RSS aggregator
Schneier on Security: UAE Man-in-the-Middle Attack Against SSL
Interesting: Who are these certificate authorities? At the beginning of Web history, there were only a handful of companies, like Verisign, Equifax, and Thawte, that made near-monopoly profits from being the only providers trusted by Internet Explorer or Netscape Navigator. But over time, browsers have trusted more and more organizations to verify Web sites. Safari and Firefox now trust more... [Link]
Schneier on Security: Successful Attack Against a Quantum Cryptography System
Clever: Quantum cryptography is often touted as being perfectly secure. It is based on the principle that you cannot make measurements of a quantum system without disturbing it. So, in theory, it is impossible for an eavesdropper to intercept a quantum encryption key without disrupting it in a noticeable way, triggering alarm bells. Vadim Makarov at the Norwegian University of... [Link]
Joel on Software: Fork it!
The Stack Overflow Blog: “The Unix world loves to take sides. I don’t have to blog about this; Freud already did, in 1930. He called it ‘the narcissism of minor differences’”
Need to hire a really great programmer? Want a job that doesn't drive you crazy? Visit the Joel on Software Job Board: Great software jobs, great people.
[Link]Groklaw: Finally We Get to Read the Mobility Assets Sale Agreement with Darl McBride
Darl's purchase of the mobility assets was all done pretty much in the dark. We, the public were told one thing in advance, but something else after the fact. But now we get to see the final agreement.
Darl and Me Inc Holdings LLC, Darl's LLC, got not only the copyrights but a patent application as well, including rights to sue for any past infringement. The patent is entitled "Systems and Methods for Providing Distributed Applications ...
[Link]Schneier on Security: Cyber-Offence is the New Cyber-Defense
This is beyond stupid: The Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions such as knocking out parts of an adversary's computer network overseas—but it is still wrestling with how to pursue the strategy legally. The department is developing a range of weapons capabilities, including tools that would allow "attack and exploitation of... [Link]
Schneier on Security: Wanted: Skein Hardware Help
As part of NIST's SHA-3 selection process, people have been implementing the candidate hash functions on a variety of hardware and software platforms. Our team has implemented Skein in Intel's 32 nm ASIC process, and got some impressive performance results (presentation and paper). Several other groups have implemented Skein in FPGA and ASIC, and have seen significantly poorer performance. We... [Link]
Schneier on Security: More Skein News
Skein is my new hash function. Well, "my" is an overstatement; I'm one of the eight designers. It was submitted to NIST for their SHA-3 competition, and one of the 14 algorithms selected to advance to the second round. Here's the Skein paper; source code is here. The Skein website is here. Last week was the Second SHA-3 Candidate Conference.... [Link]
Groklaw: SCO gets more time to file appeal brief regarding its loss to Novell
SCO filed a motion asking for more time to file its appeal brief with the Tenth Circuit Court of Appeals. They needed 10 more days, and Novell agreed to it, so the clerk signed off on it the same day the motion was filed, and the new date for SCO to file its brief will be September 9.
SCO's argument asking for more time is interesting, because we learn that Novell asked to -- and SCO agreed they could -- ...
[Link]Schneier on Security: Eavesdropping on Smart Homes with Distributed Wireless Sensors
"Protecting your daily in-home activity information from a wireless snooping attack," by Vijay Srinivasan, John Stankovic, and Kamin Whitehouse: Abstract: In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home... [Link]
Joel on Software: A new WordPress Stack Exchange
We’ve been opening new Stack Exchanges left and right on a variety of topics. In almost every case, the Stack Exchange appears to duplicate the content of an existing community. For example, our WordPress answers site (now in beta) covers the exact same material as WordPress.org’s existing forums.
This is nothing new to us at Stack Overflow, which purported to cover the exact same material as hundreds (if not thousands) of other programming sites. ...
[Link]Schneier on Security: High School Teacher Assigns Movie-Plot Threat Contest Problem
In Australia: A high school teacher who assigned her class to plan a terrorist attack that would kill as many innocent people as possible had no intent to promote terrorism, the school principal said yesterday. The Year-10 students at Kalgoorlie-Boulder Community High School were asked to pretend they were terrorists making a political statement by releasing a chemical or biological... [Link]
Schneier on Security: Misidentification and the Court System
Chilling: How do most wrongful convictions come about? The primary cause is mistaken identification. Actually, I wouldn't call it mistaken identification; I'd call it misidentification, because you often find that there was some sort of misconduct by the police. In a lot of cases, the victim initially wasn't so sure. And then the police say, "Oh, no, you got the... [Link]
Schneier on Security: Security Theater on the Boston T
Since a fatal crash a few years ago, Boston T (their subway) operators have been forbidden from using -- or even having -- cell phones while on the job. Passengers are encouraged to report violators. But sometimes T operators need to use their official radios on the job, and passengers can't tell the difference. The solution: orange tape: The solution?... [Link]
Groklaw: Paul Allen's Complaint Against the World, as text
So, do you hate software patents yet, now that you've read about Paul Allen's patent infringement lawsuit against the world and his dog?
I think it ought to inspire you, reading Allen's complaint [PDF], that it might get you to the tipping point, or at least help you to understand why most engineers do hate software patents, because they are a drain on the economy and a hindrance to innovation. So we did Allen's complaint as text, sort ...
[Link]Groklaw: A Bird's Eye View of the HTC/Nokia/Apple Patent Litigations
I don't know about you, but I've found it hard to follow the various patent lawsuits involving Apple, Nokia and HTC. First there are so many cases filed all over the place, it's hard to understand the big picture. And I kept asking myself what it was all about. I mean, what's it all about really? Because some exhibits filed by HTC have just been unsealed, we get to read Apple admitting in one of the documents that the HTC ... [Link]
Schneier on Security: Friday Squid Blogging: Jewel of the Sea
Pretty.... [Link]
Schneier on Security: Me at the EastWest Institute
Back in May, I attended the EastWest Institute's First Worldwide Cybersecurity Summit in Dallas. I only had eight minutes to speak, and tried to turn the dialog to security, privacy, and the individual. EDITED TO ADD (9/1): Commentary.... [Link]
Groklaw: SCO Files Objections to Novell's Bill of Costs
SCO has filed, as expected, its objections to Novell's bill of costs:
08/26/2010 - 890 OBJECTIONS to 879 Bill of Costs filed by Plaintiff SCO Group. (Attachments: # 1 Exhibit A)(Normand, Edward) (Entered: 08/26/2010)
Novell's bills, SCO argues, "beg credulity". They are too high. Who makes that many copies? Some items are not authorized by statute. They are not demonstrated to have been necessary. They were for a mock trial, in one case. They ... [Link]Schneier on Security: Is the Whole Country an Airport Security Zone?
Full-body scanners in roving vans: American Science & Engineering, a company based in Billerica, Massachusetts, has sold U.S. and foreign government agencies more than 500 backscatter x-ray scanners mounted in vans that can be driven past neighboring vehicles to see their contents, Joe Reiss, a vice president of marketing at the company told me in an interview. This should be... [Link]
Groklaw: How You Can Help Patent Attorneys Help Free Software - Updated
I would like everyone to watch tridge's talk [.ogv] [mp3] on patents and how engineers can interact efficiently with patent lawyers, to get your knowledge across to them. More formats are linked from End Software Patents, if you prefer audio only.
Focus, please, also on what he's learned about patents, how to invalidate them in various ways, especially the part about proving non-infringement and why that is easier than proving prior art, and then ...
[Link]Schneier on Security: Detecting Deception in Conference Calls
Research paper: Detecting Deceptive Discussions in Conference Calls, by David F. Larcker and Anastasia A. Zakolyukina. Abstract: We estimate classification models of deceptive discussions during quarterly earnings conference calls. Using data on subsequent financial restatements (and a set of criteria to identify especially serious accounting problems), we label the Question and Answer section of each call as "truthful" or "deceptive".... [Link]
Schneier on Security: Social Steganography
From danah boyd: Carmen is engaging in social steganography. She's hiding information in plain sight, creating a message that can be read in one way by those who aren't in the know and read differently by those who are. She's communicating to different audiences simultaneously, relying on specific cultural awareness to provide the right interpretive lens. While she's focused primarily... [Link]
Groklaw: HTC Files Answer with Counterclaims to Apple's Patent Infringement Suit - Updated
This could get interesting. HTC has filed its answer to Apple's complaint [PDFs] against them for patent infringement, with affirmative defenses and counterclaims.
The case, Apple Inc. v. High Tech Computer Corp. et al, is now before Judge Gregory M. Sleet, docket number: 1:10-cv-00544-GMS, in the US District Court in Delaware. The et al means there are others as defendants, and the full caption is Apple Inc. and NeXt Software, Inc. v. High Tech Computer Corp., ...
[Link]Schneier on Security: Skeletal Identification
And you thought fingerprints were intrusive. The Wright State Research Institute is developing a ground-breaking system that would scan the skeletal structures of people at airports, sports stadiums, theme parks and other public places that could be vulnerable to terrorist attacks, child abductions or other crimes. The images would then quickly be matched with potential suspects using a database of... [Link]
Groklaw: SCO's motion to sell the software assets approved by Del. bankruptcy judge - Updated 3Xs
It will not surprise you to learn that the bankruptcy court has approved SCO's request to auction off "substantially all of the debtors' software business assets" free from liens, claims and encumbrances, as well as certain executory contracts and leases. We learn this from the docket minutes and the signed order. Details will follow from our reporters who attended the hearing today. [Link]
Groklaw: Proof SCO Knew IBM Was Involved in Linux From 1998 Onward
Look what I just found, SCO's Partners page from 2002, on Internet Archive, and lo and behold, it provides proof positive that SCO, then calling itself Caldera, knew that IBM was involved with Linux as far back as 1998. That's the year Santa Cruz and IBM signed the agreement regarding Project Monterey, executed in October of 1998. No one, therefore, Santa Cruz or Caldera, had any reason to be in the dark about IBM's Linux activities while ... [Link]
Schneier on Security: Malware Contributory Cause of Air Crash
This is a first, I think: The airline's central computer which registered technical problems on planes was infected by Trojans at the time of the fatal crash and this resulted in a failure to raise an alarm over multiple problems with the plane, according to Spanish daily El Pais (report here). The plane took off with flaps and slats retracted,... [Link]
Groklaw: Novell's Appeal Brief in the WordPerfect Litigation Against Microsoft - Updated 2Xs
We have at last Novell's appeal brief [PDF] in the private antitrust case Novell brought against Microsoft regarding WordPerfect. The brief was filed with the US Court of Appeals for the Fourth Circuit. It begins: "This case has been here before."Indeed. Here's the decision from the US District Court in Maryland that Novell is appealing, as text.
But there's more. Microsoft is fighting to keep certain documents it alleges the judge ...
[Link]Groklaw: Oracle v. Google Timeline
We have a new Timeline page where you will be able to find all the filed documents in the Oracle America, Inc. v. Google, Inc. litigation. The complaint and other administrative filings are there now, and when Google files an answer, you'll find it there. So if you read something in the media about the case, you can always verify the facts right here in the filings themselves. We've added a link to the new page in the ... [Link]
Schneier on Security: Friday Squid Blogging: Flying Squid
Who knew? "Hulse was shooting with burst mode on his camera, so I know exactly what the interval is between the frames and I can calculate velocity of squid flying though the air," O'Dor says. "We now think there are dozens of species that do it. Squid are used to gliding in the water, so the same physiology probably allows... [Link]
This site uses the BDP RSS Aggregator.