Schneier news Archives - Page 30 of 46

Entries Tagged "Schneier news"

Page 30 of 46

Me in CRN

CRN Magazine named me as one of its security superstars of 2010.

Posted on April 9, 2010 at 1:58 PM • View Comments

Schneier on "Security, Privacy, and the Generation Gap"

Last month at the RSA Conference, I gave a talk titled “Security, Privacy, and the Generation Gap.” It was pretty good, but it was the first time I gave that talk in front of a large audience—and its newness showed.

Last week, I gave the same talk again, at the CACR Higher Education Security Summit at Indiana University. It was much, much better the second time around, and there’s a video available.

Posted on April 9, 2010 at 12:55 PM • View Comments

Schneier Blogging Template

Eerily accurate:

Catchy one-liner (“interesting,” with link):

In this part of the blog post, Bruce quotes something from the article he links to in the catchy phrase. It might be the abstract to an academic article, or the key points in a subject he’s trying to get across. To get the post looking right, you have to include at least a decent sized paragraph from the quoted source or otherwise it just looks like crap. So I will continue typing another sentence or two, until I have enough text to make this look like a legitimately quoted paragraph. See, now that wasn’t so hard after all.

He might offer a short comment about the article here.

Finally, he will let you know that he wrote about the exact same subject link to previous Schneier article on the exact same topic and link to another previous Schneier article on the exact same topic.

I don’t always do this, but it’s pretty common.

You can see the template in these two posts.

Posted on March 26, 2010 at 1:16 PM • View Comments

I'll be in Second Life Tonight

James Fallows and I are being interviewed in Second Life tonight, 9:00 PM Eastern Time.

EDITED TO ADD (3/27): Interview is here.

Posted on March 25, 2010 at 4:48 PM • View Comments

New Book: Cryptography Engineering

I have a new book, sort of. Cryptography Engineering is really the second edition of Practical Cryptography. Niels Ferguson and I wrote Practical Cryptography in 2003. Tadayoshi Kohno did most of the update work—and added exercises to make it more suitable as a textbook—and is the third author on Cryptography Engineering. (I didn’t like it that Wiley changed the title; I think it’s too close to Ross Anderson’s excellent Security Engineering.)

Cryptography Engineering is a techie book; it’s for practitioners who are implementing cryptography or for people who want to learn more about the nitty-gritty of how cryptography works and what the implementation pitfalls are. If you’ve already bought Practical Cryptography, there’s no need to upgrade unless you’re actually using it.

EDITED TO ADD (3/23): Signed copies are available. See the bottom of this page for details.

EDITED TO ADD (3/29): In comments, someone asked what’s new in this book.

We revised the introductory materials in Chapter 1 to help readers better understand the broader context for computer security, with some explicit exercises to help readers develop a security mindset. We updated the discussion of AES in Chapter 3; rather than speculating on algebraic attacks, we now talk about the recent successful (theoretical, not practical) attacks against AES. Chapter 4 used to recommended using nonce-based encryption schemes. We now find these schemes problematic, and instead recommend randomized encryption schemes, like CBC mode. We updated the discussion of hash functions in Chapter 5; we discuss new results against MD5 and SHA1, and allude to the new SHA3 candidates (but say it’s too early to start using the SHA3 candidates). In Chapter 6, we no longer talk about UMAC, and instead talk about CMAC and GMAC. We revised Chapters 8 and 15 to talk about some recent implementation issue to be aware of. For example, we now talk about the cold boot attacks and challenges for generating randomness in VMs. In Chapter 19, we discuss online certificate verification.

Posted on March 23, 2010 at 2:42 PM • View Comments

Another Schneier Interview

This one on simple-talk.com.

Posted on March 12, 2010 at 1:19 PM • View Comments

Another Interview with Me

I gave this one two days ago, at the RSA Conference.

Posted on March 5, 2010 at 12:53 PM • View Comments

Me and the Christmas Underwear Bomber

I spent a lot of yesterday giving press interviews. Nothing I haven’t said before, but it’s now national news and everyone wants to hear it.

These are the most interesting bits. Rachel Maddow interviewed me last night on her show. Jeffrey Goldberg interviewed me for the Atlantic website. And CNN.com published a rewrite of an older article of mine on terrorism and security.

I’ve started to call the bizarre new TSA rules “magical thinking”: if we somehow protect against the specific tactic of the previous terrorist, we make ourselves safe from the next terrorist.

EDITED TO ADD (12/29): I don’t know about this quote:

“I flew 265,000 miles last year,” said Bruce Schneier, a cryptographer and security analyst. “You know what really pisses me off? Making me check my luggage. Not letting me use my laptop, so I can’t work. Taking away my Kindle, so I can’t read. I care about those things. I care about making me safer much, much less.”

For the record, I do care about being safer. I just don’t think any of the airplane security measures proposed by the TSA accomplish that.

Posted on December 29, 2009 at 11:17 AM • View Comments

←Previous 1 … 28 29 30 31 32 … 46 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.