Hacker Newsnew | past | comments | ask | show | jobs | submit | MiWCryptohn's commentslogin

Hardly a waste of time. You haven't seen this for what it truly is; a waste of time is your cash sitting in a clearinghouse for days before going overseas. a waste of time is any value transaction that takes more than minutes on a global scale. A waste of time is when the authorities freeze your accounts and cancel your cards. Cryptocurrency solves these problems and more.


>You haven't seen this for what it truly is

Just... don't bother with me. I've been watching this since the first hype and you aren't anywhere near the first breathless comment I've read.


Doesn't work that way, bitcoin proof of work uses SHA256 twice, which is of limited value. It gives you a near collision to a double hash. It's burning energy for work.


One could make a case that the use of sha256 would drive down the cost of comodity ASICs, enabling a well resourced attacker to use mining hardware 'off-label' to find sha256 hash collisions. Same goes for scrypt, with the adoption of its use as a password store.


PFS doesn't provide any resistance against an active attacker; ie: one that can substitute any message between the client and server.

pFs provides resistance to previously passively recorded cipher texts being decrypted when the static secret key is disclosed. It does this by ensuring the session key exchange is protected by an ephemeral key; it is not possible to derive the session key from any static configuration, ie: rsa private key.

With the PFS ciphers, the static secret key provides server authentication; so you know your talking to the correct server or in this case FBI carnivore device. The mitm appliance can even support PFS between you and it so you wouldn't even know the difference!


Don't forget it's userspace equiv (strace is syscalls), ltrace. This tracks all lib calls made by process.

Under windows, strace is an SSL/TLS monitoring tool (also hella useful). It shows payloads passed to CryptoAPI/CNG libs so you can easily troubleshoot explicitly encrypted protocols like ldaps. Especially useful if you use client authenticated TLS where is is not possible to use a TLS mitm proxy to snoop the layer 7 data.


Shameless plug: if you want to trace Windows applications you can take a look at my company products SpyStudio[1] and Deviare[2]. Before downvoting me try them to see how powerful and unique they are in the Windows ecosystem.

VMware is using SpyStudio for creating and troubleshooting application virtualization packages, this is, for example, a twitter post from a VMware escalation engineer: https://twitter.com/DooDleWilk/status/428562701313662977

[1] http://www.nektra.com/products/spystudio-api-monitor/

[2] http://www.nektra.com/products/deviare-api-hook-windows/devi...


Thanks, it actually works quite well!


Agreed, neat stuff. I installed it on my windows workstation.


Good call on ltrace. I thought about writing about that one next.


Please do. I found this article very useful.


You can also track non-lib calls: http://stackoverflow.com/q/311840/309483


Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: