Books that call out to me

Why does [this book]( call out to me? I’ve done so much logical security work in my professional career, but oftentimes the (perceived) simplicity of physical security systems seems so much more intriguing. Damn the $219 cost of the book: Locks, Safes and Security: An International Police Reference. I’ve had my eye on it for quite a while, and will order it one of these days.

SHA-1 Broken

Bruce Schneier posts that SHA-1 has been broken:

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their results:

  • collisions in the the full SHA-1 in 2**69 hash operations, much less than the brute-force attack of 2**80 operations based on the hash length.
  • collisions in SHA-0 in 2**39 operations.
  • collisions in 58-round SHA-1 in 2**33 operations.

installing anti-virus software

This document serves to remind me later what steps I took to get anti-virus software up and running on my FreeBSD 4.9-RELEASE-p1 system. I'm using the stock sendmail 8.12.9 that comes with FreeBSD 4.9-RELEASE (by my count it's at roughly patchlevel 2..) I also plan to only use one copy of the MTA rather than the more popular (but more resource intensive) dual-MTA setup. I'll be setting this up only with anti-virus at first, then adding SpamAssassin hooks later on. NOTE: This document is a work in progress and is not yet completed.

Continue reading “installing anti-virus software”