Bogus Security Technology: An Anti-5G USB Stick

The 5GBioShield sells for £339.60, and the description sounds like snake oil: …its website, which describes it as a USB key that "provides protection for your home and family, thanks to the wearable holographic nano-layer catalyser, which can be worn or placed near to a smartphone or any other electrical, radiation or EMF [electromagnetic field] emitting device". "Through a process… Continue reading Bogus Security Technology: An Anti-5G USB Stick

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Earlier this month, I made fun of a company called Crown Sterling, for…for…for being a company that deserves being made fun of. This morning, the company announced that they "decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer." Really. They did. This keylength is so small it has never been considered secure. It was… Continue reading Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

The Doghouse: Crown Sterling

A decade ago, the Doghouse was a regular feature in both my email newsletter Crypto-Gram and my blog. In it, I would call out particularly egregious — and amusing — examples of cryptographic "snake oil." I dropped it both because it stopped being fun and because almost everyone converged on standard cryptographic libraries, which meant standard non-snake-oil cryptography. But every… Continue reading The Doghouse: Crown Sterling

Unhackable Cryptography?

A recent article overhyped the release of EverCrypt, a cryptography library created using formal methods to prove security against specific attacks. The Quanta magazine article sets off a series of "snake-oil" alarm bells. The author’s Github README is more measured and accurate, and illustrates what a cool project this really is. But it’s not "hacker-proof cryptographic code."… Continue reading Unhackable Cryptography?