Simon Willison’s Weblog

Items tagged security, bruceschneier in 2007

Filters: Year: 2007 × security × bruceschneier ×

I don’t understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It’s public, and rather obvious. It makes no sense from an engineering perspective: It’s too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.

Bruce Schneier # 16th November 2007, 10:25 am

A school in the UK is using RFID chips in school uniforms to track attendance. So now it’s easy to cut class; just ask someone to carry your shirt around the building while you’re elsewhere.

Bruce Schneier # 24th October 2007, 8:36 pm

Global Hackers Create a New Online Crime Economy (via) Fascinating, detailed look at the evolution of the hacker service economy. Of particular interest: a web application that sells access to hacked machines to identity thieves on a timeshare basis. # 17th October 2007, 9:46 pm

The Storm Worm. Bruce Schneier describes the Storm Worm, a fantastically advanced piece of malware that’s been spreading for nearly a year and is proving almost impossible to combat. Its effects are virtually invisible but infected machines are added to a multi-million machine botnet apparently controlled by anonymous Russian hackers. # 6th October 2007, 12:25 am

Bruce Schneier interviews Kip Hawley. The head of the Transportation Security Administration in conversation with one of his most eloquent critics. # 7th August 2007, 3:23 pm

The Psychology of Security. I haven’t even started on this yet, but I bet it’s worth reading. # 9th February 2007, 1:27 am

Choosing Secure Passwords. Bruce Schneier describes the state of the art in password cracking software. # 11th January 2007, 2:55 pm