Security
Handset Security Flaws On The Horizon
Software quality, especially data input filtering, is critical for mobile devices; especially devices that do not typically have user-updateable software. News: Mobile phone hacking expected to spread …
Drm Threat Analysis Shows Futility In Drm Mechanisms
This analysis shows how DRM solutions are ineffective because they [attempt to] address the wrong threat model. “Many DRM advocates make the classic mistake of refusing to choose a threat model. …
Insider Attack Nails Shut Janteknology'S Coffin
Evidence of the damage that insider attacks can wreak. Ironically, this was a security software distributor. It’s unbelievable how often I hear things like: “Well you have to trust your …
Acm Testimony To Congress Against Dmca'S Chilling Effect
USACM co-chair Barbara Simons spoke out against sections of the DMCA during recent Congressional review of the DMCA’s anti-circumvention provisions. ACM MemberNet You can also read the …
Anti Polygraph
Here is a 176-page PDF paper on the fallacy of polygraph exams (a.k.a. “lie” detectors). I have not read up on this subject in some time but this looks to be a good read. Lie Behind the …
Stupid Security
Found out about this great site through this month’s Crypto-Gram newsletter. It posts articles on – you guessed it – all the stupid security measures people come across. Stupid …
E Voting Systems Assailed
A great article with some perfect quotes from leading advocates and experts for voter verifiable audit trails. Also, there are some documented cases of voting machine errors in the article. New Voting …
Users tricked into believing a Nokia upgrade hoax
“Nokia 7650 upgrade - hoax An internet hoax is traveling round the internet that purports to be a press release from Nokia offering an upgrade for owners of the Nokia 7650 handset to support a …
SSL Patent suit update: victory for SSL!
07:00 A press release on RSA’s website announces that a unanimous verdict was reached on all infringement claims in favor of the defendants, RSA Security Inc. and Verisign Inc. RSA Security | …
Analysis Of The Educational Initiatives Outlined In The National Cybersecurity Strategy
Rob Slade takes an in-depth look at what the National Cybersecurity Strategy is for security education and doesn’t really find much. To summarize: “we [the U.S. Gov’t] can’t do …