Parsia's Den

Because no one wants to be the other guy from Wham!

Nov 17, 2013 - 2 minute read - Comments - Crypto

How do I TLS Ciphersuite?

“Should we use RC4 or AES-CBC ?” This is a legitimate question. Many have heard of the highly publicized attacks against AES-CBC (CRIME, BEAST etc) and lean towards RC4. If asked (granted no one asks me), my answer would be: If you can control web servers (not feasible in all situations) and users’ browsers (almost impossible), upgrade to TLS 1.2 and go with AES-GCM. However, not many browsers supported these and to be honest, more users trumps loss of security in many cases.

Sep 29, 2013 - 1 minute read - Comments - Reverse Engineering

Microsoft Bluehat Challenges

Microsoft has released their Bluehat challenges. You answer the challenge, send it out and if correct they will send the next level (at least that is what they say). There are three categories: Reverse Engineering, Web and Vulnerabilities. The first Reverse Engineering challenge was quite easy. But it was level 1 and I do not expect anti-debugging techniques. Let’s see about the next level. Anyway, Enjoy. Linkie.

Sep 23, 2013 - 1 minute read - Comments - Sci-Fi

Snow Crash and Malware

So I finished “Snow Crash” and it was quite nice. The concept of linguistic malware was interesting and ahead of its time. I noticed that the term “Virus” was used correctly in the book as the malware was not propagating between people (then it would become a worm). Although I suspect it was due to the fact that most people (read almost everyone) calls any malware a “virus”. Nevertheless, it was a very enjoyable read.

Sep 20, 2013 - 1 minute read - Comments - Octopress Not Security

Update Inc

So, I transferred my domain from my last provider, it has not taken effect yet. Also, I need to start populating the website with relevant stuff. Hang on, I will be back soon ™!

Sep 15, 2013 - 1 minute read - Comments - Octopress Not Security

MarkDown and Cookie Clicker

Markdown looks like an easy-ish language to start (probably not so easy to master of course). Although compared to writing LaTeX source, it is a breeze. During my last year at JHU I started writing the reports and what not directly into LaTeX, I think using MarkDown for blogging and MS Office at work is going to take away my old skills. On a side note, I am now up to around 500 million cookies per second (CpS) in Cookie Clicker.

Sep 14, 2013 - 1 minute read - Comments - Octopress Not Security

Hello Octopress

** Octopress is here ** To be honest setting it up took a while (I had this feeling that I should set it up on my host but well let’s say I am a n00b and am allowed to make mistakes) :D Now I have to learn markdown which is probably a good thing, unless I can write blog posts in different formats. Note to self: search to see if we can write blogs in LaTeX.