Summer Schools in Cryptography and Software Security at Penn State

Normally I just delete these as spam, but this summer program for graduate students 1) looks interesting, and 2) has some scholarship money available.

Posted on March 29, 2012 at 2:07 PM • 15 Comments

Comments

Michael LocastoMarch 29, 2012 2:44 PM

Kudos to the Penn State folks for putting this together. In general, I think educational programs like these don't get enough publicity. Many (most?) infosec education efforts (e.g., Syracuse's SEED project [1] and Towson's Security Injections [2] ) don't have the glamor, glitz, and glory of multi-million dollar "research" grants, but I'd argue they have more potential to improve the state of infosec than most academic research.

The SISMAT program at Dartmouth College [3] (disclaimer: which I've been heavily involved in) has been offering something similar since 2008, but targeted at undergraduates from colleges that typically don't have a strong cybersecurity research group or presence.

[1] http://www.cis.syr.edu/~wedu/seed/

[2] http://triton.towson.edu/~cssecinj/secinj/

[3] http://www.ists.dartmouth.edu/events/sismat/

Martin Gilje JaatunMarch 29, 2012 3:55 PM

@Michael: Security Injections seems like a great idea - it's important to offer good security courses for those of us who are so inclined, but I think it is even more important to teach e.g. software security to software engineering majors who otherwise wouldn't give security a second thought.

BREAKING THROUGH THE LIZARD MATRIX! YOU ARE ALL HUMANS NOT THEIR LIVESTOCK! RESIST THE LIZARDS!March 29, 2012 5:19 PM

"Everything we see has some hidden message. A lot of awful messages are coming in under the radar - subliminal consumer messages, all kinds of politically incorrect messages..." - Harold Ramis

“RFID in School Shirts must be trial run”

The trial runs began a LONG time ago!

We’re way past that process.

Now we’re in the portion of the game where they will try and BRAINWASH us into accepting these things because not everyone BROADCASTS themselves on and offline, so RFID tracking will NEED to be EVERYWHERE, eventually.

RFID is employed in MANY areas of society. RFID is used to TRACK their livestock (humans) in:

* 1. A lot of BANK’s ATM & DEBIT cards (easily cloned and tracked)
* 2. Subway, rail, bus, other mass transit passes (all of your daily
activities, where you go, are being recorded in many ways)
* 3. A lot of RETAIL stores’ goods
* 4. Corporate slaves (in badges, tags, etc)

and many more ways!

Search the web about RFID and look at the pictures of various RFID devices, they’re not all the same in form or function! When you see how tiny some of them are, you’ll be amazed! Search for GPS tracking and devices, too along with the more obscured:

- FM Fingerprinting &
- Writeprint

tracking methods! Let’s not forget the LIQUIDS at their disposal which can be sprayed on you and/or your devices/clothing and TRACKED, similar to STASI methods of tracking their livestock (humans).

Visit David Icke’s and Prison Planet’s discussion forums and VC’s discussion forums and READ the threads about RFID and electronic tagging, PARTICIPATE in discussions. SHARE what you know with others!

These TRACKING technologies, on and off the net are being THROWN at us by the MEDIA, just as cigarettes and alcohol have and continue to be, though the former less than they used to. The effort to get you to join FACEBOOK and TWITTER, for example, is EVERYWHERE.

Maybe, you think, you’ll join FACEBOOK or TWITTER with an innocent reason, in part perhaps because your family, friends, business parters, college ties want or need you. Then it’ll start with one photo of yourself or you in a group, then another, then another, and pretty soon you are telling STRANGERS as far away as NIGERIA with scammers reading and archiving your PERSONAL LIFE and many of these CRIMINALS have the MEANS and MOTIVES to use it how they please.

One family was astonished to discover a photo of theirs was being used in an ADVERTISEMENT (on one of those BILLBOARDS you pass by on the road) in ANOTHER COUNTRY! There are other stories. I’ve witnessed people posting their photo in social networking sites, only to have others who dis/like them COPY the photo and use it for THEIR photo! It’s a complete mess.

The whole GAME stretches much farther than the simple RFID device(s), but how far are you willing to READ about these types of instrusive technologies? If you’ve heard, Wikileaks exposed corporations selling SPYWARE in software and hardware form to GOVERNMENTS!

You have to wonder, “Will my anti-malware program actually DISCOVER government controlled malware? Or has it been WHITELISTED? or obscured to the point where it cannot be detected? Does it carve a nest for itself in your hardware devices’ FIRMWARE, what about your BIOS?

Has your graphics card been poisoned, too?” No anti virus programs scan your FIRMWARE on your devices, especially not your ROUTERS which often contain commercially rubber stamped approval of BACKDOORS for certain organizations which hackers may be exploiting right now! Search on the web for CISCO routers and BACKDOORS. That is one of many examples.

Some struggle for privacy, some argue about it, some take preventitive measures, but those who are wise know:

Privacy is DEAD. You’ve just never seen the tombstone.

MarkMarch 29, 2012 10:12 PM

@Breaking

There are a few grains of truth in your comment, but your style makes you look like a incoherent nut. Also why post here where people who are interested in security come looking for info? Wouldn't it make more sense to educate people on Facebook?

BrianMarch 30, 2012 6:35 AM

Penn State has been leading out on Information Security education for several years now. As a 2004 graduate, I now serve as CISO for mid-sized organization. The skill sets, internships, and certification from Penn State’s partnership with the NSA have been instrumental in my early career. I recommend the program to anyone with friends of family interested in pursuing a career in security. The crypto sessions appear to be relatively new at PSU, but this seems to be another interesting option for specialization.

llewellyMarch 30, 2012 11:17 AM

It would be awfully convenient to blame the downfall of privacy on nefarious aliens.

Then we would not have to face the very real educational, cognitive, political and organization deficits in our own people.

Fred PMarch 30, 2012 11:27 AM

@Mark - the term "lizard matrix" makes me think of a fairly small religion's beliefs - looking through Google, I think it is one headed by David Icke - author of The Biggest Secret and Children of the Matrix - which posits (ruling?) "alien" lizards that can look like humans, among other unusual beliefs.

Indeed, looking back through Breaking...'s comment, he refers to Icke. It shouldn't have taken me so long to find his name. Oh, well.

FigureitoutMarch 30, 2012 11:33 AM

@Breaking

Most if not all who read this blog know the dangers to privacy.

Please don't troll this site, offer whatever knowledge value you have and read what others have to say.

@Bruce

Maybe an idea when you're not writing a book, for those who aren't engineers or computer scientists, try an online class like Mr. Boneh did, or some audio-visual tutorial of setting up a cryptosystem. It would bring more people into cryptography I think, even though I know there's already a lot of information out there.

HeretolearnApril 1, 2012 11:17 PM

@Figureitout Where can I find more information about cryptology? Or better yet, where should I began?

P.S. By no means am I a security professional, I am an amateur. I'm just here to learn.

intro_to_crypto_studentApril 2, 2012 7:21 AM

Stanford's free online crypto course is pretty good so far. My only complaint is the programming assignments are now extra credit because a lot of students complained about not being able to program. Bruce's Cryptography Engineering is a good book to read alongside the course.

FigureitoutApril 2, 2012 12:00 PM

@ Heretolearn

Well, I am an amateur now too, cryptology is just a random hobby that I like to learn whenever I have some free time. I hope you like to read, because there's a lot of stuff to read. I would say start looking at the history, learn the basic terms, some simple ciphers. There's code generators on the internet that are fun to play with. It's all over the internet now, on this site click on the 'cryptography' tab and read some papers Bruce has posted; and that's all free stuff. I'm still reading (and re-reading) Bruce's book (which isn't free), "Applied Cryptography", and it's probably one of Bruce's most popular books.

I hope to someday have my own cipher, but I think that's a long shot. I also want to really "secure my bits" in the near future.

Good luck

Fred PApril 2, 2012 12:03 PM

@Heretolearn-

If you're interested in serious study, here's a brief overview. Note that it was written over 12 years ago:

https://www.schneier.com/crypto-gram-9910.html#SoYouWanttobeaCryptographer

If you're less serious (but have a strong math background), consider either reading one of the standard introductory texts (such as Schneier's), or reading papers. If you don't have a strong math background, I'd start with working on your mathematics.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..