Cloudflare releases an online tool to check if the BGP you are using (the ISP/AS) is safe or not based on the deployment of RPKI that we talked about in our BGP Security session. It is one of the core components within BGPsec, which is still not widely deployed. Check it out: https://isbgpsafeyet.com/

Another interesting post about one “interesting” AS: https://radar.qrator.net/blog/as263444-hitting-newsline-again

One more paper from Prof. Sharon Goldberg at the Boston University: https://queue.acm.org/detail.cfm?id=2668966

https://medium.com/cryptoblog/what-is-lattice-based-cryptography-why-should-you-care-dbf9957ab717

Above is a really high-level and gentle intro to Lattice crypto. We have never talked about Elliptic Curve in our class, let alone this Lattice monster. But, I hope you could spend 5 min to give the medium blog a read. You will see the “hard problems” we talked about for asymmetric crypto and why it is really hard to prove that those problems are actually hard. Yet, Lattice crypto takes a different approach and somehow it is post-quantum safe, as I have been told. You probably can guess now that some of the “hard problems” are not post-quantum safe, although RSA might still be secure if we use a 32GB private key…

Anyway, sorry for this long due post. Stay safe~

As promised, I have posted our first paper to read in the Syllabus. Please check it out. It has only 3 pages and was written by Ken Thompson! This paper might be the formal version of folklore at AT&T Bell Lab.

After Dennis Ritchie and Ken invented C and UNIX together, everyone else (e.g., Rob Pike, Brian Kernighan, Doug McIlroy, etc) started to use UNIX by having an account with a machine. But soon they realized that Dennis always hacked into their account easily. That is UNACCEPTABLE! They carefully inspected the UNIX source file and found a backdoor. They removed the backdoor and believed they nailed it. Then they found Dennis still could log into their accounts… The good/bad news was they could not find another backdoor within UNIX. The mystery was finally revealed by Dennis, who injected a backdoor from the C compiler when compiling UNIX. Yes, everyone used the same compiler Dennis wrote…

We will continue our trusted vs. trustworthy discussion by looking into different attacks. Meanwhile, stay tuned for the final assignment and projects.