Skip to content

Security

I dabble with security and encryption topics. My PGP key (0DEF86C0 / A6C7 4E34 1054 A169 CE52 BE5F B65B FE54 0DEF 86C0) is available for secure communication. Here are some of the other projects that I've done:

Mac EFI firmware

Thunderstrike is the name for a class of Apple EFI firmware security vulnerabilities that allow malicious software or Thunderbolt devices to flash untrusted code to the boot ROM and propagate via shared devices. It was presented at 31C3. Read on for more info on Thunderstrike or Thunderstrike 2, a software-only extension.

Yubikey and OpenPGP card crypto-hardware tokens

Are you worried that you're not paranoid enough about your communications security and want to improve your OpSec? It is actually fairly easy to go "full-Snowden" with hardware storage of your PGP secret keys! The Yubico Yubikey-Neo and Neo-N USB tokens are a neat (and cheap) way to keep your keys locked in a hardware device rather than stored as a file on your harddrive. The hardware tokens are compatible with the OpenPGP card protocol, which recent versions of gnupg support out-of-the-box. All of the public-key cryptography happens inside the tamper-proof device, so your secret key is never decrypted in the memory nor stored on disk of your machine. Read on for the details...

Tamper Evident Glitter Nail Polish

One way to detect physical intrusion attempts on your mobile device is to use nail polish like Fuzzy Coat as a tamper-evident marker on the screws. Read on for more details...


List of pages



Last update: November 8, 2020