Archive for category security
Smart Card Readers for Mac OS X
Getting non-standard hardware to work is not that easy. The first thing you’ll do is searching the internet for devices reported to work flawlessly with Mac OS X. This came up on me when looking for compatible Smart Card Readers. This is just an example for this “finding the needle in the haystack”. Normally, also Apple provides no hints on working devices. But for Smart Card Readers I accidentally found a note in an Apple document which lists compatible readers for Mac OS X. I hope this blogpost lists up #1 on Google soon.
Compatible Smart Card Readers:
Mac OS X Tiger includes built-in support for many types of smart card readers.
Compatible smart card readers include:
* Any certified Chip Card Interface Device (CCID) USB class reader
* USB readers such as Athena, CryptoCard, GemPlus, and SCM
* PC Card readers such as CryptoCard, SCM, and OmniKey
* USB dongle readers such as OmniKey and GemPlus
Source: Apple Smart Card Setup Guide
Tags: smartcard, apple, usb reader, reader, compatible
Apple developers definitely have a sense of humor
from the system log:
[paper] On the security of Linux user passwords
This is a paper I wrote for one of my courses at university.
From the abstract:
In this paper we determine the security of user passwords on Linux
based operating systems. We have a look at the two basic security mech-
anisms passwords are created and stored using a reference Linux distri-
bution, locate common attack vectors and propose available countermea-
sures.
Extending the 4 primitives of cryptography
Dealing with all these new technologies like e-passport, the e-healt card, voting machines etc, I strongly encourage extending the 4 primitives of cryptography (and data security, from my point of view):
traditional primitives of cryptography:
- confidentiality
- authenticity
- integrity
- non-repudiation
proposal of an extension to the 4 primitives:
- privacy
- non-traceability
- non-linkability
literature on e-passports
As we are dealing with e-passports in one of our courses, we got to read some very interesting and quite shocking literarure.
I highly recommend everyone to read these ones:
1. The Evolution of RFID Security (take this as an introduction to RFID in general), link
2. Protection Profile for Machine Readable Travel Documents – Basic Access Control (BAC), link
3. Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control (EAC), link
4. E-Passport: The global Traceability or How to Feel Like an UPS Package (now it gets interesting), link
5. Security and Privacy Issues in E-Passport (personal favourite), link