Squid car….  Read More →

Interesting: Who are these certificate authorities? At the beginning of Web history, there were only a handful of companies, like Verisign, Equifax, and Thawte, that made near-monopoly profits from being the only providers trusted by Internet Explorer or Netscape Navigator. But over time, browsers have trusted more and more organizations to verify Web sites. Safari and Firefox now trust more…  Read More →

I wanted to help put some of you in the mindset of a DoD person when reading recent news, namely Defense official discloses cyberattack and Pentagon considers preemptive strikes as part of cyber-defense strategy , both by Washington Post reporter Ellen Nakashima. I’ll assume you read both articles and the references. Deputy Defense Secretary Lynn’s article (covered by the first Post story) is significant, perhaps for reasons that... 

A creepy caricature of Google CEO Eric Schmidt drives an ice cream truck in this video produced by a consumer group targeting the search giant for its data collection practices. The video is part of a lobbying effort by Consumer Watchdog to get the government to create a so-called “Do Not Track Me” list “to prevent online companies from gathering our personal information , just as Congress had the Federal Trade Commission create... 

A phone-hacking scheme involving British royals and reporters working for one of Rupert Murdoch’s tabloid newspapers went far beyond what was previously disclosed and prosecuted, according to The New York Times . Andy Coulson, currently media advisor to British Prime Minister David Cameron, is accused of having encouraged the hacking during his tenure as editor of Murdoch’s News of the World paper. According to the N.Y. Times , reporters... 

Amazon.com just posted my five star review of Hacking Exposed: Wireless, 2nd Ed by Johnny Cache, Joshua Wright and Vincent Liu. From the review : I reviewed the first edition of Hacking Exposed: Wireless (HEW) in May 2007, and offered four stars. Three years later I can confidently say that Hacking Exposed: Wireless, 2nd Ed (HEW2) is a solid five star…  Read More →

Clever: Quantum cryptography is often touted as being perfectly secure. It is based on the principle that you cannot make measurements of a quantum system without disturbing it. So, in theory, it is impossible for an eavesdropper to intercept a quantum encryption key without disrupting it in a noticeable way, triggering alarm bells. Vadim Makarov at the Norwegian University of…  Read More →

This is beyond stupid: The Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions such as knocking out parts of an adversary’s computer network overseas—but it is still wrestling with how to pursue the strategy legally. The department is developing a range of weapons capabilities, including tools that would allow “attack and exploitation of…  Read More →

As part of NIST’s SHA-3 selection process, people have been implementing the candidate hash functions on a variety of hardware and software platforms. Our team has implemented Skein in Intel’s 32 nm ASIC process, and got some impressive performance results (presentation and paper). Several other groups have implemented Skein in FPGA and ASIC, and have seen significantly poorer performance. We…  Read More →

A civilian defense attorney hired recently by alleged WikiLeaks leaker Bradley Manning says the Army was so concerned about his client’s mental health prior to the alleged leaks that supervisors removed the bolt from his military weapon, disabling it. Attorney David Coombs told CNN, however, that other than sending Manning to a chaplain for counseling, the Army did little to address its concerns about him . “The unit has in fact... 

Skein is my new hash function. Well, “my” is an overstatement; I’m one of the eight designers. It was submitted to NIST for their SHA-3 competition, and one of the 14 algorithms selected to advance to the second round. Here’s the Skein paper; source code is here. The Skein website is here. Last week was the Second SHA-3 Candidate Conference….  Read More →

Rich is off dealing with the joy of fatherhood (again), leaving Martin and Zach to rope Mike Rothman into the podcast for a few weeks. Our news stories are pretty short tonight, thanks to an interview with the one-and-only Jennifer Granick of the Electronic Frontier Foundation . Martin discusses GPS tracking, the DMCA, and more with Jennifer. We’d also like to welcome Rich and Sharon’s new baby girl… -> Network Security Podcast,... 

By Duncan Geere, Wired UK Notorious filesharing website The Pirate Bay is a long-standing enemy of the movie industry, but one Swedish filmmaker has plans to create a documentary called TPB AFK about the three founders of the site, and their reactions to being found guilty of being accessory to crime against copyright law and fined about $3.6 million. The director, Simon Klose , who has a law degree, has 200 hours of footage saved up and plans... 

Commerce Secretary Gary Locke issued a blistering diatribe against music piracy Monday, declaring it “a growing threat” that “should be dealt with accordingly.” “This isn’t just an issue of right and wrong,” Locke said in a speech at Belmont University in Nashville, Tennessee, one of the nation’s musical focal points. “This is a fundamental issue of America’s economic competitiveness.”... 

“Protecting your daily in-home activity information from a wireless snooping attack,” by Vijay Srinivasan, John Stankovic, and Kamin Whitehouse: Abstract: In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home…  Read More →