News in the Category "Type"
Page 95 of 97
Windows NT Security Under Fire
Listen to security expert and consultant Bruce Schneier and he’ll tell you that Windows NT’s security mechanism for running virtual private networks is so weak as to be unusable. Microsoft counters that the issues Schneier points out have mostly been addressed by software updates or are too theoretical to be of major concern.
Schneier, who runs a security consulting firm in Minneapolis, says his in-depth "cryptanalysis" of Microsoft’s implementation of the Point-to-Point Tunneling Protocol (PPTP) reveals fundamentally flawed security techniques that dramatically compromise the security of company information…
Crypto Flaw Found in Microsoft Net Product
MINNEAPOLIS—A computer security expert will announce today that he has found a flaw in Microsoft Corp.’s implementation of a communications protocol used in many virtual private networks.
Bruce Schneier, president of Counterpane Systems here, said Microsoft’s implementation of the point-to-point-tunneling protocol will lead to compromised passwords, disclosure of private information and server break downs in virtual private networks running under Windows NT and 95.
"Microsoft’s implementation is seriously flawed on several levels," said Schneier. "It uses weak authentication and poor encryption." For example, he said Microsoft employed users’ passwords as an encryption key instead of using other well-known and more secure alternatives…
The Final Word on Cryptography
SunWorld readers say this book makes the incomprehensible clear
Abstract
Though two years old, Bruce Schneier’s Applied Cryptography, Second Edition still stands as the definitive work on its subject. It attempts to explain why cryptography has to be so complex and mystifying, and bring clarity to this complex topic, even for the nontechnical reader. (2,200 words)
Two months ago, I made the assertion that there is no book on cryptography that is both readable and nontrivial. I even offered a prize to the reader who could convince me otherwise. The responses I got were a bit embarrassing, because I was clearly unaware of a work that an overwhelming number of …
The Bookstore: Applied Cryptography
If you are seriously interested in computer security, then Applied Cryptography by Bruce Schneier is a must-read. The book is exceptionally literate and accessible. Schneier keeps your attention with statements like, “It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.”
The book is both an introduction to the field and a comprehensive reference. Although some areas could have been covered in more detail, that might have turned Applied Cryptography into an encyclopedia (the book is 758 pages long). Schneier manages a fine balance between conveying information and covering all important topics. The five parts of the book cover cryptographic protocols, including public key, digital signatures, key exchange, and digital cash; cryptographic techniques such as key length, key management, algorithm types, and hardware encryption; cryptographic algorithms including block ciphers like DES, public key, key exchange, and identification schemes; the real world including example algorithms and politics; and source code…
Review of The Electronic Privacy Papers
The Electronic Privacy Papers is not about electronic privacy in general: it covers only United States Federal politics, and only the areas of wiretapping and cryptography. The three topics covered are wiretapping and the Digital Telephony proposals, the Clipper Chip, and other controls on cryptography (such as export controls and software key escrow proposals).
The documents included fall into several categories. There are broad overviews of the issues, some of them written just for this volume. There are public pronouncements and documents from various government bodies: legislation, legal judgements, policy statements, and so forth. There are government documents obtained under Freedom of Information requests (some of them partially declassified documents complete with blacked out sections and scrawled marginal annotations), which tell the story of what happened behind the scenes. And there are newspaper editorials, opinion pieces, submissions to government enquiries, and policy statements from corporations and non-government organizations, presenting the response from the public…
Book Review: The Electronic Privacy Papers
This is not an academically neutral book on the subject of privacy. Both Schneier and Banisar are security and privacy advocates of long standing, and they like to refer to the information superhighway as the information “snooperhighway.” Here, they have collected previously classified documents from both government and industry sources. Coverage includes digital wiretapping, E-mail security, cryptography, the National Security Administration’s perspective on telecommunications, the clipper chip, softkey escrow, and much more. Recommended for all libraries…
Keeping Secrets in the Digital Age
Used with permission
As the world goes digital, encryption standards become more important.
Even those who don’t use the Internet are affected by security in the online age—everything from bank account and medical information to credit card numbers and transactions requires some form of coding to protect it from prying eyes.
Yet all is not well—with each new standard comes crackers to break it. And, at the other end, governments—particularly that of the United States—are trying their darndest to ensure that encryption technology doesn’t get too powerful. After all, they reason, if encoding techniques become too good, crooks can use them to subvert society…
Electronic Mail Security (Book Review)
Electronic mail, or e-mail, has become an important communications tool. Businesses have accepted it with great zest, the Internet has allowed it to explode with growth, and its ease of use has made it an integrated part of our personal lives. Even commercials now show dads and morns using e-mail to let their grown kids know they love them and to remind them to take their vitamins.
E-mail has become fun and easy, and many take advantage of being able to send a quick message without having to get caught up in the “how are you—how are you” courtesies of a phone call. And compared with traditional (snail) mail, you can’t beat the speed of transmission…
Electronic Mail Security (Book Review)
Electronic mail, or e-mail, has become an important communications tool. Businesses have accepted it with great zest, the Internet has allowed it to explode with growth, and its ease of use has made it an integrated part of our personal lives. Even commercials now show dads and morns using e-mail to let their grown kids know they love them and to remind them to take their vitamins.
E-mail has become fun and easy, and many take advantage of being able to send a quick message without having to get caught up in the “how are you—how are you” courtesies of a phone call. And compared with traditional (snail) mail, you can’t beat the speed of transmission…
Common Sense Crypto
When Thomas Paine published Common Sense in 1776 – arguing that the American cause was not merely a revolt against unfair taxation, but a demand for independence – he had no idea that more than 200 years later, the struggle for freedom would be waged between privacy advocates and the national-security establishment. This time, the dispute is over not taxation without representation, but communication without government intervention.
One of today’s crypto revolutionaries is Bruce Schneier, the neatly dressed, ponytailed author of Applied Cryptography…
Sidebar photo of Bruce Schneier by Joe MacInnis.