Book Review: Hacking Secret Ciphers with Python

Hacking Secret Ciphers with Python is a free introductory textbook on cryptography, computer programming and the Python programming language written by Albert Sweigert, a software developer from San Francisco.  Hacking Secret Ciphers with Python is Sweigert's third book on Python, and the first that teaches the programming language through cryptography and traditional cryptographic protocols.

Published under a creative commons license, the work can be read for free online, downloaded as a .pdf or purchased from Amazon, with all proceeds going to the Electronic Frontier Foundation, Creative Commons and the Tor Project.  From the book's description:
“Hacking Secret Ciphers with Python” teaches complete beginners how to program in the Python programming language. The reader not only learns about several classical ciphers, but also how to write programs that encrypt and hack these ciphers. The full source code is given and explained line-by-line for ciphers such as the Caesar cipher, transposition cipher, simple substitution cipher, multiplicative & affine ciphers, Vigenere cipher, and hacking programs for each of these ciphers. The final chapters cover public key cryptography and the modern RSA cipher.
Clocking in at 416 pages, the book is broken down into 24 chapters covering virtually everything from the ancient Caesar Cipher to modern public key cryptography.  It thus provides a practical overview of the history of cryptography, while simultaneously introducing the reader to progressively more advanced aspects of the Python programming language. 

The book begins at the beginning, showing the reader first how to create rudimentary ciphers with paper and scissors.  It then gives a quick introduction on how to install Python, how to work with the interactive shell, and provides a quick overview of Python basics before jumping in to its first major coding chapter on the Reverse Cipher.  For each cipher covered in the book, it provides the Python code to run that cipher, followed by a chapter covering a second program that can be used to hack that cipher.  Python basics are covered in the analysis of the code used to create and then hack the given cipher.

Highly recommended for beginner to intermediate Python programmers who are interested in cryptography.  And since it is available free online, you can dive right in.
Posted by on No comments:
Labels: , , ,

Unplugged: The Key to Longer Laptop Battery Life

From Wired:
In order to squeeze as much life out of your lithium-polymer battery, once your laptop hits 100 percent, unplug it. In fact, you should unplug it before that.

Cadex Electronics CEO Isidor Buchmann told WIRED that ideally everyone would charge their batteries to 80 percent then let them drain to about 40 percent. This will prolong the life of your battery — in some cases by as much as four times. The reason is that each cell in a lithium-polymer battery is charged to a voltage level. The higher the charge percentage, the higher the voltage level. The more voltage a cell has to store, the more stress it’s put under. That stress leads to fewer discharge cycles. For example, Battery University states that a battery charged to 100 percent will have only 300-500 discharge cycles, while a battery charged to 70 percent will get 1,200-2,000 discharge cycles. 
Posted by on 1 comment:
Labels: ,

Is the GMail Model Legally a Wiretapping Scheme?

According to at least one court, it may well be.  From Wired:
A federal judge today found that Google may have breached federal and California wiretapping laws for machine-scanning Gmail messages as part of its business model to create user profiles and provide targeted advertising.

The decision by U.S. District Judge Lucy Koh was rendered in a proposed class-action alleging Google wiretaps Gmail as part of its business model. Google sought to have the federal case in California dismissed under a section of the Wiretap Act that authorizes email providers to intercept messages if the interception facilitated the message’s delivery or was incidental to the functioning of the service in general.
Posted by on No comments:
Labels: ,

Newsflash: Significant Percentage of Online Reviews Are By Paid Flacks

In case you hadn't realized already, a significant proportion of online opinion is nothing more than paid advertising.  Is there an app that detects bullshit?  From Market Watch:
On Monday, Attorney General Eric T. Schneiderman announced that 19 companies agreed to cease their practice of writing fake online reviews and pay hefty penalties for false advertising and deceptive business practices. Dubbed “Operation Clean Turf,” his investigation found that these businesses – ranging from bus companies to teeth whitening services — systematically tried to game the system by paying freelance writers from Philippines, Bangladesh and Eastern Europe between $1 to $10 per review. Schneiderman’s office cited a 2011 study by Michael Luca, assistant professor at Harvard Business School, which said a one-star rating hike on Yelp can mean a 5% to 9% rise in restaurant revenue. 

Posted by on No comments:
Labels:

Hacked Identity Theft Service Reveals Breaches of Numerous Consumer Data Aggregators

We're all up for sale online.  From Krebs on Security:
An identity theft service that sells Social Security numbers, birth records, credit and background reports on millions of Americans has infiltrated computers at some of America’s largest consumer and business data aggregators, according to a seven-month investigation by KrebsOnSecurity.

The Web site ssndob[dot]ms (hereafter referred to simply as SSNDOB) has for the past two years marketed itself on underground cybercrime forums as a reliable and affordable service that customers can use to look up SSNs, birthdays and other personal data on any U.S. resident. Prices range from 50 cents to $2.50 per record, and from $5 to $15 for credit and background checks. Customers pay for their subscriptions using largely unregulated and anonymous virtual currencies, such as Bitcoin and WebMoney. Until very recently, the source of the data sold by SSNDOB has remained a mystery. That mystery began to unravel in March 2013, when teenage hackers allegedly associated with the hacktivist group UGNazi showed just how deeply the service’s access went.
Posted by on 1 comment:
Labels: ,

Spain to Criminalize Linking

Coming off a recent proposal to tax sunlight, the government of Spain appears to be on a roll, and is poised to criminalize linking to allegedly infringing copyrighted content.  From ZDNet:
Spain is introducing tough new penalties for owners of websites that link to pirated versions of copyrighted material, after pressure from the US over its piracy record.
Under new legislation introduced as part of a wider reform of the country's penal code, owners of sites found to be making money from linking to pirated material will face prison sentences of up to six years and the closure of their site.


Posted by on No comments:
Labels: ,

Sophos: Firefox Voted Most Trustworthy Browser

What's your preferred browser?  A Sophos survey finds Firefox in the lead.  From Naked Security:


About a month ago I asked Naked Security readers Which web browser do you trust? Your answer was emphatic: it's Firefox.  I asked this question because trustworthiness has become an important selection criteria for web browsers and there is no objective test for it.

Modern web browsers are mature and complex products and, despite inflated version numbers and conspicuously busy release cycles, their feature sets evolve quite slowly.
Selecting the right web browser is no longer a question of what the software can do, it's about whether or not it can do the things we expect it to do quickly, securely and with due regard for our privacy.

Our poll offered readers the chance to vote for one of the six most popular web browsers -  Chrome, Firefox, Internet Explorer, Opera, Safari and Chromium - and asked which you trusted the most.
Image source: The Bandwidth Blog.
Posted by on No comments:
Labels:
Subscribe to: Posts (Atom)