Skip to content

Category Archives: Security

This is a catch all subject on the Internet, and it is my main topic of interest right now.

Can your GINA do this ? (running any process on the secure desktop)

I get asked a lot of questions about my custom Gina. Most of them come from people who want to write a custom Gina themselves to do … whatever. A custom Gina runs in Winlogon’s process. It runs under the SYSTEM account, in the TCB… In short it can do pretty much anything. But some […]

Ne jouez pas avec un CAPTCHA sans la surveillance d’un expert

Je suis tombé sur cette implémentation d’un CAPTCHA. Je déteste les CAPTCHA. C’est comme de la mauvaise crypto. Fondamentalement, le CAPTCHA ne fonctionne pas. La tâche d’analyse (le test de Turing) est complexe juste parce que personne ne s’est encore donné la peine d’écrire le code pour réussir. C’est aussi vrai pour la crypto classique, […]

Full disk encryption single sing-on and secure backup

I have a been a TrueCrypt user since version 4.0. I used to have an half-baked solution of TrueCrypt, EFS with SYSKEY option 2 (password). When full disk encryption was introduced, I finally got a laptop encryption scheme that I like. It features : Strong cryptography Thank TrueCrypt for 256 bits AES in XTS mode. […]