update links
This commit is contained in:
parent
160b917066
commit
4e738bc3ff
4 changed files with 8 additions and 10 deletions
|
@ -10,7 +10,7 @@ title: Network
|
||||||
[Least Authority](https://leastauthority.com)
|
[Least Authority](https://leastauthority.com)
|
||||||
Least Authority is a Berlin-based group building technology that is open source and focused on allowing user freedom and privacy protection in online services. Robur has worked with Least Authority to make security audits of OCaml applications.
|
Least Authority is a Berlin-based group building technology that is open source and focused on allowing user freedom and privacy protection in online services. Robur has worked with Least Authority to make security audits of OCaml applications.
|
||||||
|
|
||||||
[MirageOS](https://mirage.io)<br />
|
[MirageOS](https://mirageos.org)<br />
|
||||||
MirageOS is a library operating system that constructs unikernels for secure and high-performing applications. Most Robur projects are designed to be compatible with MirageOS, as well as native operating systems, like Linux or FreeBSD. We work closely with the MirageOS community to help develop its ecosystem and increase the availability of secure applications offered within it.
|
MirageOS is a library operating system that constructs unikernels for secure and high-performing applications. Most Robur projects are designed to be compatible with MirageOS, as well as native operating systems, like Linux or FreeBSD. We work closely with the MirageOS community to help develop its ecosystem and increase the availability of secure applications offered within it.
|
||||||
|
|
||||||
[Nitrokey](https://nitrokey.com)<br />
|
[Nitrokey](https://nitrokey.com)<br />
|
||||||
|
|
|
@ -7,4 +7,4 @@ Twice a year the Robur team meet with others from the OCaml and MirageOS communi
|
||||||
We use these times to discuss and learn about new developments in the MirageOS ecosystem and meet in person about our Robur projects. And of course we have fun whilst we are at it!
|
We use these times to discuss and learn about new developments in the MirageOS ecosystem and meet in person about our Robur projects. And of course we have fun whilst we are at it!
|
||||||
|
|
||||||
|
|
||||||
The retreats are held in a hostel in the center of the city, which we wholly rent out for the period, with food provided. If you are interested in participating in the next retreat please [see the MirageOS site](http://retreat.mirage.io/) for more details and sign-up method.
|
The retreats are held in a hostel in the center of the city, which we wholly rent out for the period, with food provided. If you are interested in participating in the next retreat please [see the MirageOS site](http://retreat.mirageos.org/) for more details and sign-up method.
|
||||||
|
|
|
@ -20,7 +20,7 @@ The [Bitcoin Piñata](http://ownme.ipredator.se) is a transparent [bug bounty](h
|
||||||
|
|
||||||
Its open communication channels are HTTP and HTTPS, and a TLS client and TLS server endpoint, all written in [OCaml](/Our%20Work/Technology-Employed#OCaml). The cryptographic material for TLS is generated on startup in the Piñata and is supposed to never leave it. However, if an attacker manages to establish a mutually authenticated (using certificates) TLS channel, the private key to the bitcoin wallet is transmitted over this channel, and the attacker gains access to the bait (the bitcoins).
|
Its open communication channels are HTTP and HTTPS, and a TLS client and TLS server endpoint, all written in [OCaml](/Our%20Work/Technology-Employed#OCaml). The cryptographic material for TLS is generated on startup in the Piñata and is supposed to never leave it. However, if an attacker manages to establish a mutually authenticated (using certificates) TLS channel, the private key to the bitcoin wallet is transmitted over this channel, and the attacker gains access to the bait (the bitcoins).
|
||||||
|
|
||||||
The project was [launched](https://mirage.io/announcing-bitcoin-pinata) on February 10th 2015. At this time friends from the IPredator project lent us 10 bitcoins (back then worth ~2000 EUR) for the bait. By 2018 no one had successfully cracked the Piñata and the bitcoins, by this point worth ~200 000 EUR, were repurposed for other projects, however the project remains live, with a small amount of bitcoins in it, for anyone wishing to try to crack it.
|
The project was [launched](https://mirageos.org/announcing-bitcoin-pinata) on February 10th 2015. At this time friends from the IPredator project lent us 10 bitcoins (back then worth ~2000 EUR) for the bait. By 2018 no one had successfully cracked the Piñata and the bitcoins, by this point worth ~200 000 EUR, were repurposed for other projects, however the project remains live, with a small amount of bitcoins in it, for anyone wishing to try to crack it.
|
||||||
|
|
||||||
[Hannes Mehnert](/About%20Us/Team) and David Kaloper-Meršinjak designed the Bitcoin Piñata to attract security professionals to look into our [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) stack, developed purely in OCaml since early 2014.
|
[Hannes Mehnert](/About%20Us/Team) and David Kaloper-Meršinjak designed the Bitcoin Piñata to attract security professionals to look into our [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) stack, developed purely in OCaml since early 2014.
|
||||||
|
|
||||||
|
@ -39,10 +39,10 @@ The source code of the Piñata is [open source](https://github.com/mirleft/btc-p
|
||||||
|
|
||||||
Further links about the Bitcoin Piñata:
|
Further links about the Bitcoin Piñata:
|
||||||
|
|
||||||
- [Statistics after 5 months](https://mirage.io/blog/bitcoin-pinata-results)
|
- [Statistics after 5 months](https://mirageos.org/blog/bitcoin-pinata-results)
|
||||||
- [Post about whacking the pinata](https://somerandomidiot.com/blog/2018/04/17/whacking-the-bitcoin-pinata/)
|
- [Post about whacking the pinata](https://somerandomidiot.com/blog/2018/04/17/whacking-the-bitcoin-pinata/)
|
||||||
- [Evaluation 3 years later](https://hannes.nqsb.io/Posts/Pinata)
|
- [Evaluation 3 years later](https://hannes.robur.coop/Posts/Pinata)
|
||||||
- [Usenix security research paper on TLS stack](https://usenix15.nqsb.io)
|
- [Usenix security research paper on TLS stack](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -81,7 +81,7 @@ The Domain Name System is used like a phone book for the internet - it translate
|
||||||
|
|
||||||
On the one side, the authoritative server, which has delegated responsibility for a domain, provides that mapping information (i.e. that a certain IP is the right one for a certain domain), and on the other side a resolver provides the functionality to figure out which server to request for each query a client has.
|
On the one side, the authoritative server, which has delegated responsibility for a domain, provides that mapping information (i.e. that a certain IP is the right one for a certain domain), and on the other side a resolver provides the functionality to figure out which server to request for each query a client has.
|
||||||
|
|
||||||
Since 2017 we have developed DNS, server, resolver, and client as a spare-time project. They serve different purposes in our ecosystem: the server is used by domains such as nqsb.io and robur.coop as an authoritative server; we use a caching resolver for our bi-annual hack retreats in Marrakesh; and the client is used by any MirageOS unikernel that needs to resolve domain names.
|
Since 2017 we have developed DNS, server, resolver, and client as a spare-time project. They serve different purposes in our ecosystem: the server is used by domains such as robur.coop as an authoritative server; we use a caching resolver for our bi-annual hack retreats in Marrakesh; and the client is used by any MirageOS unikernel that needs to resolve domain names.
|
||||||
|
|
||||||
When developing this project we carefully considered which elements were strictly required and have ensured a minimal codebase, providing for better security and ease of use.
|
When developing this project we carefully considered which elements were strictly required and have ensured a minimal codebase, providing for better security and ease of use.
|
||||||
|
|
||||||
|
|
|
@ -28,9 +28,7 @@ Discusses the basic usage of DNS, including stub and recursive resolver, server;
|
||||||
|
|
||||||
[Engineering with Logic: Rigorous Test-Oracle Specification and Validation for TCP/IP and the Sockets API (JACM vol 66, January 2019)](https://dl.acm.org/citation.cfm?id=3243650), [full paper.](https://www.cl.cam.ac.uk/~pes20/Netsem/paper3.pdf) (Steve Bishop, Matthew Fairbairn, Hannes Mehnert, Michael Norrish, Tom Ridge, Peter Sewell, Michael Smith, Keith Wansbrough)
|
[Engineering with Logic: Rigorous Test-Oracle Specification and Validation for TCP/IP and the Sockets API (JACM vol 66, January 2019)](https://dl.acm.org/citation.cfm?id=3243650), [full paper.](https://www.cl.cam.ac.uk/~pes20/Netsem/paper3.pdf) (Steve Bishop, Matthew Fairbairn, Hannes Mehnert, Michael Norrish, Tom Ridge, Peter Sewell, Michael Smith, Keith Wansbrough)
|
||||||
|
|
||||||
[Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation (Usenix security 2015)](https://usenix15.nqsb.io), [video presentation](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak) (David Kaloper-Meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter Sewell)
|
[Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation (Usenix security 2015)](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak), [video presentation](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak) (David Kaloper-Meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter Sewell)
|
||||||
|
|
||||||
[Not-quite-so-broken TLS 1.3 Mechanized Conformance Checking - TLS 1.3 Ready or Not (TRON)](https://tron.nqsb.io), [workshop website](https://www.ndss-symposium.org/ndss2016/tron-workshop-programme/) (David Kaloper-Meršinjak and Hannes Mehnert)
|
|
||||||
|
|
||||||
|
|
||||||
# Martin Lucina
|
# Martin Lucina
|
||||||
|
|
Loading…
Reference in a new issue