More on Comodo

A fellow calling himself (herself?) "ichsun" claims responsiblity for breaking into the Comodo CA to create bogus certificates.

He has posted (pasted, actually) a series of statements on that describe what happened and provide some evidence to support his claim. Note that the link above will probably go sour in a while, since Pastebin's policy is to recycle the pasted storage periodically.

Post category: 

More Bogus Certificates

I few months back I retold the story of a bogus Microsoft certificate issued by Verisign in 2001. It's a difficult story to track down ten years later because many articles published by then have either disappeared or been 'updated' to remove details.

Post category: 

The best on-line security examples?

I'm collecting links to good primary sources and on-line examples of information security concepts. I'm especially interested in finding videos that aren't simply text-based Powerpoint set to mpeg.

Down for a week

Yes, Cryptosmith has been down for a week. Last Saturday I directed GoDaddy to migrate me to a new set of clustered servers. After 3 days of asking the help desk about delays, they "escalated" the problem to the next level. The next level never answers the phone or bothers with mundane things like status reports.

Wordpress tag: 

Yet Another Migration

This site may be up and down over the next few days - March 12 to 16 - as I am trying to migrate to a higher performance hosting cluster. While I dearly love the capabilities of Drupal, my current hosting is dreadfully sluggish.

This is why you may occasionally visit this site and be greeted by a blank page. There are performance problems and I'm trying to fix them.

Wordpress tag: 

The REAL role of Tweets

David Pogue has finally illustrated to me the true purpose of 140-character tweets: they provide a crowdsource for one-liners.

Wordpress tag: 

Tales of Bob and Alice

While writing Elementary Information Security, I wanted simple and obvious reasons to introduce various obscure security topics. Initially I wrote a series of stories about those famous cryptographic protagonists, Bob and Alice.

The actual stories never made it into the textbook, so I'm posting them on the web site.

There are eight or nine of them. I've posted two so far and will post the rest as time permits.

Post category: 

Migrating a WordPress User List to Drupal

I'm always annoyed when I register for a web site only to have my user ID mysteriously disappear. The "" web site has recreated itself about four times in the past decade. Each time has led to re-registration by the entire user community.

Therefore I decided to make a strong effort to retain my user community while migrating my site. The easy part was to contact those who provided email addresses and tell them what was happening. The hard part was to deal with passwords.

Wordpress tag: 

Taking a Site Solidly Down

If you visited Cryptosmith during the afternoon of February 5, you may have seen this:

Cryptosmith Site Down

This appeared while I was removing WordPress files from the site and inserting Drupal files. The "Site Down" display was controlled by the ".htaccess" file stored in the site's root directory. As soon as Drupal stored a new .htaccess file, links were redirected to Drupal's scripts.

Wordpress tag: 

Blogging in Drupal

WordPress is well designed for blogging. I got used to the TinyMCE editor and easy-to-reach features to import graphics when using WordPress. I also got used to less sophisticated things like paragraph breaks and section subheadings. And I like the email alert when there's something to moderate.

I was appalled to discover that these things are omitted by default in Drupal.

Wordpress tag: 


Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer