Dan Kaminsky - A Eulogy

I remember attending Dan Kaminsky’s talk at DEFCON 12 and being blown away by it. Three years later, I went on the original “Hackers on a Plane” trip and ended up seated next to Dan on one of the flights. We quickly became friends. His mentorship over the years had an enormous impact on me.

Read more...

You Can Create Art and Beauty on a Computer

In the early 90s, when I was in elementary school, I got assigned to write a report on a topic of my choosing. I decided to write about computer viruses. There weren’t many books at the time I could use as sources, but I found Levy’s “Hackers: Heroes of the Computer Revolution”

One thing from the book that stuck with me was “You can create art and beauty on a computer”.

Read more...

DKIM: Show Your Privates

If you’re like most people, there’s a good chance that it’s been years since you’ve sent an email that wasn’t cryptographically signed. You don’t use PGP, you say? Well, even if you are not signing your email, your provider is almost certainly doing it for you. Plausible deniability has been tossed aside in the name of stopping spam, but it doesn’t have to be.

Read more...

Artisanal RSA

Sometimes hacking requires doing things that, while possible to do with some algorithm, simply aren’t supported by any existing implementation. Usually for good reason. A good example of this that I’ve run into in the past is needing to initialize a hash algorithm with a specific state. There’s really not any reason to do this unless you’re trying to execute a length extension attack, and with the exception of HashPump (which was written specifically for that use case) I’m not aware of any library that supports it. I recently ran into this with problem with RSA.

Read more...

Bitfi’s Hardware Wallet is Terrible

It recently came to my attention that John McAfee has been advertising a cryptocurrency hardware wallet from a company called Bitfi, with the claim that it is “unhackable”. There’s even a $250,000 bounty to hack it. I do not have one of the actual devices in my possession, but from my review of the publicly available “source code” [PDF] and their private key calculator, my conclusion is that their product is most charitably described as a “footgun”.

Read more...

Storybits: Error Resistant Mnemonics

At DEFCON 22, Dan Kaminsky and I talked a little bit about something I built which he dubbed “Storybits”. Storybits can reversibly transform short strings of binary data into a series of words designed to produce a mental image. Order of the words does not matter, and many typos can be corrected automatically. I already had working code at the time of that talk, but since then it’s just been sitting around on my computer. People have been asking about it, so I put it up on GitHub, though it’s still a hacky prototype. I’ve thrown together a demo and written a bit about how it works.

Read more...

Forensic Bitcoin Cracking: As Easy as 1, 3, 7...

Since its release at DEFCON 23, I’ve done quite a bit of work on brainflayer. First, I added support for a few other brainwallet-like schemes and hex-encoded private keys. Then, in October, I integrated some code provided by Dr. Nicolas T. Courtois and Guangyan Song from UCL that sped up brainflayer by about 150%. With a subsequent optimization that yielded a further 65% speedup, it is now over four times faster than the initial release.

In January, I added specialized code for brute force private key search. While trying it out, I found something very interesting.

Read more...

Recreating Craig Wright’s Sartre File

By the time I had a look into Craig Wright’s blog post that seemed to imply that he is Satoshi, others had already pointed out that the signature was copied from a 2009 transaction. The contents of the “Sartre” file, however, were still a mystery. Dan Kaminsky had a blog post up analyzing the commands from CW’s post, but hadn’t been able to figure that bit out, so he asked me to have a look.

Read more...

HTTPS Subresource Validation Fail

In the spring of 2014, I found a bug in several browsers, including Epiphany, Xombrero, Opera Mini and Midori. They were loading subresources, such as scripts, from HTTPS servers without doing proper certificate validation. I tracked this down to some bad defaults in webkit which have since beenfixed.

Read more...

Why I’m Releasing a Brainwallet Cracker at DEFCON 23

On August 7th I will be giving a talk at DEF CON about cracking brainwallets. As part of that talk, I will be releasing a fast brainwallet cracker. I’m writing this post to provide a little insight as to why I’m giving away a tool that could be used to steal. I also hope that people who are currently using brainwallets will take notice and move to a more secure storage method.

Read more...