Skip to content

Archives

Links for 2016-03-25

  • Tahoe LAFS accidentally lose Bitcoin wallet with loads of donations in it, get it back

    But ECDSA private keys don’t trigger the same protective instincts that we’d apply to, say, a bar of gold. One sequence of 256 random bits looks just as worthless as any other. And the cold hard unforgeability of these keys means we can’t rely upon other humans to get our money back when we lose them. Plus, we have no experience at all with things that grow in value by four orders of magnitude, without any attention, in just three years. So we have a cryptocurrency-tool UX task in front of us: to avoid mistakes like the one we made, we must to either move these digital assets into solid-feeling physical containers, or retrain our perceptions to attach value to the key strings themselves.

    (tags: backups cryptography bitcoin cryptocurrency ecdsa private-keys ux money)

  • Visual Representation of SQL Joins

    useful bookmark to have (via Nelson)

    (tags: sql joins mysql reference database)

  • Interesting Lottery Terminal Hack – Schneier on Security

    Neat manual timing attack.

    An investigator for the Connecticut Lottery determined that terminal operators could slow down their lottery machines by requesting a number of database reports or by entering several requests for lottery game tickets. While those reports were being processed, the operator could enter sales for 5 Card Cash tickets. Before the tickets would print, however, the operator could see on a screen if the tickets were instant winners. If tickets were not winners, the operator could cancel the sale before the tickets printed.

    (tags: attacks security lottery connecticut kiosks)