Archive | Research RSS feed for this section

End-To-End Web Crypto: A Broken Security Model

End-to-end encryption of web services is increasingly popular: Mailvelope aims to bolt a PGP client onto webmail and both Yahoo and Google are working to add support directly. However, the fundamental nature of the web and the limits of human cognition make web-based E2E encryption susceptible to MITM attacks.  While still potentially useful, such systems should not be used by high-risk populations such as journalists and human rights workers. (more…)

Continue Reading →

Counterfeit-Proof Physical Bitcoins

The problem with current “physical” Bitcoins systems is that their production cost scales at upfrontCost + btcValue x rawMaterialsCost x coins while the attack cost is only upfrontCost + rawMaterialsCost x coins.  Storing a physical one-way hash of the individual coins on Namecoin would make such coins “counterfeit-proof” in that the attack cost scales at some multiple of the reproduction cost of the physical one-way hash.  This is a major breakthrough for both Bitcoin and traditional currencies. (more…)

Continue Reading →

Safeplug is Not Safe

The importance of my personal security has increased in line with my involvement within Namecoin and as head of  Lots of money and secrets could be gleaned from compromising my systems. My laptop is the workhorse for all of my personal and professional  activities and segregating my administrative functions would be very complex and less secure than I would like. Over the winter break I looked over my options and settled on using a Chromebook and an NFC implant

Continue Reading →

Testing Assumptions about the Tor Network

As part of an independent study course at the University of Washington, I spent time trying to improve the usability of Tor.  Tor is a network that forwards internet traffic between several computers to who the user that is accessing the site is and what sites a specific user is accessing.  My ideas on how to improve the network did not pan out, but my testing raises some interesting questions and it is best shared in an online format. (more…)

Continue Reading →

Ubiquity Advert

I don’t really need to make it perfect for my closed tests.  If I were doing this for a real ad I would have a single, flowing sequence like search on Craigslist, check prices on Ebay, email it to a friend, and  insert a map.  I am working out some compression issues so I can put the iMovie project online to make remixing easier if you are interested.  Suggestions are welcomed in the interim : )