It’s not actually surprising that somebody would claim to be the creator of Bitcoin. Whoever “Satoshi Nakamoto” is, is worth several hundred million dollars. What is surprising is that credible people were backing Craig Wright’s increasingly bizarre claims. I could speculate why, or I could just ask. So I mailed Gavin Andresen, Chief Scientist of the Bitcoin Foundation, “What the […]
Q&A with Gen. Philip Breedlove
Julian E. Barnes, Wall Street Journal The Wall Street Journal sat down recently with Gen. Philip Breedlove, the top commander of U.S. and alliance forces in Europe, to discuss tensions with…
Validating Satoshi (Or Not)
SUMMARY: Yes, this is a scam. Not maybe. Not possibly. Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he […]
McCain Delivers His Own Foreign Policy Speech
Evelyn Rupert, The Hill Sen. John McCain (R-Ariz.) delivered his own wide-ranging foreign policy speech as he took the floor for the weekly GOP address. McCain bashed President Obama’s…
FY17 National Defense Authorization Act
Rep. Mac Thornberry, HASC WASHINGTON – Today, Chairman Thornberry released his proposal for H.R. 4909, the National Defense Authorization Act for Fiscal Year 2017. To view the bill text…
How to Report Your Performance Test Results Like a Pro
Performance tests try to reduce the risks of downtime or outages on multi-user systems by conducting experiments that use load to reveal limitations and errors in the system. Testing usually involves assessing the performance and capacity of systems th…
“The Feds Have Let The Cyber World Burn. Let’s Put the Fires Out.”
I’ve made some comments regarding Apple vs. the FBI at Wired.
I Might Be Afraid Of This Ghost
CVE-2015-7547 is not actually the first bug found in glibc’s DNS implementation. A few people have privately asked me how this particular flaw compares to last year’s issue, dubbed “Ghost” by its finders at Qualys. Well, here’s a list of what that flaw could not exploit: apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, […]
A Skeleton Key of Unknown Strength
TL;DR: The glibc DNS bug (CVE-2015-7547) is unusually bad. Even Shellshock and Heartbleed tended to affect things we knew were on the network and knew we had to defend. This affects a universally used library (glibc) at a universally used protocol (DNS). Generic tools that we didn’t even know had network surface (sudo) are thus […]