Supplemental Resources and Links for Episode #177



Sending Episode Feedback
We normally remind our podcast listeners that feedback about our episodes, which we value highly, can be sent by visiting the page: grc.com/feedback. But amid all the news and content of this very special episode, I don't think that was said. So please accept this reminder in the event that you wish to . . . feed back. Thanks!

Resource links for Security Now! Episode #177:


Breaking SSL, PDP-8's
& UltraCapacitors
Bob Armstrong's PDP-8 Single Board Computer & optional Front Panel
THIS WILL BE THE LAST CHANCE EVER to obtain various kits to build a working PDP-8 computer — with optional fully functional front panel — and own a piece of history forever. If this is not your sort of thing, but you know someone who might be interested, please let them know. I would hate to have anyone miss out on this last chance to create one of these lovely systems:

SBC6120_Front_Panel
Photo of the first run of FP6120 front panels
for the SBC6120 single-board computer.

The SBC6120 single-board computer kits are made possible not only thanks to Bob Armstrong's peerless design work, but also by the extremely limited availability of the long-since-discontinued Harris HD6120 PDP-8 on-a-chip.

sbc6120-2c

SBC6120_Block_Diagram

Some PDP-8 references and resources: PLEASE NOTE the following important details:
EEStor and UltraCapacitors

EEStor_UltraCap

Breaking SSL by Spoofing a Certificate Authority

Tricking your browser into believing a FAKE SSL server certificate:

How to browse Windows' built-in root certificates

After recording this week's podcast (#177) I found a better way for users to browse and examine their root certificate store which does not require the use of the awkward user-interface of the Microsoft Management Console system:

You are now looking at a list of your system's Trusted Root Certificates:

TrustedCerts

You may find that the "Friendly Name" column provides a more useful and understandable name for the certificates. For example, “COMODO” is much more well known than “AAA Certificate Services”.

Double-click on any certificate listed to display its properties, then click the “Details” tab to view the certificate's properties:

EquifaxDetails

Above, we can see that the Equifax certificate, which has been exploited in the hacker's demonstration, is using the “md5RSA” Signature Algorithm. Fully secure certificates will ONLY be signed using the “sha1RSA” algorithm.



Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2016 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page

Last Edit: May 04, 2013 at 18:12 (1,515.18 days ago)Viewed 3 times per day