The new Sync protocol

(This wraps up a two-part series on recent changes in Firefox Sync, based on my presentation at RealWorldCrypto 2014. Part 1 was about problems we observed in the old Sync system. Part 2 is about the protocol which replaced it.)

Last time I described the user difficulties we observed with …

more…

Pairing Problems

(This begins a two-part series on upcoming changes in Firefox Sync, based on my presentation at RealWorldCrypto 2014. Part 1 is about problems we observed in the old system. Part 2 will be about the system which replaces it.)

In March of 2011, Sync made its debut in Firefox 4 …

more…

Remote Entropy

Can you safely deliver entropy to a remote system?

Running a system without enough entropy is like tolerating a toothache: something you'd really like to fix, but not quite bothersome enough to deal with.

low-entropy munin graph

I recently bought a Simtec EntropyKey to fix this locally: it's a little USB dongle with …

more…

phishing training

I stopped by the bank this morning to make a deposit. While fussing with the ATM machine, I was listening to a nearby bank employee making a phone call. His side of the conversation went like: "Hi, this is Bob from $YOURBANK. Your father just opened an account with us …

more…