Collaborate Disseminate
By Dick Pence This story appeared in The Washington Post in 1991, shortly after a computer glitch caused a “long-distance blackout” on the East Coast. Those big phone outages of the past couple of weeks have had me feeling a bit guilty over what’s been happening. You see, I remember exactly how all this started. … Continue reading Two Longs and a Short →
The post Two Longs and a Short appeared first on Security Boulevard.
The big news this week is a protocol flaw in the Wireless Protected Access protocol, version 2 (WPA2). The Ars Technica article covers the details pretty well. This is what every Wi-Fi wireless router on the planet uses these days. The problem does not directly damage your system, but it can uncover data you had intended … Continue reading The Big Bug in the News: the WPA2 flaw →
The post The Big Bug in the News: the WPA2 flaw appeared first on Security Boulevard.
As I said in an earlier post, no crime is committed if the appropriate official leaks sensitive classified information. This applies to both Secretary Clinton’s email server and President Trump’s unfortunate meeting with Russian diplomats. Both carried the authority to disclose what they disclosed. One question remains: what damage might have ensued from each leak? I would argue … Continue reading Comparing Leaks: Trump vs. Hillary →
Continue reading Comparing Leaks: Trump vs. Hillary
I sympathize with developers who throw up their hands and say, “I don’t do security stuff.” No matter what you choose, there’s a trade off that could go wrong. It’s especially troublesome if one deploys a “security website.” I’ve deployed security education websites in many environments over the past 20 years, and I rarely achieve … Continue reading Tiptoeing Through Vulnerabilities →
Continue reading Tiptoeing Through Vulnerabilities
I have posted the fifteenth video in the Cryptosmith Series on practical basic cryptography. The video collection falls into three parts: the network crypto introduction, the DVD example, and the public-key certificate discussion. There are also updates to other series videos. They now use the acronym “SSL” a lot more, since people recognize it more often than “TLS.” … Continue reading Cryptosmith Video Series #1 through #15 →
Continue reading Cryptosmith Video Series #1 through #15
Here are a couple of short videos that describe the basic cryptographic mechanisms used in DVDs. These don’t quite fit into my Cryptosmith series, at least, not right now. They’re short and interesting, so I went ahead and posted them.
Continue reading How DVD Crypto Keys Work
The Cryptosmith video series uses animation to explain well-known crypto techniques. This should help more people understand crypto technology. This is particularly important as people rely more and more on mobile and Internet security mechanisms. Aside from protecting online commerce and financial activities, many professionals are realizing that their daily activities require strong protection. After … Continue reading Cryptosmith Video Series →
Continue reading Cryptosmith Video Series
Emails are notoriously hard to validate. Emails are like typed, signed contracts with no section or page numbers: you can take out or add whatever pages you want as long as you keep the signatures. Intelligence expert Malcom Nance has tweeted that Wikileaks’ recent collection of Podesta emails contain “obvious forgeries.” It is hard to detect emails forgeries … Continue reading #PodestaEmails are NOT obvious fakes →
Continue reading #PodestaEmails are NOT obvious fakes