From Security Weekly WikiJump to navigationJump to search
, 18:39, 11 September 2008
[http://feeds.engadget.com/~r/weblogsinc/engadget/~3/387677950/ Secure RFID Technology?] - [PaulDotCom] - Continuing our discussion from last week, here is a story about a new technology from Verayo which aims to use PUF (Physical Unclonable Functions) to generate a random identifier. Truth? Fiction? Who knows, this is why testing the security of devices is so important. [http://www.verayo.com/technology.html Read more here]
[http://www.heise-online.co.uk/security/USB-stick-with-hardware-AES-encryption-has-been-cracked--/features/111194 Encryption is great!] - [Larry] - but bad implementations, and those that retrieve encrypted passwords are bad. We say all the time to use tried and try encryption algorithms, an this USB key manufacturer did just that. However, they added the ability for the password that is also used to access the device to be checked against a history of passwords. This function resides in memory, and brute force of the passwords can be conducted.