Warum das so ist, versuche ich nun zu erläutern. Einwegfunktionen und $\mathcal{P} \neq \mathcal{NP}$ Sei $f:X \rightarrow Y … Read More »

Linux access rights and attributes RWX Files Linux files have three important access rights for files: Read Write Execute If you want to mark a file as executable, you can add the x-right: chmod +x When you want to mark a file as readable, you can dd the r-right: chmod +r … Read More »

Stuxnet The following clip is a nice, short explanation of Stuxnet, a computer worm discovered in June 2010: Stuxnet Explained (Vimeo) Background Stuxnet was significant as one of the first known pieces of malware specifically designed to target industrial control systems. It marked a new era in cyberwarfare, demonstrating how software … Read More »