In December, a team of hackers took the time to implement a full exploit of SSL certificates signed with a broken hash function (MD5). The paper is entitled MD5 Considered Harmful Today (a charming reference to the classic MD5 Considered Harmful Someday. This piece of news has been in my “to-blog” queue for the betterContinue reading “First major public exploitation of a compare-by-hash based system”
Yo! Forget not! The next FAST (USENIX File systems And Storage Technologies) conference is coming up February 24 – 27: http://www.usenix.org/events/fast09/ The best part: It’s in downtown San Francisco! Compare and contrast with the location of the last two FAST conferences in “downtown” San Jose. I have several personal reasons for attending. First, it’s onlyContinue reading “FAST ’09”
Back when I worked at Sun, I used to listen starry-eyed at the knees of senior engineers while they told their tales of debugging silent data corruption. They were really good stories – hardware with obscure manufacturing defects that didn’t show up until really optimized code ran on the chip, rogue SCSI drivers overwriting blocksContinue reading “HOWTO debug silent data corruption”
I have removed this post at the request of another person.
No one ever believes me that I get harassed on the street on a regular basis. It’s pretty much a guarantee that whenever I walk more than about 5 blocks in a city, I’m going to get at least one cat call, “solicitation,” or threat. When I tell people about this, they look shocked andContinue reading “Sex(ual harassment) in the City”
At long last, I’ve written and published the “compare-by-hash for programmers” article everyone’s always been asking for. You can read it chopped into 17 pieces and partially obscured by floating ads here: http://www.linuxworld.com/news/2007/111207-hash.html (My editor says: Please please complain about this! No one believes me when I say this is bad!) Or you can readContinue reading “The code monkey’s guide to cryptographic hashes for content-based addressing”