SEARCH RESULTS
 
Showing 1-10 of 15 records
 
Expand article

Hacking Mifare Transport Cards

2008-08-07 06:07:02 by schneier in Schneier on Security
 
...lousy and it has no choice but to hide it. Any competent cryptographer would have designed Mifare's security with an open and public design Secrecy is fragile. Mifare's security was based on the belief that no one would discover how it worked; that's why NXP had to muzzle the Dutch researchers. But that's just wrong. Reverse-engineering isn't...
 
Tags: mifare, design, design secrecy, mifare classic chip, secrecy, security, secrecy supports security, security properly, chip
 
 
 
 
Expand article

London Tube Smartcard Cracked

2008-03-14 07:27:18 by schneier in Schneier on Security
 
...lousy cryptography Details here . When will people learn not to invent their own crypto Note that this is the same card -- maybe a different version -- that was used in the Dutch transit system , and was hacked back in January. There's another hack of that system (press release here , and a video demo ), and many companies -- and government...
 
Tags: system, mifare system, dutch transit system, video demo, government agencies, version, press release, lousy cryptography, security vulnerabilities
 
 
 
 
Expand article

Why Do We Accept Signatures by Fax?

2008-05-29 01:00:00 by Bruce Schneier in Wired Security
 
...lousy verification procedures. They didn't notice any discrepancies in the fax. They didn't notice the phone number from which the fax was sent. They didn't call and verify that it was official. The jail was accustomed to getting release orders via fax, and just acted on this one without thinking. Would it have been any different had the...
 
Tags: fax, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document, document
 
 
 
 
Expand article

Fax Signatures

2008-06-03 07:01:20 by schneier in Schneier on Security
 
...lousy verification procedures. They didn't notice any discrepancies in the fax. They didn't notice the phone number from which the fax was sent. They didn't call and verify that it was official. The jail was accustomed to getting release orders via fax, and just acted on this one without thinking. Would it have been any different had the...
 
Tags: fax, fax signatures, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document
 
 
 
 
Expand article

Fax Signatures

2008-06-03 07:01:20 by schneier in Schneier on Security
 
...lousy verification procedures. They didn't notice any discrepancies in the fax. They didn't notice the phone number from which the fax was sent. They didn't call and verify that it was official. The jail was accustomed to getting release orders via fax, and just acted on this one without thinking. Would it have been any different had the...
 
Tags: fax, fax signatures, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document
 
 
 
 
Expand article

Framing Computers Under the DMCA

2008-06-09 06:47:47 by schneier in Schneier on Security
 
...lousy the MPAA/RIAA/etc tactics are by successfuly framing printers on their network. These printers, who can't download anything, received over 400 takedown notices : The researchers rigged the software agents to implicate three laserjet printers, which were then accused in takedown letters by the M.P.A.A. of downloading copies of Iron Man...
 
Tags: laserjet printers, printers, indiana jones film, takedown letters, researchers, takedown notices, mpaariaaetc tactics, software agents, network
 
 
 
 
Expand article

Framing Computers Under the DMCA

2008-06-09 06:47:47 by schneier in Schneier on Security
 
...lousy the MPAA/RIAA/etc. tactics are by successfuly framing printers on their network. These printers, which can't download anything, received over 400 takedown notices : The researchers rigged the software agents to implicate three laserjet printers, which were then accused in takedown letters by the M.P.A.A. of downloading copies of Iron...
 
Tags: laserjet printers, printers, indiana jones film, takedown letters, researchers, takedown notices, software agents, network, tactics
 
 
 
 
Expand article

Wait, you want me to do business with you again?

2008-07-22 14:59:25 by Doug Woodall in The Spyware Biz Blog
 
...lousy customer support that make you lose me as a customer clipped from www.informationweek.com Microsoft Admits Windows Vista Mistakes, Criticizes Apple Ads We broke a lot of things. We know that, and we know it caused you a lot of pain. It got customers thinking, hey, is Windows Vista a generation we want to get invested in? So Brad...
 
Tags: windows vista consumer, windows vista, windows vista mistakes, vista, lousy customer support, customer, lot, brad brooks, apple ads
 
 
 
 
Expand article

Black Hat wrap up - secure@microsoft, booth babes and bloggers

The Article has images
2008-08-08 14:46:21 by HASH0x8b3c45c in StillSecure, After All These Years
...lousy picture of the DJ booth at the party. If you can, notice the computers that the secure@microsoft.com DJs are using. Thats right they are Macs 2. A new low for booth babes What would a Shimel review of a trade show be without a booth babe rant. Hey I recognize it is Vegas and all, but EdgeOS went way over the line this year. A booth babe...
 
Tags: booth, black hat, booth babes, booth babe rant, black hat crowd, security bloggers network, network, security bloggers, booth babe
 
 
 
 
Expand article

The Stigma Enigma, Revisited

2008-08-27 14:58:56 by Christopher Boyd in SpywareGuide Greynets Blog
 
...lousy click They'll infect your machine, using whatever means necessary, and they won't stop -- EVER The "industry" has certainly cleaned up since then, but the insistence on wanting to cram a toolbar on every PC, ever, remains. I must admit to being kind of disturbed that none of these companies seemingly want to take "No" for an answer -...
 
Tags: toolbars imaginable, toolbars, forcibly, install, toolbar, applications, contrast bills experiences, companies, toolbar system