altjira July 16, 2010 8:11 PM

I thought FSB was about fun. I don’t like it when you sneak real learning in on me.

Clive Robinson July 18, 2010 9:57 PM

@ Bruce,

Further to my above,

Under the title,

“Proof that foreign nations plan cyberattacks on the power grid?”

The “Skating on Stilts” site has it’s own spin on the USB based attack that appears specificaly directed at Siemens SCADA systems,

Again like many of the “Perfect Citizen” articles it appears to be more tempest in a teacup than hard fact.

Clive Robinson July 18, 2010 11:12 PM

@ Bruce,

Off Topic

If you are at BlackHat this year you might want to pop in on a talk by Nate Lawson,

From what I understand (info is limited currently) he and Taylor Nelson have a nice little side channel attack against poorly implemented password systems.

Essentialy what they have done is measure the response time across the internet of a number of authentication systems (not sure if it’s TCP time stamp or not).

Due to a failing in the software design (stops at first incorrect char in a password) it is possible to enumerate the password…

Amongst others systems claimed vulnerable are some that implement the “OAuth” and “OpenID” standards…

A July 19, 2010 4:54 PM

I love how relaxed she is – most people seem to struggle a bit once they get on the TED stage. Also watch out for the talks by Hans Rosling.

pdf23ds July 19, 2010 6:17 PM

Hai Hai Hai everybody.

Is there a way to prove that some data hasn’t been modified since a specific date? Say I want to keep some logs that could prove me innocent on the slim chance that I ever get sued or something, but the logs are easy to fabricate so I want to easily prove they’re genuine. I could always hand over a hash of each days logs to some trusted third party, but is there some other way?

John Hardin July 20, 2010 12:07 PM

@pdf23ds: I sincerely doubt any method not involving an impartial third party would be accepted by anyone as “proof”.

Perhaps print out the logs and have each page notarized. A notary doesn’t need to know what they are notarizing. But, IANAL.

“Logs that prove you innocent”? Get a lawyer. Random internet strangers aren’t a good source for advice to keep you out of jail.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.