The recent ‘Devil’s Ivy’ vulnerability has caused quite a rash in the security journalism community. Is it as bad as poison ivy or just a bunch of hyperbole? We discuss. Plus you’ve heard of public key encryption, but what lies beyond? We cover some possible alternatives and the problem of identity.

Then Dan’s got the latest on his Let’s encrypt setup including a brand new open source tool you too can use!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

• HD Video
• MP3 Audio
• YouTube
• HD Torrent

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

‘Devil’s Ivy’ Vulnerability

• Original work

• Bug is in gSOAP by Genivia

• gSOAP is a C and C++ software development toolkit for SOAP/XML web services and generic XML data bindings. The gSOAP tools generate efficient source code for XML serialization of any type of C/C++ data with zero-copy overhead.

• Plant is toxic to dogs & cats, and it is almost impossible to kill

Beyond public key encryption

• One of the saddest and most fascinating things about applied cryptography is how 6689264031_4c7516b3e1_zlittle cryptography we actually use. In fact, with a few minor exceptions, the vast majority of the cryptography we use was settled by the early-2000s.*

• Identity Based Cryptography – In the mid-1980s, a cryptographer named Adi Shamir proposed a radical new idea. The idea, put simply, was to get rid of public keys.

• Attribute Based Encryption – The beautiful thing about this idea is not fuzzy IBE. It’s that once you have a threshold gate and a concept of “attributes”, you can more interesting things. The main observation is that a threshold gate can be used to implement the boolean AND and OR gates

Dan’s Let’s Encrypt Tool

• use case is centralized Let’s Encrypt with dns-01 challenges

Feedback

• ARM & risc systems not readily sold. Intel and AMD have a very compelling AESNI and virt instructions, and PCIe

• Host your own mail server – see https://www.nethserver.org/

• PXE boot – see Zalman ZM-VE350

  • iPXE – open source boot firmware
  • netboot.xyz
  • PXE – ArchWiki
• HOWTO: setup a PXE Server with dnsmasq
• Cobbler – Linux install and update server

Round Up:

• Alexa is listening to what you say – and might share that with developers – see https://nakedsecurity.sophos.com/2017/07/17/alexa-is-listening-to-what-you-say-and-might-share-that-with-developers/

• Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

• BCBS sent out USB cards telling people to insert into their computer. Here is the prototype for the next big wave of security breaches.

• Google Glass 2.0 is a startling second act

• Google Glass is officially back with a clearer vision