Category Archives:

How to Design — And Defend Against — The Perfect Security Backdoor

Since BULLRUN became public last month, the security community has been examining security flaws discovered over the past several years, looking for signs of deliberate tampering. The Debian random number flaw was probably not deliberate, but the 2003 Linux security vulnerability probably was. The DUAL_EC_DRBG random number generator may or may not have been a backdoor. The SSL 2.0 flaw was probably an honest mistake. The GSM A5/1 encryption algorithm was almost certainly deliberately weakened. All the common RSA moduli out there in the wild: We don’t know. Microsoft’s _NSAKEY looks like a smoking gun, but honestly, we don’t know.


How to Identify CPU Processor Architecture on Linux

Multi-core processor architecture becomes increasingly popular nowadays. This trend is accelerated by the need for supporting multi-tenant hardware virtualization, high-performance computing applications, and Internet-scale workloads in data centers. As a server administrator and cloud architect, you must be aware of the CPU processor architecture of servers, so that server applications…