Avec le développement de l’informatique et des technos sans fil au sein de l’automobile, on voit de plus en plus de hackers s’essayer au poutrage d’automobile… C’est inévitable et il est essentiel que les constructeurs mettent le paquet sur la sécurité et les mises à jour de leurs véhicules. En attendant, la société PT&C|LWG , > Lire la suite
A security gap on the most popular smartphone operating system was discovered by security experts in a lab and is so far not widely exploited. It would let malicious code take over a phone instantly.
I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
This can not be stressed strongly enough. There is never a case when RAID5 is the best choice, ever . There are cases where RAID0 is mathematically proven more reliable than RAID5 . RAID5 should never be used for anything where you value keeping your data. I am not exaggerating when I say that very often, your data is safer on a single hard drive than it is on a RAID5 array. Please let that sink in.
The problem is that once a drive fails, during the rebuild, if any of the surviving drives experience an unrecoverable read error (URE), the entire array will fail. On consumer-grade SATA drives that have a URE rate of 1 in 10^14, that means if the data on the surviving drives totals 12TB, the probability of the array failing rebuild is close to 100%. Enterprise SAS drives are typically rated 1 URE in 10^15, so you improve your chances ten-fold. Still an avoidable risk.
RAID6 suffers from the same fundamental flaw as RAID5, but the probability of complete array failure is pushed back one level, making RAID6 with enterprise SAS drives possibly acceptable in some cases, for now (until hard drive capacities get larger).
The Gostcrypt project has been launched at the end of 2013 as fork of the (late) Truecrypt project. Snowden’s leaks have made clear more than ever that the massive use of encryption by citizens must become a reality. This is possible only if there is a vast, rich offer of trusted, open source products like Truecrypt, with the strong support of the hacker community. However, at that time we did not foresee the unprecedented upheaval of terrible shock with the recent Truecrypt disappearance. More than ever we all need more and more projects to replace it. Gostcrypt is one among (we hope) many others. The variety and richness of encryption solutions is THE solution.
But with Gostcrypt, we intend to go farther than ever. Since the late 70s, most of the algorithms used (not to say all) are UKUSA encryption systems that have been chosen, promoted and standardized under the control of the USA and its minions. It is more than likely that among the different levels of control, mathematical trapdoors are part of the game. We thus decided to used strong encryption systems (as far as we know and despite a few recent “manipulation papers” that have nothing to do with science and which are mistaken operational security with fantasy and which have been rejected recently again as non valid [Babenko & Maro, 2014]) which moreover were not invasive as UKUSA ciphers are (mostly AES) by now. The Gost cipher and hash functions are not everywhere, have not invaded our systems and have been designed by the former USSR for its own need. Aside the fact that it is indeed a very strong cipher (when correctly implemented and a suitable key management), this feature of non-aggressive technological expansion is a key point. GOST algorithms have never sought to spread and to impose on anyone. It has even been rejected from the ISO standardization process in 2012 as a consequence of fallacious, non-reproducible allegations of weakness.
Whatever may be the quality and features of a security project, it can be valid in the long run with trust only. Trust is only possible with open source code and above all with the active support of the hacking community, which will analyze the security, report bugs, make comments and contribute to the project. So welcome on board to everybody.