Side Channel attacks

Last month I attended Cryptoday 2009 – a workshop on cryptography and security hosted by the Computer Science department of the Technion. Amongst the lectures there was one by Prof. Moni Naor of the Weizmann Institute that focused on the feasibility of, and defense from, certain kinds of attacks on security that circumnavigate traditional encryption by attempting to read information directly from the physical medium. Attacks which are known as “side-channel attacks”.

I’m mentioning this because the June issue of Scientific American Magazine published a really interesting article on the topic titled “How Hackers Can Steal Secrets from Reflections” which explains this kind of attack in a simple and interesting language. It’s a little far fetched, but well worth reading.

B.E.

Being Spammed as a way of meeting new friends.

I mentioned in my previous post that a certine site seems to be stealling content from my site. And not just mine, incidentally, I found two more victims:

http://mishalsoftwareprofessional.wordpress.com (Post:differences-between-software-development-and-software-engineering)
http://sriramchewsthefat.wordpress.com (post:/a-simple-logic-for-swapping-values-of-two-variables-without-using-temporary-variable-or-pointer)

Beyond being annoying and kinda pathetic, the problem that any blogger has with their posts being stolen is that it may result in lost readership from people who might have otherwies read to post in it’s proper place on the blog. So once I discovered that my posts are being stolen, I looked to see if there are any comments on them that “belong to me”.

While I’m happy to say that I didn’t find any real comments, I did find one spam comment about a money making scheme through Google. The whole thing wiffed of a scam from the get-go. I LOVE scams, and consider them some of humanity’s greatest work of fiction and innovation, so with a little screat throb in my heart, I clicked the link.

The scam itself was pretty basic, and a quick search for the guy’s name revealed a really neat site explaining the makeup of a scam page in detail, which was very interesting. But what caught my eye was the third link in the search result: a woman asking the guy from the scam page to stop spamming her. The synopsis was cute and witty, so I clicked on the link and discovered Clara Todd from Cambridge, UK,whose blog Anglodoodlge, managed to cram posts about the IPhone, a chicken coop, Poetry, and Bra sizes all in one page of posts. And make it funny, on top.

The kicker is, of course, that I would have never found Clara’s blog if we weren’t both (in a distant way) targets of the same spam. Seems to me there’s a new startup company here waiting for someone to start it: “Tell me who spams you and I’ll tell you who your friends are”. Could be the next big thing…

B.E.