Practical Cryptography Privacy Handbook : Proven Countermeasures for Combating Threats to Privacy, Security, and Personal Freedom The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance Strategies for Web Hosting and Managed Services Cryptography for Visual Basic(r) : A Programmer's Guide to the Microsoft(r) CryptoAPI Al Jazeera: How the Free Arab News Network Scooped the World and Changed the Middle East Secrets and Lies : Digital Security in a Networked World Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition Security in Information Systems : A Guide for Business and Accounting

• Security Worm.
•  Security News.
•  Security Links.
• Security Worm.
• security worm » books » cryptogprahpy » applied cryptography: protocols, algorithms, and source code i.
• by Bruce Schneier.
• Bruce Schneier's APPLIED CRYPTOGRAPHY is an excellent book for anyone interested in cryptology from an amateur level to actually being involved in the development of new encryption mechanisms. Schneier's book begins with a simple discussion of what is cryptography, and then he proceeds through the history of various encryption algorithms and their functioning. ...
• Schneier does not discuss number theory because he expects those who use the relevant chapters of the book will already have training in higher maths. ...
• One helpful part of Schneier's book is his opinion of which encryption algorithms are already broken by the National Security Agency, thus letting the reader know which encryption programs to avoid. ...
• Another anachronism is Schneier's assurance that quantum computing is decades away. ... In the era of Schneier's book steganography was unnecessary because ciphertext could withstand brute-force attacks, but with advances in computing power steganography is becoming vital to secure communications. ...
• Not this one; Schneier has crafted an easy to read book that covers cryptographic techniques and issues.
• Order Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition today and improve your security.
• Security Worm. Wiggling through your wireless, server, computer and internet security solutions. ...

• Internet Security.
• The Internet has become a growing tool in today's technology. ... With just a point and click away you can find massive amounts of information over the Internet. As the use of Internet grows so do security issues. What are some issues that we have to worry about every time we connect our computer to the Internet? Do we really have to be concerned? Many people are, according to an article in The New York Times, "But the zeal was tempered by the view of about half of those surveyed that the Internet is a "source of worry" because of concerns that include pornography, privacy violations, and poor connection speeds. "(Harmon 9) Is it possible to be secure on the Internet? "With access now available not only to the trusted employees but to anyone else on the Internet, the scope of the security problem expands significantly. " (Porra, Roldan, and Segev 85) What security actions are being made?.
• The Internet is made up of a network of computers. There isn't just one central network that is controlling the Internet, there are many. ... There are security products available helping people to avoid security incidence, but how good are these products? Bruce Schneier from Counterpane Internet Security, Inc mentions in this movie clip from Black Hat. ...
• Things to be aware of when connected to the Internet .
• Computer viruses are always a worry when you are on the Internet. ...
• Authentication is another way to ensure confidentiality of information over the Internet. ...
• Firewalls are another way to increase security. ... It's put up to protect the network from the Internet; it regulates the flow of traffic between the two. ...
• If you would like a privacy analysis of your Internet connection try going to Privacy. ...

• Keynote: Fixing Network Security by Hacking the Business Climate Bruce Schneier, Counterpane Internet Security, Inc. ...
• Network security has long been considered an engineering problem, and companies try to solve it by applying technologies. ... What we need are security processes, such as detection, response, and deterrence. However, the only way to get corporate management to adequately address security is to change the risk-management equation. ... It's only after we do all of these things that the Internet will be a safe and secure place. ...

• Bruce Schneier.
• Bruce Schneier has long been known as the author of Applied Cryptography, the definitive nuts-and-bolts guide to how cryptographic algorithms work and their implementation. ...
• Schneier has changed his perspective somewhat in the years since Applied Cryptography came out, which is why Secrets & Lies begins with: "I have written this book partly to correct a mistake. ...
• It describes numerous cryptographic and security techniques, and how vulnerable they all are. ...
• According to Schneier, "Digital certificates provide no actual security for electronic commerce; it's a complete sham" .
• Even if the protocol made more sense, the increasing complexity of software systems makes security impossible. ...
• The core point in the book is that technical measures can never be expected to provide security for computers and data. ...
• And, in this respect, computer security is just like security in the real world. ...
• Security in the computing world has concentrated on preventive measures, but they will never do the complete job. ... Schneier thinks that systems security in the future will be outsourced to companies that are skilled at detection, and which have a crowd of experts on hand, 24x7, to figure out appropriate responses. Companies that provide that kind of service will be able to provide reasonable security; less comprehensive approaches will fail. ...
• Schneier's newly refocused Counterpane Internet Security is in. ...
• Bruce Schneier is a an interesting writer with a good sense of humor. ... Schneier does have a large vocabulary, confronting readers with words like "daedal," "operose," "psephologist," and "neoteric. ...
• Schneier believes that open source can be more secure, but is not necessarily so. ...
• Open source is a business model first, and a security strategy second. ... Maybe the best thing for security is to create proprietary software and then, after the fact, turn it into open source. ...

• Secure Computing Magazine Honors Bruce Schneier, Founder and CTO, Counterpane Internet Security, Inc. ...
• An independent panel of judges awarded Bruce Schneier the Secure Computing Lifetime Achievement Award. ...
• Schneier was chosen from a field of around twenty nominees this year. In reaching their decision, the judges looked carefully at the level of personal and professional achievement of the nominees, their contribution to the development of the information security industry, and their current roles within it, as well as any additional factors -- which in Bruce Schneier's case included the work he does in raising security awareness. ...
• "Bruce Schneier richly deserves the accolade of Winner of the Lifetime Achievement category in the SC Awards 2003," says Chris Thomas of Secure Computing Magazine. "To have been recognized in this way as part of the info security industry's only global awards program is a measure of his personal achievements over the years. ...
• Internationally renowned security technologist and author Bruce Schneier is the Founder and Chief Technical Officer of Counterpane Internet Security, Inc. , the world leader in Managed Security Monitoring. Counterpane provides security monitoring services to Fortune 2000 companies worldwide. He is the author of six books on security and cryptography, including the security bestseller Secrets & Lies: Digital Security in a Networked World. ... Schneier designed the Blowfish and Twofish encryption algorithms, and writes the influential "Crypto-Gram" monthly newsletter. He is a frequent lecturer on computer security and cryptography.
• Formed in 1989, Secure Computing Magazine is an information security magazine widely read in more than 50 countries around the world. ...
• Counterpane Internet Security, Inc. , is the innovator and acknowledged leader in providing Managed Security Monitoring (MSM) services. ... Using this technology, Counterpane's expert Security Analysts are able to detect security incidents -- both external intrusions and insider attacks -- in real time, and tailor immediate, effective responses for its customers. ...

• Jon Udell, October 18, 2000 Bruce Schneier's Secrets and Lies.
• Schneier pauses to rethink the foundations of his profession. ...
• Everyone who needs to understand or implement cryptographic algorithms reads Bruce Schneier's Applied Cryptography. ...
• Now, in his new book Secrets and Lies, Schneier questions his own faith: .
• Readers believed that cryptography was a kind of magic security dust that they could sprinkle over their software and make it secure. ... " A colleague once told me that the world was full of bad security systems designed by people who read Applied Cryptography. ...
• After the publication of Applied Cryptography, Schneier's work as a security consultant led him to an increasing appreciation of the role of human factors. He began saying, over and over, that security is a process, not just a technology or a product. At one point, despairing that mathematically-unbreakable security schemes kept failing in the real world, he abandoned the book and rethought his whole approach to security. ...
• Secrets and Lies opens with a log of security events culled from various sources during March 2000. ...
• The litany of woe runs for several pages, and then Schneier notes that he stopped keeping track after only a week. ...
• The ability of computers to automate repetive tasks changes the security landscape dramatically. ...
• Your Internet-connected computer is equally accessible to would-be burglars anywhere on the planet. ...
• These factors, working together, assure that we'll see an ongoing, and likely increasing, flood of security events such as those Schneier logged in March. ...
• The global nature of the Internet, and its amazing ability to propagate memes at lightspeed, works both for good and evil. ...
• Schneier isn't buying that argument. ... People who make use of these software exploits are criminals, says Schneier, and so are the people who write and distribute the exploits. ...

• American Society for Industrial Security (ASIS) CommerceNet Computer Security Institute (CSI) High Technology Crime Investigative Association Information Systems Security Association (ISSA) USENIX Association .
• CERT Coordination Center (Computer Emergency Response Team) CERIAS - Center for Education and Research in Information Assurance and Security Crime on the Internet DigiCrime, Inc. Early Computer Security Papers Ethics Policies FIRST - Forum of Incident Response and Security Teams Information Security Library - Idaho State University NIST CSRC - Computer Security Resource Center U. ... Department of Energy's Information Security Server (DOE-IS) .
• What to Anticipate in Connecting to the Internet Policy Issues in Interconnecting Networks Guidelines for the Secure Operation of the Internet Site Security Handbook .
• World Wide Web Security FAQ .
• Internet Firewalls FAQ .
• By Bruce Schneier The Codebreakers.
• By Menezes, Van Oorschot, Vanstone Internet Cryptography.
• Building Internet Firewalls .
• Zwicky Firewalls and Internet Security: Repelling the Wily Hacker .
• By William Cheswick and Steven Bellovin Internet Firewalls and Network Security.
• @ Large: The Strange Case of the World’s Biggest Internet Invasion.
• Pipkin Internet Besieged: Countering Cyberspace Scofflaws.
• Denning Maximum Security.
• Internet Protocol (IP).

• Security /Hacking /News .
• Organisation for Internet Safety launched By James Middleton 27-09-2002 Group advocates limited public disclosure of software flaws .
• A Microsoft-backed security organisation set up almost a year ago has finally had its formal launch. ...
• Inaugurated last year at the Trusted Computing forum, the Organisation for Internet Safety (OIS) was charged with creating a set of guidelines for handling the disclosure of flaws and vulnerabilities in software. ...
• The founders, which included Microsoft, @stake, Guardent, Bindview and Foundstone, favoured a standard that limited the public disclosure of security vulnerabilities. ...
• But when it was first suggested last autumn, the OIS was criticised by members of the security industry who suggested that a limited disclosure standard could be used as a stick with which to beat other researchers into line. ...
• John Pescatore, vice president for internet security at Gartner, said: "It's increasingly important to our critical infrastructure, as well as to individual computer users, that security vulnerabilities be avoided when developing software.
• A similar proposal, known as the Responsible Disclosure Process, which was more in favour of full disclosure, was rejected by the Internet Engineering Task Force (IETF) earlier this year. ...
• com Forums   Discuss 'Organisation for Internet Safety launched' in the Security forum --> .
• Performs intrusion detection through network-wide monitoring of the security event logs of all NT/2000 servers and workstations.  VeriSign Security Intelligence and Control(SM) Services .
• VeriSign's Security Intelligence and Control(SM) Services let you focus on business initiatives, like record up-time and global VPNs, while VeriSign's experience helps you monitor and manage your security infrastructure. ...
• High security data centres. ...
•  Security body supports biometrics.
•  Panic-free security.
• Latest security white papers .

• More IE security woes uncovered .
• A PROGRAMMER, Mike Benham, has posted details of a vulnerability in Microsoft's Internet Explorer that, under certain circumstances, allows webmasters to generate what seems a valid Certificate Authority for any site, once they themselves have registered their own Certificate. ...
• Benham's posting here says "Internet Explorer's implementation of SSL contains a vulnerability that allows for an active, undetected, man in the middle attack. ...
• Benham, says Internet Explorer does not check the Basic Constraints of digital certificates that may be issued by localised, intermediary services. He says the security implications are "incredibly severe". ...
• Researchers Bruce Schneier of Counterpane Internet Security Inc. ...

•  Computer Security and Encryption > Cryptography.
•  Directory > Computers and Internet > Security and Encryption > Cryptography .
• Crypto-Gram Newsletter - free monthly email newsletter on cryptography from Bruce Schneier general crypto pundit and occasional crypto curmudgeon. ...
• Cryptography and Computer Security - research-consultancy-development and educational activities of the Cryptography and Computer Security Service. ...
• Cryptome - hosts essays, articles, and the text of legislation that covers cryptology, dual-use technologies, national security, and intelligence. ...
• CryptoRights Foundation - "Security for Human Rights and Human Rights for Cryptographers. ...
• Data Encryption - Credant Technologies provides encryption software enabling enterprise-wide security for mobile and wireless devices. ...
•  Directory > Computers and Internet > Security and Encryption > Cryptography .

• Datenschutz im Internet. ...
• Bruce Schneier, David Banisar, The Electronic Privacy Papers. ...
• Bruce Schneier, Secrets & Lies - IT-Sicherheit in einer vernetzten Welt. ...
• Bruce Schneier, Beyond Fear - Thinking Sensibly About Security in an Uncertain World. ...
• Bemerkung: Die Bücher von Bruce Schneier sind je neuer, desto mehr für Laien und allgemein verständlich geschrieben und desto weniger technisch. ...
• Ross Anderson, Security Engineering - A Guide to Building Dependable Distributed Systems. ...
• Ross Anderson, Introduction to Security. ...
• Ross Anderson, Security. ...
• Peter Gutmann, Cryptography and Data Security. ...
• Security Server (Uni Siegen) .
• Security Gate (Uni Freiburg) .
• Zwicky, Building Internet Firewalls. ...
• Bellovin, Firewalls and Internet Security. ...
• Simson Garfinkel, Gene Spafford, Practical UNIX Security. ...
• Ranum, Web Security Sourcebook. ...
• William Stallings, Cryptography and Network Security: Principles and Practices. ...

• « Beware of the Dog Who Thinks || Home || Mortgage Rates Drop To Record Lows » Secrets & Lies: Digital Security in a Networked World (Bruce Schneier).
• Posted by Jon Downs on January 17, 2004 11:20 AM (See all posts by Jon Downs) Filed under: Books, Books: Computers and Internet .
• I've actually had to read this book for module on my university course (had the exam last week, think it went pretty well), and it's a shame that many people will likely avoid it for fear of it requiring in-depth technial knowledge of the internet, other networks and computers in general. ...
• It never reaches too steep a learning curve, but more impressive is the fact that it manages to cover as wide a range of sub-topics that "digital security" covers, as it does, whilst never feeling like it's skimped on any of those sub-topics. ... But it also provides a little background on topics of especial interest, such as the US and UK governments' usage of digital security (in particular cryptography and their citizens' right to privacy versus the need for evidence gathering).
• Most interesting of all, are the main important points that network administrators and users should really take note of (this includes people who use the internet). Most of them, I must admit, I kind of knew already (however reading them from one of the foremost security experts around helps keep them in my mind), but I still don't follow all of them as I should. I do follow them better than the average internet user, though, otherwise e-mail worms and trojans and those stupid hoax e-mails would not continue being so successful.
• In short, if you use the internet regularly, or some kind of computer network at work, this really is a must read.
• Secrets and Lies : Digital Security in a Networked World Bruce Schneier John Wiley & Sons 14 August, 2000 $29. ...
• Secrets and Lies : Digital Security in a Networked World Bruce Schneier John Wiley & Sons 19 January, 2004 $12. ...
• Posted by Jon Downs on January 17, 2004 11:20 AM (See all posts by Jon Downs) Filed under: Books, Books: Computers and Internet Comments & Trackbacks.

• WileyEurope > Computing > Internet & WWW > Internet Business > E-mail Security: How to Keep Your Electronic Messages Private .
• Internet Browsers.
• Internet Business.
• Complete Guide to Internet Publicity: Creating and Launching Successful Online Campaigns (Paperback) .
• Internet Security for Business (Paperback) .
• Marketing on the Internet, 2nd Edition (Paperback) .
• E-Commerce Security: Weak Links, Best Defenses (Paperback) .
• Internet Business.
• E-mail Security: How to Keep Your Electronic Messages Private.
• Bruce Schneier.
• BRUCE SCHNEIER is a security consultant and President of Counterpane Systems. ...
• Bruce Schneier.
• Secrets and Lies: Digital Security in a Networked World (Paperback).
• Niels Ferguson, Bruce Schneier.
• Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson.

• NSA on Security/AES.
• Bruce Schneier, Counterpane .
• Bruce Schneier ist Gründer und CTO von Counterpane Internet Security Inc. ...
• NSA on Security .
• "A lot of you are making security products that are an attractive nuisance. ... I want functions and assurances in security devices. ... " --Brian Snow, INFOSEC Technical Director at the National Security Agency, speaking to commercial security product vendors and users at the Black Hat Briefings security conference. ...
• As Snow says, people die if security fails. ...
• Certainly, assurance is important to security. ...
• Safety is easier than security -- there is some assurance that buildings won't collapse, fire doors will work, and restaurant food will be disease-free -- but it's nowhere near perfect. ...
• Business security is all about risk management. ... " Computer and network security is no different: Implement preventive countermeasures to make attacks harder, implement detection and response countermeasures to reduce risk, and buy enough business insurance to make the rest of the problem go away. ...
• The military can't buy insurance to protect itself if security fails. ... If military security doesn't work, secrets might be exposed, foreign policy might fail, and people might die. ...
• The NSA's non-endorsement of AES was very carefully worded: "The National Security Agency (NSA) wishes to congratulate the National Institute of Standards and Technology on the successful selection of an Advanced Encryption Standard (AES). ... In particular, NSA intends to use the AES where appropriate in meeting the national security information protection needs of the United States government. ...

• Press Release - Computer & Communications Industry Association Microsoft Monopoly Represents National Security Risk, Say Internet Security Experts.
• 24, 2003) -- Some of the nation's leading computer science and network security experts today issued a report warning that computers and critical technological infrastructure worldwide are increasingly vulnerable to attack because of the security practices and dominance of Microsoft software in desktop computing. ...
• , a long-time security consultant and current chief technical officer of @Stake, a security consulting firm. Other signatories include several leading experts in computer security -- Rebecca Bace, Peter Gutmann, Perry Metzger, Charles P. ... Quarterman and Bruce Schneier.
• This deterioration of security compounds when nearly all computers rely on a single operating system subject to the same vulnerabilities the world over. ...
• "Ironically," Geer continued, "Microsoft's efforts to deny interoperability of Windows with legitimate non-Microsoft applications have created an environment in which Microsoft programs interoperate efficiently only with Internet viruses. ...
• Microsoft's Windows operating system is bound to a host of other applications, from word processors to Internet browsers to multimedia players. ...
• "Microsoft's monopoly threatens consumers in a number of ways, but it is clear that it is now also a threat to our security, our safety, and even our national security. ...
• Department of Homeland Security signed a five-year, $90 million contract with Microsoft to supply Windows software to its 140,000 employees. Because the federal government is so reliant on Microsoft Windows, the report stated, the rising number of flaws in Windows represents an increasing national security risk. ...
• When the government uses a product whose monopoly position undermines its security in this way, antitrust becomes a national security issue. ...

• Introduction to Computer and Network Security.
• What is the current security context?.
• Why is security important?.
• Are security certifications important?.
• Introduction to Computer and Network Security (2 days) .
• Foundations of Applied Security (3 days).
• What is the current security context?.
• It's not getting better, even given the wide spread deployment of computer security technologies. ...
• -- Bruce Schneier, Counterpane Internet Security .
• --Patrice Rapalus, Computer Security Institute (CSI) Director.
• Any information technology professional working in the private or public sector needs to be security aware. Combined, these classes provide a solid information system security foundation. ...
• The Introduction to Computer and Network Security will be offered on August 19-20 between 9:00 am - 4:30 pm and the Foundations of Applied Security will be offered on August 21-23 bewteen 9:00 am - 4:30 pm.
• Essential information that includes security concepts that all professionals in a security related position should know. Specific topics include Internet, network, and computer security. ... Preventive, detective, and reactive aspects of security are also covered.

• Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition by Bruce Schneier John Wiley & Sons Sales Rank: 8,020 Average Rating: 4. ...
• Customers who bought this item also bought Practical Cryptography (1 mentions in weblogs) Secrets and Lies : Digital Security in a Networked World (3 mentions in weblogs) Cryptography in C and C++ Beyond Fear (12 mentions in weblogs) Handbook of Applied Cryptography .
• Yahoo News search results for "Bruce Schneier" (rss) The New Economics of Information Security (BankTech) As any victim of a significant cyberattack will tell you, there's a financial dimension to these crimes. Even for non-victims, there's a financial hit in implementing security measures to prevent losses. Firewalls cost money, and so do the salaries of the security professionals who manage them. ... INFOSEC ECONOMICS: New Approaches To Improve Your Data Defenses (TechWeb via Yahoo! News) Economists have turned their attention to cybercrime, and information security managers can benefit by borrowing some tools of their trade. ...

• Security.
• --> Security Bibliography.
• Computer security is in the spotlight more than ever since the September 11 terrorist attacks. To help you find the best resources to protect your systems, we've pulled together this list of the best security books by O'Reilly and other publishers. ...
• Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition John Wiley & Sons By Bruce Schneier October 1995.
• Building Internet Firewalls, 2nd Edition O'Reilly & Associates, Inc. ...
• Building Internet Firewalls, 2nd Edition is a practical and detailed guide explaining in step-by-step fashion how to design and install firewalls and configure Internet services to work with a firewall. ...
• Building Secure Software: How to Avoid Security Problems the Right Way Addison-Wesley By John Viega and Gary McGraw.
• Building Secure Software: How to Avoid Security Problems the Right Way contains essential lessons for security professionals and software developers, including how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped.
• Computers Under Attack: Intruders, Worms and Viruses is a decade old, but it's still one of the most comprehensive collections of readings related to these topics and it includes reprints of many classic security articles.
• Firewalls and Internet Security: Repelling the Wily Hacker Addison-Wesley By Steven M. ...
• Firewalls and Internet Security: Repelling the Wily Hacker was the classic book on firewalls when first published and is still an excellent source of firewalls principles. ...
• Incident Response: Investigating Computer Crime describes the methods and techniques necessary to perform a professional and successful response to computer security incidents.
• Java Security, 2nd Edition O'Reilly & Associates, Inc. ...
• Java Security, 2nd Edition focuses on the Java platform features that provide security--the class loader, bytecode verifier, and security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller.
• Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community Addison-Wesley Note: A publisher's catalog page was not available. ...

• NOSes Outsourcing Routers/Switches Security Service Providers Small/Med. ...
• Security / Internet too complex to secure, says exec.
• Congress on computer and Internet security, Bruce Schneier, the CTO of Counterpane Internet Security, would like to tell them that such efforts are currently done poorly and with the wrong goals. ...
• He will also tell Congress that "the Internet is too complex to secure," as he said in a speech on the last day of the Black Hat Briefings security conference here Thursday. ...
• Events seem to bear out his conclusions: despite there being more computer security companies and software than at any other time, viruses, worms, Web page defacements and other security incidents are seemingly happening more often than ever before. ...
• This is because security is approached with the wrong attitude, he said. ...
• "One of the reasons we do security so poorly on the Internet is because we think if computers are involved, it's magic," but it's not, Schneier said. Applying the same principles used in physical security to Internet security will be more effective, he said. ...
• Current computer security practices are too focused on prevention, leading to ineffective measures, he said. ...
• Rather, in the physical world, security is implemented to manage risks, not to try to eliminate them, he said. Grocery stores accept that some shoplifting will occur, but try to compensate for it by using security devices, employees and insurance, he said. ...
• Computer security must adopt the same stance, but hasn't yet, he said. "When (computer) security decisions are made, it's only more or less secure, it's not smarter or dumber (business). ...
• Despite the industry's incorrect philosophical bent, Schneier sees hope on the horizon in the form of monitoring and response systems, insurance and law enforcement. ...
• Rather than focusing energies and budgets on prevention, computer security efforts ought to be spread across prevention, detection and response, he said. ...
• "Detection, response - if it works well enough - makes up for shoddy prevention," said Schneier, whose company, Counterpane, sells a security monitoring service. ...

• How-To Book May Help HackersMicrosoft Issues Security UpdatesMicrosoft Warns of VoIP VulnerabilitySecurity Group Warns of Linux FlawSoftware Users Hit a Rough PatchSee all related items.
• Topics > Software > Software Bugs > Three Minutes With Security Expert Bruce Schneier  Security expert pushes full disclosure, forcing vendors to admit and fix bugs quickly. ... comFriday, September 28, 2001Bruce Schneier is founder and chief technology officer of Internet security firm Counterpane. He has written two books on cryptography and computer security, Secrets and Lies and Applied Cryptography, and is an outspoken critic of Microsoft and other software vendors that produce products that contain dangerous security holes. We spoke with him about who is responsible for software security flaws and what consumers can do about the growing problem. ...
• PCW: Are there more security holes in software, or are we just getting better at finding them?.
• Schneier: Both. There are thousands and thousands of security holes in software. ... Complexity is the enemy of security. ...
• PCW: Why don't software vendors devote more time to testing products to find and fix security holes before delivering programs to market?.
• Schneier: Because the marketplace doesn't reward security. A company like Microsoft could spend an extra year developing the next version of Windows--throw an extra 200 or 500 people at the program, testing it for security problems--but then the software would be a year late getting to market.
• According to Scott Culp, program manager for Microsoft's Security Response Center, the company held back the operating system for so long in order to fix security bugs.
• Schneier: They said Windows 2000 would be more secure than any other version to date. But there are more security holes in it than any other version of Windows.
• PCW: Why is it that hackers and security pros find security holes that Microsoft doesn't seem to be able to find?.

• Bruce Schneier. Secrets and Lies: Digital Security in a Networked World. "Counterpane Internet Security": 2000, 432 pp.
• Bruce Schneier. Secrets and Lies: Digital Security in a Networked World. "Counterpane Internet Security": 2000, 432 pp. ...
• ñîçäàíà êîìïàíèÿ Counterpane Internet Security (www. ...
• Âî âòîðîé ÷àñòè îáñóæäàþòñÿ òåõíîëîãèè: êðèïòîãðàôè÷åñêèå ïðèìèòèâû, êîíòåêñò èõ ïðèìåíåíèÿ (ïðîòîêîëû è èõ "âïèñûâàíèå" â êîíêðåòíóþ ñèòóàöèþ), òåõíîëîãèè òðàäèöèîííîé êîìïüþòåðíîé áåçîïàñíîñòè (êîíòðîëü äîñòóïà, ìîäåëè áåçîïàñíîñòè, èñïîëüçîâàíèå íàäåæíûõ ïëàòôîðì, ñóáëèìèíàëüíûå êàíàëû, êðèòåðèè îöåíêè), èäåíòèôèêàöèÿ è àóòåíòèôèêàöèÿ (âêëþ÷àÿ ïðèìåíåíèå ïàðîëåé, áèîìåòðèê, "ýëåêòðîííûõ êëþ÷åé" è ïðîòîêîëîâ àóòåíòèôèêàöèè), îñîáåííîñòè ñåòåâûõ òåõíîëîãèé (ïðèåìû ðàáîòû ñ ìîäóëüíûì è ìîáèëüíûì êîäîì è ñïåöèôè÷åñêèå âîïðîñû áåçîïàñíîñòè WWW è äðóãèõ òåõíîëîãèé Internet, ïðèìåíåíèÿ ìåæñåòåâûõ ýêðàíîâ è âèðòóàëüíûõ ÷àñòíûõ ñåòåé), íàäåæíîñòü ïðîãðàììíîãî è àïïàðàòíîãî îáåñïå÷åíèÿ, èñïîëüçîâàíèå öèôðîâûõ ñåðòèôèêàòîâ è ñâèäåòåëüñòâ (âêëþ÷àÿ ïðîáëåìû ñ òðàäèöèîííûìè èíôðàñòðóêòóðàìè ñåðòèôèêàöèè îòêðûòûõ êëþ÷åé) è ÷åëîâå÷åñêèé ôàêòîð.
• Øíàéåð íàïèñàë "ýòàïíûé" òðóä, ïîäûòîæèâàþùèé öåëóþ ýïîõó â ðàçâèòèè ãðàæäàíñêîé êðèïòîãðàôèè, è î÷åíü öåííûì ÿâëÿåòñÿ òî, ÷òî ýòà êíèãà àäðåñîâàíà ïðåæäå âñåãî ìåíåäæåðàì áèçíåñîâ, àêòèâíî îñâàèâàþùèõ Internet êàê íîâóþ äåëîâóþ ñðåäó.

• Foil the Hackers? A Security Maven Discusses the Impossible.
• All you can do, says Bruce Schneier, is try to keep up .
• The attacks were not taken lightly in Washington, where President Clinton held a high-level meeting with Internet security mavens on Feb. ...
• To shed some light on the nature of these attacks and the magnitude of the threat in the future, BUSINESS WEEK Senior Writer Neil Gross spoke with Bruce Schneier, chief technical officer at Counterpane Internet Security Inc. ... Author of the 1994 book Applied Cryptography, which has sold more than 120,000 copies, Schneier has provided security advice to the likes of Microsoft (MSFT), Hewlett-Packard (HWP), Intel (INTC), and Merrill Lynch (MER). Here are some of Schneier's thoughts:.
• And often, they have a persistent ''Internet protocol'' address. ...
• The Sega Dreamcast game machine comes with an IP stack and is Internet-ready. ...
• We actually can't test security to the level we need to. ... We've been finding and fixing security bugs in past years, but none of those fixes transfers forward. ...
• We can't get around security problems just by building a better firewall. As a personal mantra, I've been saying that security is a process, not a product. What is the very best that you can do, in a world where you can't really make systems secure? You install all the best security, and the next week there will be a new bug that will open a new entry point. ...

• In this issue: Defense Options: What Military History Can Teach Network Security, Part 2, The Futility of Digital Copy Prevention, Microsoft and the Window of Vulnerability, and Safe Personal Computing. ... By Bruce Schneier.
• In this issue: Natural Advantages of Defense: What Military History Can Teach Network Security, Part 1, A Correction: nCipher, CSI's Computer Crime and Security Survey, Crypto-Gram Reprints, and Fake Microsoft Certificates. ... By Bruce Schneier.
• In this issue: The Security Patch Treadmill, Harvard's "Uncrackable" Crypto, TCP/IP Initial Sequence Number Flaw, The Doghouse: iBallot. ... 11 Security. ... By Bruce Schneier.
• In this issue: Hard-Drive-Embedded Copy Protection, An Intentional Backdoor, The Doghouse: NASA and eTrue, A Semantic Attack on URLs, E-mail Filter Idiocy, Air Gaps, and Internet Voting vs. ... By Bruce Schneier.
• By Bruce Schneier.
• By Bruce Schneier.
• By Bruce Schneier.
• In this issue: Semantic Attacks: The Third Wave of Network Attacks, News, Council of Europe Cybercrime Treaty -- Draft, The Doghouse: HSBC, NSA on Security, AES Announced, NSA on AES, and the Privacy Tools Handbook. ... By Bruce Schneier.
• By Bruce Schneier.
• In this issue: Secrets and Lies: Digital Security in a Networked World, Microsoft Vulnerabilities, Publicity, and Virus-Based Fixes, News, Counterpane Internet Security News, Crypto-Gram Reprints, European "Crime in Cyberspace" Convention, The Doghouse: Authentica, Bluetooth, and Comments from Readers. ... By Bruce Schneier.

• Niels Ferguson (Counterpane Internet Security, Amsterdam, Netherlands); Bruce Schneier (Counterpane Internet Security, Minneapolis, Minnesota).
• A former cryptographic engineering consultant with Counterpane Internet Security, Bruce Schneier's company, the lead author, Niels Ferguson has teamed with best-selling author Schneier to provide the first hands-on cryptography product imple-mentation guide. ...
• Terms and Conditions of Use, Security and Privacy Policy.

• A number of Internet service providers (ISPs) also say they have recently been served with a warrant to provide records related to national security. ...
• James Bamford, author of two books about the National Security Agency (NSA) ("Body of Secrets" and "The Puzzle Palace"), says while bin Laden may have dropped digital dissemination, his followers maintain some sort of high-tech presence. ...
• "It's a combination of low-tech communication with supporters, communicating by messaging or couriers, and using the Internet to reach others," he says. ...
• Simon Reeve, the author of "The New Jackals: Ramzi Yousef, Osama bin Laden and the Future of Terrorism," says bin Laden has ditched his satellite-linked phones, mobile handsets and Internet access in favor of "Stone Age" messaging techniques to elude law enforcement. ...
• "The American National Security Agency has devoted huge resources trying to trace him through his old satellite and portable phones, but he no longer uses them, to avoid being targeted and attacked. ...
• It is possible, Bamford says, that bin Laden is using steganography to covertly distribute information to his supporters and hide messages throughout the Internet and on particular Web pages. ...
• Hayden's worries are echoed by Bruce Schneier, chief technology officer (CTO) and founder of Counterpane Internet Security Inc. Schneier, an expert in cryptology, has also created two encryption algorithms (Blowfish and Twofish) and testified before several congressional subcommittees on Internet security. ...
• "The years of the military being at the leading edge of technology are gone because it moves so fast," says Schneier. ...
• And while authorities also have access to internally produced systems, potentially giving them an advantage, Schneier says they aren't infallible, as evidenced by Tuesday's attacks. ...
• "He'll go high-tech when it suits him and he'll go low-tech when it suits him," Schneier says. ...
• • Counterpane Internet Security Inc.
• • National Security Agency.

Do you have a great site about Bruce Schneier And Internet Security? Is your Bruce Schneier And Internet Security site listed here? Would you like a prefered placement of your site in this directory?

It's easy! First place, the HTML from the box below on your page that you would like listed in this directory.

Then use our link submission request with your name, your contact information, and the URL of your site that has a link to this directory. After we verify your link to us, we'll make sure your site stays in our directory, and we'll give it prefered placement here also.

Here is how to make a simple text link to us. Just copy the code in this box to your website:

We can also develop a custom Guide To The Internet for your site. Please request your own custom Guide To The Internet.