Andy_European · @Andy_European
1589 followers · 18201 posts · Server mastodon.online
Before his epic fall, Sam Bankman-Fried was hailed as a crypto genius. Some clients saw smoke and mirrors.
JJM_Digimedia · @JJM_Digimedia
20 followers · 115 posts · Server mas.to
https://www.vice.com/en/article/dy7epm/sam-bankman-fried-was-supposed-to-be-different-he-wasnt
I had totally missed that Bloomberg article mentioned here (https://www.bloomberg.com/news/articles/2022-04-25/sam-bankman-fried-described-yield-farming-and-left-matt-levine-stunned)
Basically SBF is talking about a combo of bootstrap + psyops + mass histeria (aka #FOMO), and of course #HODL (because the operation needs *sustained* energy input in order to survive).
#cryptotrading #cryptofail
#cryptofail #cryptotrading #hodl #fomo
Jens Finkhäuser 🌻 · @jens
994 followers · 6119 posts · Server social.finkhaeuser.deNobody wants to pay more than 7k for NFT of Jack Dorsey's first tweet.
Yellow Flag · @WPalant
651 followers · 2784 posts · Server infosec.exchangeWas pleasantly surprised today by https://bugzil.la/524403 being resolved. Only to see it immediately followed up by: "Script error. Ignore." So #Firefox still won't properly protect the database of locally stored passwords, and no plans change this it seems. #cryptofail
Yellow Flag · @WPalant
651 followers · 2784 posts · Server infosec.exchangeSo somebody built an "unhackable" USB stick that would only unlock with the right iris scan and password. And then a particular USB command makes the device produce the credentials needed to unlock it, as clear text? Fascinating... #cryptofail
Yellow Flag · @WPalant
651 followers · 2784 posts · Server infosec.exchangeDear @acebit, using AES-ECB is 𝘯𝘰𝘵 "Best possible encryption" - it's pretty broken encryption actually. Maybe you should change the way you describe #PasswordDepot? For reference: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB) 1/5
#passworddepot #infosec #cryptofail #passwords
Yellow Flag · @WPalant
651 followers · 2784 posts · Server infosec.exchangeHe didn't check how they derive the encryption key from your password, so I took a quick look. Apparently, #7zip uses PBKDF2-HMAC-SHA1 with 1000 iterations (hardcoded). In other words, even with the rest of it all implemented flawlessly you better choose a damn strong password if file encryption should be of any use.
Yellow Flag · @WPalant
651 followers · 2784 posts · Server infosec.exchangeMichal Stanek over at Twitter did a quick look at the crypto behind #7zip file encryption. Not entirely surprisingly, what he found wasn't pleasant: