Microsoft has launched a site to document two decades of their research. I was excited to see how they depict the timeline and how it relates to security.
Yet even after 20 years of research it unfortunately for me just boiled down to an error message:
Perhaps moonlight will help, but seriously this is not a good sign for progress on the Internet.
There seems to be some kind of buzz around a story on water-bottles as a light source. The past couple days it’s been mentioned numerous times. The story I heard first was from Brazil. This video was posted May, 2008:
Then in 2009 or 2010 I heard about it in Africa. Apparently the new story is from Indonesia, in an advertisement.
It’s a great story of finding efficiencies on several levels. It reminds me of the large tubes of water in some high-end solar homes that connect to the roof and not only light a room but heat it as well. They are more than just sun tunnels but actual vertical columns of water that run floor to ceiling in a room and radiate energy. Of course I can’t find any images of one right now…need some buzz to get them to appear again. Maybe the water-bottles will help.
Impressive work by Brazilian scientists. They first noted that banana peels have elements useful in water filtration systems. So they made a filter from minced peel and measured the effect on river water, which showed a local solution from an abundant waste product can significantly reduce the risks from lead and copper.
Minced banana peel was applied in the preconcentration system and showed approximately 20-fold enrichment factor and the column was reused for 11 cycles without loss in the percentage of recovery. The proposed method was applied in the determination of Cu(II) and Pb(II) in a sample of raw river water and was validated by comparison with a standard reference material.
This reminds me of how an Ethiopian figured out how to wipe out the Rinderpest virus. Controls most successful are adaptable to human and environmental variation, not to mention inexpensive.
The method used to test and eliminate the virus had to be administered locally, which meant under uncontrolled environmental conditions by non-professionals.
Nice summary by Adam Langley
Thai Duong and Juliano Rizzo today demoed an attack against TLS 1.0’s use of cipher block chaining (CBC) in a browser environment. The authors contacted browser vendors several months ago about this and so, in order not to preempt their demo, I haven’t discussed any details until now.
Contrary to several press reports, Duong and Rizzo have not found, nor do they claim, any new flaws in TLS. They have shown a concrete proof of concept for a flaw in CBC that, sadly, has a long history. Early reports of the problem date back nearly ten years ago and Bard published two papers detailing the problem.
The problem has been fixed in TLS 1.1 and a workaround for SSL 3.0 and TLS 1.0 is known, so why is this still an issue?
Bottom line is that researchers have proven elements of a theoretical flaw in block ciphers (stream ciphers like RC4 are not affected) but their method is still more difficult to wage than other more common attacks.