Schneier on Security

Excellent! A free online resource for budding Security Professionals to get some, for once - worthwhile, training!
And maybe for useful revision for those who are a bit rusty. :)

'course, the N'ayer-Sayers will have it shut down: Al-Quaida-types my use it after all..... :-P

And look! They recommend a couple of your books!

It's been a while since I watched the videos, but if I remember correctly they do not exactly give your books a glowing review. I was surprised to see you linking to this.

Do most "Security Professionals" get to use this type of knowledge? I seem to spend most of my time arguing why peoples' kids can't install eDonkey on their company provided notebook or why unauthenticated access, via the internet, to proprietary data is a bad idea.

I took a quick look at some of the assignments for the course; I think my brain has atrophied :-(

@stacy
There is sometimes a slight discord of what most "professionals" are hired to work with and what they actually work with. I had this job once where I was supposed to do some programming and software development, it ended up with that I configured firewalls and some network administration. Also explaining basic security concepts of why having passwords in plain sight by the screen on a post-it is a bad idea.

@stacy

Sadly, we all feel your pain. I would much rather get right down in the weeds. However, I find myself more often than not wanting to commit wanton acts of malice when I find people adding sticky notes to monitors with their passwords et cetera. Brain atrophy is a common side effect I'm afraid.

I'm currently working on an MS in Infosec at Georgia Tech. Let me tell you, I hope I never have to prove that a block cipher (Twofish?) is a secure PRF, or that a scheme surrounding it is IND-CCA secure.

On that same note, learning about it and doing it in class really makes you think a bit deeper about security, and how seemingly small changes to schemes really affect how secure they are (and how this relates to everything else in security).

Bruce is obviously into the holiday period post recycle mode! :-) (See: http://www.schneier.com/blog/archives/2006/06/university_cryp.html)

Seriously, thanks for re-linking to this. I lost my original bookmark after getting about half-way through the course and kept meaning to dig the course back up.

"It's been a while since I watched the videos, but if I remember correctly they do not exactly give your books a glowing review. I was surprised to see you linking to this."

Am I only supposed to link to sites that like my books?

Seriously, my books are terrible college textbooks. So I'm not surprised they didn't get glowing reviews.

@Bruce Schneier

I didn't think they were that bad (and what ones are good? The current head of departments latest text book?). I read Applied Cryptography and then went straight to the papers. It gave just enough context to get into them.

But then many of my courses did use papers rather than text books.

"A free online resource for budding Security Professionals to get some, for once - worthwhile, training!"

I'm glad there's a good resource at no cost but, (I hate to say it) is this really meant to be "free." Granted the tuition is close to being free as compared to the one I've attended. Well, I guess they could’ve password protected the site for students only.

Wouldn't the easy way to do this be to encrypt the course content. Once you figure out how to read it, you'll discover the content consists of - in total - "Congratulations, you've passed!"

;)

@Jon: something about a known plaintext attack...