CVE-2023-48795 describes a prefix truncation attack on the SSH (Secure Shell) protocol. The vulnerability is called Terrapin. Why Terrapin? Terrapin is a small North American turtle (shell, get it?). Reminds... Read more »
The post Prefix truncation MITM attack on SSH protocol — Terrapin appeared first on Babu Srinivasan's blog.
ChatGPT 3.5 is amazing, especially for a free product. We hear that ChatGPT can pass the bar exam, medical exam etc. — this is impressive. ChatGPT 3.5 can write code,... Read more »
The post ChatGPT 3.5 Code generation — Silly mistakes that even a junior programmer won’t make appeared first on Babu Srinivasan's blog.
I asked Bard "Explain LLVM". Bard said (in part) Imagine you have a program written in Python, but you want it to run on a device that only understands C... Read more »
The post ChatGPT 3.5 vs Bard — LLVM appeared first on Babu Srinivasan's blog.
Security is only as good as the weakest link. Example: You have installed a very strong lock on your front door. A potential intruder will look at the strong lock... Read more »
The post Crypto strength — pre and post quantum appeared first on Babu Srinivasan's blog.
A good friend of mine called me with this question: You work in computer security, right? I want to login to this website called xyz.com. Can anyone intercept my communications?... Read more »
The post Are your communications secure? — https, root-ca, pfs, doh, dnssec, esni, rpki, blah, blah appeared first on Babu Srinivasan's blog.
Rolling your own crypto is a bad idea — we should leave this to experts though even they get it wrong quite frequently. In general, one can safely use standard... Read more »
The post Doing crypto right is not easy appeared first on Babu Srinivasan's blog.
Web Assembly is a low level portable binary format (bytecode) for a stack-based virtual machine is a W3C web standard, that runs in a sandbox, on all major browsers runs... Read more »
The post Web Assembly in a browser and beyond — Crypto Example appeared first on Babu Srinivasan's blog.
Cryptographers and Security Researchers have a penchant for coming up with colorful acronyms and names which describe, in brief, the vulnerability or exposure. Some are them are BEAST, CRIME, ShellShock,... Read more »
The post 2017 Security Recap appeared first on Babu Srinivasan's blog.
One of the most important properties of a cryptographic hash function is that of “Strong collision-resistanceâ€, that is, it should be "computationally infeasible" to find distinct inputs x1, x2 such... Read more »
The post First SHA-1 collision, birthday paradox, should you rehash your will? appeared first on Babu Srinivasan's blog.
If you love functional programming and want to write *native* cross-platform mobile apps (Android, iOS and even Windows Phone) and you know F#, you are set. The company that made... Read more »
The post Cross Platform (Android, iOS) app in F# with Reactive Extensions appeared first on Babu Srinivasan's blog.