Monthly Archives: December 2008

Exploiting MD5 collisions and Creating Fake CA certificates.

It’s been a while, MD5 has been known for its several weaknesses and multiple proven attack scenarios showing how it can be compromised – For those known reasons, a lot of us try our best to stay away from using MD5. Last week at the Chaos Communication Congress Conference – Berlin a bunch of researchers disclosed this eye-raising MD5 collision… Read more »

Filthy' Rich JavaFX :-)

      No Comments on Filthy' Rich JavaFX :-)

I had my chance to play with JavaFX and its samples.  Wow ! unbelievably cool stuff and JavaFX raises the bar for other RIA API tools.  In my experience, JavaFX eats AJAX and other RIA scrApting tools for lunch ! JavaFX offers an easy to understand declarative API for building RIA applications that can include Media, Graphics, XML Web Services… Read more »

..it's snow time !

      No Comments on ..it's snow time !

Another winter storm hit us yesterday… this time we had up to 12″ of snow – My back hurts after blowing and shoveling up my huge driveway.  This week supposed to be the most busiest Christmas shopping day, but this storm may put another dent on already slagging retail sales !

NSA probes into Microsoft .NET framework :-)

      No Comments on NSA probes into Microsoft .NET framework :-)

Few weeks ago, I picked this document from one of my crazy mailing list subscriptions – Surprising to note an email, that featured an NSA UNCLASSIFIED document that digs deep into Security features of Microsoft .NET Framework ( versions 1.0, 1.1 and 2.0).  The document is a bit dated and it did’nt highlight the latest security features of .NET version… Read more »

Match-to-SmartCard PKI and Biometric authentication.

A picture is worth a thousand words. This picture is intended for a friend of mine (a doubting Thomas), who did’nt believe my latest work on enabling a multi-factor authentication based “Web SSO” that uses on-card credentials (PIN + PKI + Biometrics) using PIV card. This solution is currently tested to run Sun OpenSSO Enterprise 8 (running on Glassfish v2),… Read more »

Biometric Smartcards for Fishermen Identification @India

Biometric smartcards are made compulsory for sea-going fishermen from January 1, 2009, who reside in the Mangalore coast of Karnataka (India). It is very surprising to note this initiative from a local government organization steps up to enhance security and enforcing stronger access control – very pro-active move ! Here is the Story – Biometric attendance system at New Mangalore… Read more »