Knot DNS 2.1 introduced support for DNSSEC signing using PKCS #11. PKCS #11 (also called Cryptoki) is a standard interface to access various Hardware Security Modules (HSM). Such devices are usually used to improve protection of private key material. The interface is rather flexible and gives the HSM vendors huge amount of freedom, which unfortunately makes its use a bit tricky. There are often surprising differences between individual implementations.
Turris Omnia campaign enters a new phase
It is hard to believe, but it is almost half a year since the Omnia campaign started on Indiegogo. In that time, much has changed. Most importantly, we now know that there is a place on the market for a high-end open-source router – we have one million US dollars to prove it :).
The most significant attacks addressed by security teams in the Danube region
On March 15, 2016, the concluding conference of the project “Cyber security in the Danube region” (CS Danube) took place. The main objective of the project joined by representatives of security teams and organizations from Croatia, Austria, Slovakia, Serbia and Moldova, as well as our team CSIRT.CZ, was to strengthen the capacity of individual teams and cooperation in cyber security.
Turris Omnia and openSUSE
About two weeks ago I was on the annual openSUSE Board face to face meeting. It was great and you can read reports of what was going on in there on openSUSE project mailing list. In this post I would like to focus on my other agenda I had while coming to Nuremberg. Nuremberg is among other things SUSE HQ and therefore there is a high concentration of skilled engineers and I wanted to take an advantage of that…
Extracting and distributing information on incidents, or what is PROKI
In the last blogpost, I promised to write something about our new project PROKI. PROKI is the abbreviation of the Czech phrase for ‘prediction and protection against cyber incidents’ and in this project, our team set two goals for itself.
The hottest gadget on Indiegogo is… a router?
The title, which I took the liberty to borrow from the German site MacLife.de, quite nicely captures the pleasant surprise we experienced during the campaign for Turris Omnia. I admit that the amount of collected money came as a bit of a surprise even to us. Just by the way, in our guessing competition among the team members, the most daring guess was USD 560 thousand, almost USD 300 thousand less than was eventually collected. We perceived this campaign only as a test, whether there is any interest in the market. And now we know there is, especially when we remind ourselves that certainly not everyone would contribute to the crowdfunding. Sending money to some of such campaigns means that the person prefers a pig in a poke to the bird in the hand. It already happened many times that a promising-looking project simply wasn’t finished or that the result didn’t live up to the original promises. Another problem is that businesses do not usually purchase through such campaigns, as it is not simple for them in terms of accounting. This also makes the collected amount a great promise for future.
Turris Omnia crowdfunding campaign in figures and images
A crowdfunding campaign for the Turris Omnia router on the portal Indiegogo.com ended after two months collecting 858 thousand dollars, which exceeded the original goal more than eight times. In this post, we’ll look closer at the progress of the campaign with the help of charts and tables.
CSIRT teams in 2015
Among CSIRT/CERT teams in Europe and around the world, the Czech Republic is known for a relatively high number of officially established security teams. Operating mainly within Europe, there is the GÉANT organization, which promotes the development and creation of new security teams through its long-established service Trusted Introducer. It is an initiative that aims to facilitate building of trust between security teams of educational and research institutions, operators, providers and government institutions that, within their address space, deal with security incidents, such as botnets, spam, phishing, open resolvers or more sophisticated incidents . Each team faces very similar, if not identical problems and therefore sharing of experience should be taking place to streamline their work. Withholding important information in this environment, on the other hand, does not usually bring any competitive advantage.
Metal or not metal? That is the question!
This Hamletesque question has haunted our team in connection with Omnia for a few months. Turris Omnia was introduced as a home router in a nicely shaped plastic case and for a long time we did not even think of other options. 5 GHz Wi-Fi connection was intended to be provided by three outside antennas and the “older” Wi-Fi at the 2.4 GHz frequency was supposed to be broadcast, sort of obligatorily, with two internal antennas, more or less for backwards compatibility with older devices.
Will mojeID become the national electronic identity? You can now use it to login to the European Comission services
The end of September marked the ending of one of the so-called large-scale pilot projects of the European Commission – the STORK 2.0 (Secure idenTity acrOss boRders linKed 2.0) project, whose aim was to try out in practice the possibilities of cross-border recognition of electronic identities, which is something that should be compulsorily introduced since September 2018 in accordance with the eIDAS Regulation. For the Czech Republic, the realization of this project involved the Ministry of the Interior and CZ.NIC with its mojeID service, which has been chosen as the national identity (Czech only).