Author: arthur

Today I received a great add for a newish security company, Devicewall. They are yet another company providing a solution for prevention of intellectual property theft. They sent me a stack of humorous stickers saying things like: “This Computer is Protected by BRSD Technology. Big Red Sticker of Doom technology leverages our natural fear of…

Read More Security Stickers

Adam’s post earlier today on efforts to improve browser security, reminded me about this post on KDE.news. George Staikos hosted a meeting of developers from Opera, IE, Mozilla/Firefox and Konqueror with an aim towards improving browser security across the board. Of particular interest to me in light of my intro post, were these two lines:…

Read More Web Browser Developers Work Together on Security

(by arthur) I’m back from travels, so it’s time to post some more…. As Adam just posted, Jeff Moss sold Blackhat to CMP Media. Presumably, this sale is partially (largely?) a result of the various lawsuits that Blackhat was dealing with as fallout of “Cisco-gate”. Fortunately, these were recently settled in an equitable fashion, but…

Read More Unintended Consquences of Blackhat '05

Thanks for great intro Adam!. Steven Bellovin and Eric Rescorla recently released a paper, “Deploying a New Hash Algorithm.” This is a great analysis of both the operational and protocol issues with changing which hash algorithms get used by various security protocols. For instance, S/MIME has no real mechanism for negotiating which hashes (and this…

Read More Hashes: The High Cost of Deployment