SEARCH RESULTS
 
Showing 1-10 of 28 records
 
Expand article

NSA Backdoors in Crypto AG Ciphering Machines

2008-01-11 06:51:20 by schneier in Schneier on Security
 
This story made the rounds in European newspapers some years ago -- mostly stories in German, if I remember -- but it wasn't covered much here in the U.S. For half a century, Crypto AG, a Swiss company located in Zug, has sold to more than 100 countries the encryption machines their officials rely upon to exchange their most sensitive economic,...
 
Tags: crypto, machines, company, swiss company, company web site, century, 20th century version, military messages, countries
 
 
 
 
Expand article

What do the Cold Boot Crypto Attack, DVD Players, and MiFare tell us about the Future of Biometrics?

2008-03-26 00:16:43 by Erik T. Heidt in Art of Information Security
 
Last week Slashdot pointed me to an interesting article in The Standard Understanding anonymity and the need for biometrics In fact, I found the article to be rather upsetting. Not because of the articles thesis that strong authentication through a national ID program would not necessarily pose a threat to privacy; but rather, because of their...
 
Tags: biometric authentication, biometric authentication infrastructure, biometric authentication challenge, tamper-proof biometric authentication, authentication, authentication device, mifare, tamper, biometrics
 
 
 
 
Expand article

RSA Crypto Panel: Martin Hellman on 0.01% Events

The Article has images
2008-04-10 00:04:00 by jrjones in Jeff Jones Security Blog
In the past, I haven't always stayed to hear the Crypto panel, but based upon the excellent one this year, I'll definitely include it in my plans going forward. If you want to hear an overview of what they all said, I can recommend Robert Vamosi's story Cryptographers speak of threats, voting, and Blu-Ray rumors I want to highlight the points...
 
Tags: probability, low probability events, hellman, martin hellman, low, martin, security, events, non-security folks
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
Hi folks, Eric Bidstrup here We interrupt our regular schedule of blog postings to offer this special post for Super Tuesday given the subject matter. Hope you enjoy This year is a presidential election year in the United States. Selecting a new president is perhaps the ultimate example of the importance of having a trustworthy election process....
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

RSA Day 2: Wednesday with JJ & the Engima

The Article has images
2008-04-14 01:35:30 by JJ in Security Uncorked
RSA Conference, San Francisco Day 2: Wednesday, April 9th I know, I know- its late- but better late than never, right I really tried my best to take photos as much as possible. A quick note on the photography- because of the size of the rooms, it didnt make sense to have the flash on, unfortunately it slowed the shutter speed, making some images...
 
Tags: security, inherent security risk, day, security bloggers party, dry session, session, enigma, enigma machines, fathers session
 
 
 
 
Expand article

7 Seminal Security Books Every Security Wannabe Should Read

The Article has images
2008-03-17 17:49:28 by Craig Balding in Security Wannabe
Today, there are more IT security books in the shops than ever before. But what IT Security books can make a real difference to an aspiring Security Wannabe? These are my Seminal 7 Photo Credit: tanakawho The Cuckoos Egg: Tracking a Spy Through the Maze of Computer Espionage The book that ignited my passion for IT security. Clifford Stoll...
 
Tags: books, security books, software, software security assessment, security, thick books, security wannabe, software vulnerability research, software security
 
 
 
 
Expand article

More On The Debian OpenSSL Blunder

The Article has images
2008-05-18 13:17:44 by Editor in Cheap Hack
From the Tales From The Crypto blog comes a new perspective on the Debian OpenSSL bug that I'm surprised I hadn't seen before. (This is a fun blog and I highly recommend it. And yes, I'm ripping off his use of the image below As Debian revealed in their disclosure, the bug was created because they removed a line of code based on a warning from...
 
Tags: debian, openssl, debian openssl bug, bug, code, code based, microsoft, microsoft crypto api, random factor
 
 
 
 
Expand article

Ironkey High Security Flash Drive: Use and Review

2008-07-07 00:48:42 by Editor in Irongeek's Security Site
 
New Video: Ironkey High Security Flash Drive: Use and Review The Ironkey is a high security thumb drive designed to provide strong AES encryption, tamper resistance and other security services. Id seen the Ironkey advertised quite a bit, and even read about its crypto systems and ruggedness, but was left wondering about how it works in...
 
Tags: ironkey, drive, security flash drive, security thumb drive, 1gb ironkey personal, video, crypto, crypto systems, secure sessions
 
 
 
 
Expand article

How effective is the wisdom of crowds as a security mechanism?

2007-12-21 15:26:10 by Tyler Moore in Light Blue Touchpaper
 
Over the past year, Richard Clayton and I have been tracking phishing websites . For this work, we are indebted to PhishTank , a website where dedicated volunteers submit URLs from suspected phishing websites and vote on whether the submissions are valid. The idea behind PhishTank is to bring together the expertise and enthusiasm of people...
 
Tags: phishtank, phishtank compare, leaves phishtank, users, phishtanks users, vote maliciously, vote, active users, urls