Lawrence’s List 070116

Lawrence Hoffman //

ADVISORY: The techniques and tools referenced within this blog post may be outdated and do not apply to current situations. However, there is still potential for this blog entry to be used as an opportunity to learn and to possibly update or integrate into modern tools and techniques.

Lawrence Hoffman

As I previously mentioned I’m on vacation this week and next. As I like to go for long cross-country drives I’ve not had much time to keep up with the news. Just to be sure we don’t break pace I’m still trying to talk a little about the things I did get a chance to read.

I love to see articles about fuzzing techniques. I found this article about windows font fuzzing an interesting read on my phone one night at a campground.

http://googleprojectzero.blogspot.com/2016/06/a-year-of-windows-kernel-font-fuzzing-1_27.html

We’ve heard the stories of NSA backdooring a random number generator which was subsequently used by RSA in at least one of their more popular packages. This is an article sent over to me by Sally @sallyvdv. I really enjoyed reading this paper, though some of the mathematics involved may put some people off.

https://eprint.iacr.org/2016/644.pdf

There’ll be another super short one next week, and then a return to full length reviews the week following.