Re: [FDE] Amateurs study cryptography; professionals study economics
Thu, 15 May 2008 18:57:00 +0000
dan@geer.org wrote:> Allen writes:> -+-----------> | > "More than $1 billion is spent annually by the private sector on cyber> | > security," said Link, who is the United States representative on the> | > United Nations Economic Commission for Europe where he evaluates> | > innovation and competiveness policies for the European Union. "That> | > translates to $1,500 per employee. Many .. .. read more..
Re: [FDE] Amateurs study cryptography; professionals study economics
Thu, 15 May 2008 16:10:00 +0000
Allen writes:-+----------- | > "More than $1 billion is spent annually by the private sector on cyber | > security," said Link, who is the United States representative on the | > United Nations Economic Commission for Europe where he evaluates | > innovation and competiveness policies for the European Union. "That | > translates to $1,500 per employee. Many companies have no idea how to | > .. .. read more..
Re: [FDE] Amateurs study cryptography; professionals study economics
Thu, 15 May 2008 13:35:00 +0000
Ali, Saqib wrote:[snip]> "More than $1 billion is spent annually by the private sector on cyber> security," said Link, who is the United States representative on the> United Nations Economic Commission for Europe where he evaluates> innovation and competiveness policies for the European Union. "That> translates to $1,500 per employee. Many companies have no idea how to> employ the usefulness of .. .. read more..
[FDE] Amateurs study cryptography; professionals study economics
Thu, 15 May 2008 05:09:00 +0000
A new book from Dr. Albert N. Link of University of North Carolina titled "Cyber Security: Economic Strategies and Public Policy Alternatives," explores the role businesses and governments can play to ensure that dangerous data security breaches are avoided. The book provides the first systematic analysis of the economics of protecting cyberspace."More than $1 billion is spent annually by the .. .. read more..
Re: [FDE] FDE Digest, Vol 20, Issue 10
Wed, 14 May 2008 19:20:00 +0000
Simson,I see your response in the blog summary but I don't have anything in my in box so I'm adding on to this. Apologies in advance to all you non-Mac users.I use Super Duper for keeping a bootable clone. I update this once a day with incremental changes. If I want to use FileVault, are you suggesting that I log out of my normal account (with the Home folder encrypted by FV), then create a ' .. .. read more..
Re: [FDE] FDE Digest, Vol 20, Issue 10
Wed, 14 May 2008 18:14:00 +0000
On May 14, 2008, at 10:53 AM, Carta Diem wrote:> Simson,>> Thanks so much for the helpful information. Could you be more > specific how you use File Vault in conjunction with a bootable backup?Sure. There are two kinds of bootable backups. The first is just using carbon copy or something. The second is just making a bootable disk and accessing the filevault on the laptop's drive.If you use .. .. read more..
[FDE] ADMIN: Faulty moderation.
Wed, 14 May 2008 18:12:00 +0000
Recently some of you received the following email from this list.---------------------------------------------------------------------Please subscribe to the mailing list before posting a message. Tosubscribe please send an email to: fde-subscribe@www.xml-dev.com orvisit http://www.quantumcrypto.de---------------------------------------------------------------------Please ignore this email. I .. .. read more..
Re: [FDE] FDE Digest, Vol 20, Issue 10
Wed, 14 May 2008 17:53:00 +0000
Simson,Thanks so much for the helpful information. Could you be more specific how you use File Vault in conjunction with a bootable backup?"The backup is accessible if you boot from a backup drive; you just need to mount it and enter your FV password."I assume you meant that FV is accessible if you boot from a background drive, correct? In other words, if I run FV on my main computer, and if I .. .. read more..
Re: [FDE] Traveler's User Case: Backup vs. Security?
Wed, 14 May 2008 12:59:00 +0000
Please subscribe to the mailing list before posting a message. Tosubscribe please send an email to: fde-subscribe@www.xml-dev.com orvisit http://www.quantumcrypto.de .. .. read more..
Re: [FDE] Traveler's User Case: Backup vs. Security?
Wed, 14 May 2008 04:13:00 +0000
I travel with a MacBook Pro using FileValut. FV is great. The backup is accessible if you boot from a backup drive; you just need to mount it and enter your FV password. Normally that is the same as your login password.You can also create an encrypted image on your external bootable drive using Disk Utility.On May 13, 2008, at 6:58 PM, Carta Diem wrote:> I've been doing a lot of traveling, .. .. read more..
[FDE] Traveler's User Case: Backup vs. Security?
Wed, 14 May 2008 01:58:00 +0000
I've been doing a lot of traveling, and I've been looking for a storage solution that suits my needs. I don't seem to be able to find an ideal solution, and I don't think I'm in the minority ? although I could be wrong. Here is what I need:I travel with a notebook computer. That is also my main computer.Everything on it is critical.Everything on it needs to be secure.If the notebook fails for .. .. read more..
The perils of security tools
Tue, 13 May 2008 13:10:00 +0000
[Moderator's note: A quick reminder: please use ASCII except if youneed Unicode to spell your name right. Microsoft's proprietary quotemarks are not a standard and don't look right on non-Microsoftdisplays. I edited them out of this by hand. --Perry]Debian have a stunning example of how blindly fixing "problems" pointed out by security tools can be disastrous.I've blogged about it here: http:// .. .. read more..
Re: root kits in SMM mode
Mon, 12 May 2008 19:56:00 +0000
On 2008-05-12, Perry E. Metzger wrote:> I'd been wondering for years when someone would set malware up to run > in systems management mode on x86 processors. Now someone has done it:>> http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_place_to_hide_rootkits.htmlIn the information preservation circles which of course mind failure and error tolerance, they they talk about " .. .. read more..
root kits in SMM mode
Mon, 12 May 2008 11:37:00 +0000
I'd been wondering for years when someone would set malware up to runin systems management mode on x86 processors. Now someone has done it:http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_place_to_hide_rootkits.html-- Perry E. Metzger perry@piermont.com---------------------------------------------------------------------The Cryptography Mailing ListUnsubscribe by sending " .. .. read more..
FBI Worried as DoD Sol Counterfeit Networking Gear
Sun, 11 May 2008 11:27:00 +0000
Note the reference to recent results on "spiking" hardware. (From someIDG journal - I forget which.) -- Jerry---------- Forwarded message ----------FBI Worried as DoD Sold Counterfeit Networking GearStephen Lawson and Robert McMillan, IDG News ServiceFriday, May 09, 2008 5:10 PM PDTThe U.S. Federal Bureau of Investigation is taking the issue ofcounterfeit Cisco equipment very seriously, .. .. read more..
ADMIN: spotty moderation through Friday
Sat, 10 May 2008 17:08:00 +0000
Moderation will be somewhat spotty until Friday, May 16th. A backlogmay develop -- my apologies.Perry---------------------------------------------------------------------The Cryptography Mailing ListUnsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com .. .. read more..
Re: How far is the NSA ahead of the public crypto community?
Fri, 09 May 2008 23:07:00 +0000
On 2008-05-09, Matt Blaze wrote:>> The guy's specialty was algebraic geometry - a hot field at the time. >> This is the area of mathematics that studied eliptic curves many >> years before anyone realized they had any application to >> cryptography. [...]>> I've heard similar recollections of mathematicians from improbably > abstract specialties being eagerly taken in by NSA, throughout the > .. .. read more..
Re: It seems being in an explosion isn't enough...
Fri, 09 May 2008 22:56:00 +0000
i think the issue may simply devolve to lower areal density in the old drives.i.e. the bits are bigger.does anyone know if they used encodings that were more tolerant of certain kinds of errorsin the past which are less common (and so, not worth doing) than now?On May 9, 2008, at 1:44 PM, Ali, Saqib wrote:>> Edwards said the Seagate hard drive -- which was>> about eight years old .. .. read more..
Re: It seems being in an explosion isn't enough...
Fri, 09 May 2008 21:18:00 +0000
On Fri, 9 May 2008, Ali, Saqib wrote:| > Edwards said the Seagate hard drive -- which was| > about eight years old in 2003 -- featured much| > greater fault tolerance and durability than current| > hard drives of similar capacity.| | I am not so sure about this statement. The newer drives are far more| ruggedized and superior in constuction. For e.g. the newer EE25 are .. .. read more..
Re: It seems being in an explosion isn't enough...
Fri, 09 May 2008 20:44:00 +0000
> Edwards said the Seagate hard drive -- which was> about eight years old in 2003 -- featured much> greater fault tolerance and durability than current> hard drives of similar capacity.I am not so sure about this statement. The newer drives are far moreruggedized and superior in constuction. For e.g. the newer EE25 aredesigned to "operate" @1) Operating temperatures of .. .. read more..
Re: How far is the NSA ahead of the public crypto community?
Fri, 09 May 2008 19:48:00 +0000
On May 8, 2008, at 19:08, Leichter, Jerry wrote:> An interesting datapoint I've always had on this question: Back in > 1975> or so, a mathematician I knew (actually, he was a friend's PhD > advisor)> left academia to go work for the NSA. Obviously, he couldn't say> anything at all about what he would be doing.>> The guy's specialty was algebraic geometry - a hot field at the time.> This is .. .. read more..
From FDE list...
Fri, 09 May 2008 18:25:00 +0000
[Moderator's note: lightly edited. Please stick to ASCII and linesunder 80 columns if possible. --Perry]A gentleman on the FDE list posted the link:http://biz.yahoo.com/nytimes/080509/1194773259639.html?.v=1and in it is the following quote:> Last month, the Pentagon's Defense Advanced Research Projects Agency> began distributing chips with hidden Trojan horse circuitry to> military contractors .. .. read more..
[FDE] F.B.I. Says the Military Had Bogus Computer Gear
Fri, 09 May 2008 13:35:00 +0000
http://biz.yahoo.com/nytimes/080509/1194773259639.html?.v=1http://www.nytimes.com/2008/05/09/technology/09cisco.html_______________________________________________FDE mailing listFDE@www.xml-dev.comhttp://www.xml-dev.com/mailman/listinfo/fde .. .. read more..
[FDE] Crippled Kerberos
Fri, 09 May 2008 13:35:00 +0000
http://www.comics.com/creators/strangebrew/archive/strangebrew-20080509.html_______________________________________________FDE mailing listFDE@www.xml-dev.comhttp://www.xml-dev.com/mailman/listinfo/fde .. .. read more..
FW: How far is the NSA ahead of the public crypto community?
Fri, 09 May 2008 06:07:00 +0000
> The impressively well-engineered> resistance of DES to differential cryptanalysis (apparently called the> "tickle attack" on the inside years before Biham and Shamir's result)That was IBM's name for DC; it wasn't the NSA's name.In the late 90's I asked a DSD (Australian NSA) officer what the UKUSAnations called DC, and he thought about it, then declined to answer.However, a certain well known .. .. read more..