Tag Archives: cybersecurity

From Facebook to Silent Circle, through the “metrics” Frama-C plug-in
Pascal Cuoq on 16 February 2013

From Facebook to Silent Circle Some computers at Facebook were recently compromised because of a zero-day in Java. Nothing unexpected. Last december instead of writing a full blog post I lazily linked to Robert Graham predicting this sort of thing for the year 2013. Speaking of Facebook do you know...

Read More

ENSL seminar
Pascal Cuoq on 1 February 2013

Seminar As anticipated, I was at my alma mater's student seminar last tuesday. School and seminar were very much like I remembered them. The latter was improved by orange juice and biscuits to chat around after the talk, that I do not think were part of the protocol when I...

Read More

Why verify zlib?
Pascal Cuoq on 14 January 2013

As an interlude in the zlib verification thread, this post asks two questions. Is there any chance of finding a bug in zlib, and does it matter? Could there be a bug in zlib? It is not entirely impossible. The previous post in this blog pointed to a relatively minor...

Read More

Software obsolescence and security
Pascal Cuoq on 31 December 2012

A couple of months ago, I packed a computer into a brown plastic bag of the kind usually used for trash. I then carried the carefully packed computer down to the basement. Physically, the computer still works. It is still beautiful (it is an iMac G4). It has been with...

Read More

December in Security
Pascal Cuoq on 30 December 2012

Robert Graham, of the blog Errata Security, predicts that “vulnerabilities in Acrobat Reader Adobe Flash and Java today […] will be announced and patched in 2013”. As fate would have it he could safely have included Internet Explorer 8 in his list of software products used by millions to process...

Read More