Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

+ - AMA from Jason Pyeron @ CipherShed (a TrueCrypt fork)->

Submitted by jpyeron
jpyeron writes: In 2014, in response to the discontinuation of the TrueCrypt project, I joined a group of developers to pick up the torch. Our fork is called CipherShed, and our goals are to revive the TrueCrypt codebase, close its many security holes, and transition it to an OSI approved license.

I joined this project because the existing enterprise Full Disk Encryption products are terrible and untrustworthy; I never again want to hear on the news that peoplesâ(TM) information was compromised because of a stolen laptop.

There are many in the community, including my peers at CipherShed, that canâ(TM)t afford me their trust because my 20-year programming career happens to have included several stints of U.S. government work.

I understand the need for this healthy skepticism, especially in today's climate of nation-sponsored hacking and heads of state spouting anti-digital-rights rhetoric, and so I want to take this opportunity to engage with /r/netsec and the broader crypto community and answer any questions you may have about my background, the CipherShed project in general, CipherShed source code, or anything else you'd like to upvote.

Link to Original Source
Security

+ - New glitches in touch screens -- 40% failure rates->

Submitted by
destinyland
destinyland writes: "A new investigation by Dan Rather found 40% of voting machine touch screens from one parts supplier had to be returned as defective. It was only discovered after a new manager took over the manufacturing plant in "the shanty towns of Manilla." Even the $2.50-a-day workers were spotting parts defects, but their hurried managers would perform only one test — shaking the machine to see if anything rattled. A Florida elections specialist ultimately had to return 1800 touch screen voting machines as defective, because selecting the first box on a ballot would highlight the second box. But even after testing newer machines, he's not re-assured. "It seems like they'll work today, and tomorrow they might not work... They're just unreliable, in my opinion.""
Link to Original Source
Patents

+ - Do patents stop people creating 'perfect' devices?

Submitted by Chris M
Chris M writes: In a recent CNET article, the mobile phone editor writes about what he thinks would make a perfect phone. Unfortunately, as someone in the comments section points out, much of the technology that is used in this concept phone belongs to separate companies. 'Im sorry to be the devils advocate here, but most of those things are patented to separate companies. So it would require almost all the major manufacturers to do this, which is highly unlikely.' Do you think patents are stopping companies from creating devices or is it just a lack of imagination?
Encryption

+ - CPS-3 Encryption Scheme Broken->

Submitted by
zshadow
zshadow writes: "It's taken awhile, ten years to be exact, but Andreas Naive has successfully managed to break the protection on Capcom's CPS-3 arcade system board. The CPS-3 powered less than a dozen arcade classics, including JoJo's Bizarre Adventure, Red Earth, and Street Fighter III. The security system of the CPS-3 was rather advanced for its time. Any tampering to the game's security cartridge would result in the decryption key being erased, thereby rendering the respective cartridge useless. So, the decryption is broken, what does this all mean? In one word: Emulation. Now that the decryption task is done, the folks over at MAME have already started work on a CPS-3 emulator."
Link to Original Source
Security

+ - CPS-3 Encryption Scheme Broken->

Submitted by
x3sphere
x3sphere writes: "It's taken awhile, ten years to be exact, but Andreas Naive has successfully managed to break the protection on Capcom's CPS-3 arcade system board. The CPS-3 powered less than a dozen arcade classics, including JoJo's Bizarre Adventure, Red Earth, and Street Fighter III.

The security system of the CPS-3 was rather advanced for its time. Any tampering to the game's security cartridge would result in the decryption key being erased, thereby rendering the respective cartridge useless.

So, the decryption is broken, what does this all mean? In one word: Emulation. Now that the decryption task is done, the folks over at MAME have already started work on a CPS-3 emulator."

Link to Original Source

"When it comes to humility, I'm the greatest." -- Bullwinkle Moose

Working...