Practical Cryptography Privacy Handbook : Proven Countermeasures for Combating Threats to Privacy, Security, and Personal Freedom The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance Strategies for Web Hosting and Managed Services Cryptography for Visual Basic(r) : A Programmer's Guide to the Microsoft(r) CryptoAPI Al Jazeera: How the Free Arab News Network Scooped the World and Changed the Middle East Secrets and Lies : Digital Security in a Networked World Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition Security in Information Systems : A Guide for Business and Accounting

• Wiley > Computing > Internet & WWW > Internet Business > E-mail Security: How to Keep Your Electronic Messages Private .
• Internet Browsers.
• Internet Business.
• E-Commerce Security: Weak Links, Best Defenses (Paperback) .
• Internet Business.
• E-mail Security: How to Keep Your Electronic Messages Private.
• Bruce Schneier.
• BRUCE SCHNEIER is a security consultant and President of Counterpane Systems. ...
• Bruce Schneier.
• Secrets and Lies: Digital Security in a Networked World (Paperback).
• Niels Ferguson, Bruce Schneier.
• Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson.

• internet. ...
• internet. ...
• internet. ...
• Türkische Nachrichten für Internet-Professionals .
• Krypto-Guru Schneier: PGP bleibt weiter sicher2048 Bit-Schlüssel meist ausreichend.
• Bruce Schneier ist Chief Technology Officer der Counterpane Internet Security, einem der großen Anbieter von Managed Security Monitoring. ... Bisher schrieb Bruce Schneier sechs Bücher über Sicherheit und Kryptographie, einschließlich seines Bestsellers "Secrets & Lies: Digital Security in a Networked World". ...
• Schneier entwickelte die bekannten Blowfish und Twofish Verschlüsselungs-Algorythmen und schreibt den angesehenen monatlichen Newsletter "Crypto-Gram". ... Auf der ISSE 2002 (Information Security Solutions Europe), die vom 2. ... Oktober in Disneyland Paris veranstaltet wird, wird der Cypto-Guru eine Präsentation mit dem Titel 'Fixing Net­work Security by Hacking the Business Climate' halten. ... internet. com hatte heute die Gelegenheit, Schneier zu einigen aktuellen Themen über Sicherheit und Verschlüsselung zu interviewen. ...
• internet. ... Schneier, PGP und andere Verschlüsselungsprogramme laufen Gefahr, durch Keylogger unterlaufen zu werden. ...
• Bruce Schneier (Chief Technology Officer, Counterpane): Ein User kann sich nicht schützen. ...
• internet. ...

• CMPS 122: Computer Security.
• You can also read this presentation by Bruce Schneier of Counterpane Internet Security. The presentation discusses the need for computer security and what can be done about it. ...
• Applied Cryptography (Bruce Schneier) .
• Practical Cryptography (Neils Ferguson and Bruce Schneier) .
• Firewalls and Internet Security: Repelling the Wily Hacker, 2nd edition (Cheswick, Bellovin, and Rubin) .
• Practical Unix & Internet Security, 3rd edition (Garfinkel, Schwartz, and Spafford) .

• Counterpane's Bruce Schneier Testifies Before Congress. ...
• Subject: FC: Bruce Schneier on computer security: "Things are getting worse".
• security risks for the E-consumer. ...
• president, Internet Architecture and Technology, WorldCom; Harris Miller, .
• of America; Bruce Schneier, CTO, .
• Counterpane Internet Security, Inc. ...
• From: Bruce Schneier <schneier@counterpane. ...
• Bruce .
• Bruce Schneier, CTO, Counterpane Internet Security, Inc. ...
• Bruce Schneier .
• Chief Technical Officer, Counterpane Internet Security, Inc. ...
• Internet Security .
• My name is Bruce Schneier. ...
• Counterpane Internet Security. ...
• immediate need for increased Internet security, and essentially provides .
• books on cryptography and computer security, as well as hundreds of .

• As you will see below, we believe that the FBI's original security advice was correct. Leaving unneeded and potentially vulnerable Internet services running makes no sense. ...
• On Thursday, December 20, 2001 Microsoft revealed that the hackers at eEye had discovered multiple critical security flaws in all versions of Windows using Universal Plug and Play: .
• com/technet/security/bulletin/MS01-059. ...
• Translating eEye's and Microsoft's statements into consequences, this means that without the security update patch, and with the Universal Plug and Play (UPnP) system in its default "enabled" state, any of the many millions of Internet-connected UPnP-equipped Windows systems could be remotely commandeered and forced to download and run any malicious code of a hacker's design. ...
• Exploits for the previous UPnP vulnerability are now floating around the Internet. ...
• Published exploit code like this forms the raw material for tomorrow's high-performance Internet worms. ...
• 21 — The FBI's top cyber-security unit warned consumers and corporations Friday night to take new steps beyond those recommended by Microsoft Corp. ...
• The Register — "Feds grill MS on Windows security" .
• The Register — "MS warns of severe universal plug & play security hole" .
• Neohapsis Archives — " Previous security vulnerabilities in UPnP service" .
• Microsoft's Response Page — "Microsoft Security Bulletin MS01-054" .
• Bruce Schneier of Counterpane Internet Security literally wrote the book on cryptography and security. Bruce's January 2002 newsletter discusses the Windows UPnP Vulnerability, Microsoft's misleading statements about this problem, and their recent security policy changes. You should read Bruce's commentary.
• BBspot — "Gates Announces Security Death Squads" .

• The standard reference on the Domain Name Service and Berkeley Internet Name Daemon.
• Ross Anderson, Security Engineering - a Guide to Building Dependable Distributed Systems .
• Easily the best book for the security professional I have seen. ...
• This is quite readable, but Schneier's Secrets and Lies might be an easier introduction.
• David Bander, Linux Security Toolkit .
• Chapman, Zwicky & Russell, Building Internet Firewalls .
• O'Reilly 1995 ISBN 1-56592-124-0 Cheswick and Bellovin Firewalls and Internet Security: Repelling the Wily Hacker .
• A fine book on firewalls in particular and security in general from two of AT&T's system adminstrators.
• Doraswamy and Harkins IP Sec: The New Security Standard for the Internet, Intranets and Virtual Private Networks .
• SATAN is a Security Administrator's Tool for Analysing Networks. ...
• Garfinkel and Spafford Practical Unix Security .
• Spafford's web page has an excellent collection of crypto and security links.
• David Kahn The Codebreakers: the Comprehensive History of Secret Communications from Ancient Times to the Internet .
• Read Schneier before tackling this.
• It naturally has much to say about the Internet, but also covers UUCP, Fidonet and so on.
• Bruce Schneier Applied Cryptography, Second Edition .

• Bruce Schneier,.
• Counterpane Internet Security Inc.
• Nonetheless, AOL's action worries some security experts who were told about it by The Associated Press. ...
• but you sort of feel dirty after you hear it," said Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. ...
• AOL — along with other Internet service providers and makers of security firewall products — responded by closing many of the Internet ports used, but closing all could disrupt other applications. ...
• Lawrence Baldwin, president of the security Web site myNetWatchman. com, said that while AOL should be lauded for taking responsibility for ensuring computer security, "I certainly wouldn't want my ISP (Internet service provider) messing with my system. ...
• Russ Cooper, a security expert with TruSecure Corp. ...
• "I hope more and more providers do this type of proactive security," he said, "and that we don't condemn them for things we wish everybody would do for themselves. ...
• • 4 New Microsoft Security Patches.
• Facts on viruses and other computer menaces, security tips and a timeline of virus attacks.

• Securing Windows NT/2000 Servers for the Internet.
• Windows NT/2000 Security.
• Internet Threats .
• Building a Secure Site on the Internet .
• Cryptography Basics The use of Windows systems as Internet servers presents security challenges. In contrast to most internal systems, systems connected to the Internet are directly exposed to security attacks from both unsophisticated and highly skilled attackers. ... Securing the Windows NT or the Windows 2000 operating system for Internet use is a complex task. ...
• Secure or "harden" any Windows server that will be exposed to potential attacks from the Internet so it is as secure as it possibly can be. ...
• Provide extra security protection for such exposed systems by installing an additional network -- typically known as a perimeter network -- that separates the outside network (usually the Internet) from your organization's internal networks. ...
• Before I present the step-by-step security details, this chapter sets the scene by describing briefly the security threats your system will face, the architecture of the Windows NT and Windows 2000 operating systems, and the recommended placement of Windows servers on your perimeter network.
• Internet Threats.
• An Internet server faces many different kinds of threats. ...
• The number of security incidents reported to the Computer Emergency Response Team Coordination Center (CERT-CC) 4 has grown at an alarming rate in recent years. ... ) The real security picture is far worse than these statistics show; it's safe to assume that only a small number of all incidents are reported to CERT-CC.
• If you already have a presence on the Internet, you probably know that attempts are made to compromise your site's security mechanisms every day. ... Would you feel comfortable shopping there again? Would you use an Internet bank that was successfully attacked last year? I wouldn't.

• Jelly babies dupe fingerprint security.
• You too can create fingerprint forgeries in your kitchen, says a Japanese researcher who uses household items to fool biometric security devices.
• According to the security newsletter Crypto-Gram, Tsutomu Matsumoto from Yokohama National University has evolved a technique that takes casts from fingers and builds fake digits from gelatin -- the stuff of jelly babies. ...
• Matsumoto also points out that if challenged by a security guard, you can eat the evidence. ...
• Bruce Schneier, editor of Crypto-Gram, points out that Matsumoto is not a professional faker but a mathematician and conducted his experiments in what was in effect a kitchen environment. ...
• For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section. ...
• Go to the Security forum. ...
• Enjoy this article? Don't miss any of ZDNet’s great security content. Security Update gives you comprehensive business intelligence about a variety of security issues delivered straight to your inbox. ...

• BRUCE SCHNEIER.
• ist international renommierter IT-Sicherheitsexperte, bekannter Buchautor und Gründer von Counterpane Internet Security, Inc.
• Insgesamt hat Schneier sechs Bücher geschrieben, die in verschiedenen Sprachen erschienen sind. Seine beiden bekanntesten Bücher sind „Secrets & Lies: Digital Security in a Networked World“ und „Applied Cryptography“, welches nun in der zweiten Auflage erschienen ist.
• Schneier entwickelte den populären Blowfish-Verschlüsselungs-Algorithmus und war mit Twofish Finalist für den Federal Advanced Encryption Standard (AES).
• Jaya Baloo (CCNP, CISSP) arbeitet seit 5 Jahren im Bereich IT-Security. ...
• Der legendäre Hacker Captain Crunch ist einer der bestbekannten Hacker im digitalen „Untergrund“ und besitzt mittlerweile über 30 Jahre Erfahrung im Bereich der Programmierung und der Security.
• Fyodor ist Autor des beliebten Nmap Security Scanners, der von Linux Journal, Info World und Codetalker Digest als Security Tool des Jahres ausgezeichnet wurde. Außerdem betreibt er die Security-Website Insecure. ...
• Als Netzwerkspezialist und Security Analyst liegt der Schwerpunkt seiner Aufgaben in der Netzwerksicherheit und im Bereich Computer Network Operations.
• Mitgründer und Chief Technology Officer von Application Security, Inc. ...
• Er ist einer der weltweit bekanntesten Sicherheitsexperten für Datenbanken und Co-Autor des „Oracle Security Handbooks“. Er hält weltweit Vorträge bei verschiedenen Organisationen zum Thema „Application Security“ und schreibt regelmäßig Whitepapers.
• Die Firma entwickelte sowohl Intrusion Detection als auch Security-Assessment-Lösungen für Windows NT.
• Dort war er CEO und CTO und wickelte 1998 die Akquisition von DbSecure durch die Firma Internet-Sicherheit Systeme (ISS) ab. ...
• Heute ist er Chief Technology Officer von Application Security, Inc. ...

• Digital Security in a Networked World.
• We continue our ongoing series of security-related features with a review of this best-selling book written by a security professional for the non-technical reader.
• Digital Security in a Networked World .
• by Bruce Schneier.
• Respected cryptographer and security consultant Bruce Schneier revisits his earlier thinking from his previous book -- Applied Cryptography -- and declares himself wrong. ...
• He explains that the cryptography-based digital utopia he envisioned in his previous book cannot exist because cryptography -- the art and science of encoding and decoding information -- is neither a panacea nor an alternative for security. ...
• Security, he explains, is a process. ... Schneier proceeds to enumerate and illuminate the technologies and issues surrounding network security as he has encountered them in his consulting business. ...
• The book is written in a conversational style so it is accessible to the layperson, and so Schneier's message reaches the widest possible audience, from the business executive to the average office clerk. ...
• However, Schneier's writing has a tendency to shift between plain language and "geekspeak", occasionally leaving non-technical users at a loss. ...
• The impression that the reader is left with is that Schneier is trying to demonstrate how intelligent he is by using obscure words. The result is that the reader must stop reading the book to search a dictionary in order to understand Schneier's arguments. ...
• In direct contrast to his lapses into academic writing, Schneier makes liberal use of references to American popular culture while illustrating his arguments. ... Who would guess that baseball personality Yogi Berra, Batman comic books, author Stephen King, and movies such as Star Wars and Raiders of the Lost Ark could be used as examples and metaphors to explain digital security? .
• A particularly annoying quirk of the book is Schneier's tendency to reference material from later chapters to explain a concept, then ask readers to ignore the reference until they have a chance to read and understand those later chapters. ...
• Security is a complex and dynamic set of interacting systems.

• When is the best time to plan your computing infrastructure? If you plan on winning the race, you can't put off thinking about security and resilience until the last furlong. ...

• NOSes Outsourcing Routers/Switches Security Service Providers Small/Med. ...
• Security / From product to process: Bruce Schneier's take on security.
• Kabay Network World Security Newsletter, 09/11/00.
• Bruce Schneier is one of the intellectual giants of our field. Author of several books, including the much-translated and appreciated Applied Cryptography, Schneier has written many insightful articles on fundamental aspects of information security.
• In particular, his free "CRYPTO-GRAM" newsletter, published monthly by his company, Counterpane Internet Security, is always worth reading. ...
• In the May edition, "CRYPTOGRAM" included the article, "Computer Security: Will We Ever Learn?" Schneier opens with his oft-quoted dictum, "Security is a process, not a product. " (A corollary is "Security is a process, not a state. ...
• He explains that the lack of legal liability for incompetent software engineering lets manufacturers take the easy route of producing bad-quality security software. "Real security is harder, slower, and more expensive to design and to implement. Since the buying public has no way to differentiate real security from bad security, the way to win in this marketplace is to design software that is as insecure as you can possibly get away with. ...
• I think there have been efforts in the right direction to improve security products. ...
• Schneier recommends that everyone concerned with security keep track of known vulnerabilities using alert services and network vulnerability scanners. ... Watching it all is vital for security, because an attack that bypassed one product might be picked up by another. ...
• In a white paper, "Managed Security Monitoring", Schneier explains the results of his thinking: His company's focus on continuous monitoring of client security data as the heart of his company's business. ...
• This is a marketing document that provides sound information and sound reasoning and therefore makes Schneier and his colleagues look good. ...

• • CNN/Money: Microsoft sued for security faults  • Business 2. ... 0: Why Microsoft's security needs a patch  • Business 2. ...
• -- Bruce Schneier, Counterpane Internet Security Inc. ...
• Computer Security.
• WASHINGTON (AP) -- Stung by criticism over lax software security, Microsoft Corp. ...
• The changes were designed to improve security even for customers who fail to diligently apply the dozens of repairing software "patches" Microsoft offers each year. ...
• For example, even computer users who did not install a protective patch for the "Blaster" virus this summer would have been protected if they had known to turn on Windows' built-in firewall, said Mike Nash, a vice president for Microsoft's security business unit. ...
• "Microsoft treats security problems like public-relations problems," said Bruce Schneier, the chief technology officer for Counterpane Internet Security Inc. ...
• • Microsoft releases patches for security flaws.

• Security.
• Home > Browse Topics > Security.
• Whitfield Diffie, Jim Bidzos and Bruce Schneier .
• Computerworld Executive Bulletin: - Security: 'Our Hottest Security Tips' -Get this $49. ...
• SEPTEMBER 30, 2002 (COMPUTERWORLD) - Twenty years before the Internet would create a need for it, a public-key cryptographic standard was discovered and patented by Whitfield Diffie, along with another student and a professor at Stanford University. ...
• That standard was RSA, discovered by three MIT researchers, and that visionary was Jim Bidzos, who kept RSA Data Security Inc. ...
• Both algorithms are bundled in browser security and just about every network protocol in existence, says Dorothy Denning, a professor of computer science at Georgetown University who has written extensively about both standards. ...
• In her many writings on information security, Denning has also often quoted a third cryptographer, Bruce Schneier, who hails from a background of cryptographic management for the military and whose seminal 1993 book, Applied Cryptography (John Wiley & Sons), has brought cryptographic concepts to the mainstream. ...
• Claim to fame: Co-discoverer of public key cryptography, now an Internet standard called Diffie-Hellman. ...
• What he's doing now: Chief security officer at Sun Microsystems Inc. ...
• Internet freedom and privacy through cryptography are his personal vision. ... A lot of it is due to the sheer force of his personality," says fellow cryptographer Bruce Schneier. ...
• Claim to fame: Took a leadership position at RSA Security Inc. ...
• What he's doing now: Semiretired, he flies small planes and hosts the largest San Francisco Bay-area security conference on record, the RSA Security Conference, at the beginning of each year. ...
• He saw gold in public-key cryptography long before Arpanet became the Internet. So in 1983, he took the reins of a start-up company called RSA, then kept it running on a shoestring budget for 12 years as he waited for the Internet to create the demand for cryptography. ...

• IP Bruce Schneier on Orange Alert in Salon.
• Subject: IP Bruce Schneier on Orange Alert in Salon .
• - - - - - - - - - - - - By Bruce Schneier.
• 9, 2004 | Security can fail in two different ways. ... But security can also fail to work correctly when there's no attack: a burglar alarm that goes off even if no one is there.
• Security involves a tradeoff: a balance of the costs and benefits. ... But repeatedly sounding false alarms entails security problems, too. ... Like the boy who cried wolf, everyone from airport security officials to foreign governments will stop taking these warnings seriously. ...
• We may have more data, but we arguably have a worse security system.
• Relying on computers to sift through enormous amounts of data, and investigators to act on every alarm the computers sound, is a bad security tradeoff. ...
• About the writer Bruce Schneier is the CTO of Counterpane Internet Security, Inc. His latest book is "Beyond Fear: Thinking Sensibly About Security in an Uncertain World," and he publishes the monthly security newsletter Crypto-Gram.
• Bankston Attorney, Equal Justice Works / Bruce J. ...
• IP Bruce Schneier on Orange Alert in Salon, Dave Farber .

• Bruce Schneier asks why a report into the big August blackout overlooks MSBlast as a culprit. | December 9, 2003, 12:00 PM PT | Bruce Schneier "> .
• New E-mail alerts! Sign up now! 0 Special Reports   Newsmakers   Perspectives   Strategy & Insight   Internet worms and critical infrastructure.
• December 9, 2003, 12:00 PM PT By Bruce Schneier -->         Did MSBlast cause the Aug. ...
• The closest I could find is this paragraph, on page 99: "Although there were a number of worms and viruses impacting the Internet and Internet connected systems and networks in North America before and during the outage, the SWG's preliminary analysis provides no indication that worm/virus activity had a significant effect on the power generation and delivery systems. ...
• The primary and backup computers that hosted the alarm systems failed at the same time MSBlast was attacking Windows computers on the Internet. What operating system were the alarm computers running? Were they on the Internet? These are interesting questions worth knowing the answers to. ...
• Bruce Schneier is one of the world's foremost security experts. His latest book, "Beyond Fear: Thinking Sensibly About Security in an Uncertain World," has just been published. ...

• Battle Zone: An Interview With Bruce Schneier.
• Bruce Schneier wrote The Book on applied cryptography literally. Now he's throwing his hat into the managed security services .
• Q: Your new enterprise focuses broadly on computer security, not just cryptography. ...
• What does security mean in your home? Does it mean no one can break in? Does it mean no one can ever come in? Does it mean that you know the name of everyone who comes in? There's no single definition of security.
• Isn't it particularly difficult to define security during times of radical change? Didn't people once share a single context to a greater extent?.
• What a king meant and what a peasant meant by security were always different. ...
• You have to look at security in the context of the entire system. ...
• Cryptography is a strong link and you can make it stronger, but so what? In terms of the security of the system, it doesn't matter. ...
• The cornerstone of your enterprise is MSN (Managed Security Monitoring Service), which is a capacity for a real-time response at every level of attack. ...
• A lot of information security products are computer products, but they're trying to fight or defend against a person at the other end. ...
• Yes, we're basically a security-guard type of organization, and we're treating it like a security clearance. ...
• Nobody has visibility across the entire Internet. ...
• The worst security product is the one that isn't used. ...
• Your exploration of network security has led you toward more holistic solutions, resulting in the mantra: 'Security is a process, not a product. ...
• I am finding that security, though, has almost nothing to do with mathematics. ...

• See all headlines from this week Take 2 for PC memory Google plans trademark gambit Apple investigating complaints of iPod static Microsoft warns of a score of security holes Intel's latest P4 chip hard to get, PC makers say EarthLink honeymoon ends for some Microsoft: Not enough XPerienced PCs Happy spamiversary Microsoft reins in Longhorn for 2006 launch Sun plots Java comeback   Bookworm turned Internet empire.
• Is the hassle of an operating system upgrade worth the benefit, including enhanced security? Enterprise security Minding security.
• ICSA Labs' Bruce Hughes says companies that keep doing the same old thing can't complain about security breaches. Enterprise security Artificial immune system.
• Sana Security founder Steven Hofmeyr says parallels between computer security and human immunology may spell trouble. Enterprise security .

• Home > Security > News > Security Guru Unmoved by Gates' RSA Remarks .
• Security Guru Unmoved by Gates' RSA Remarks .
• SAN FRANCISCO—Bruce Schneier is one cryptographer who is about as good with a phrase as he is with numbers, especially when talking or writing about the state of security in the world today. ...
• Schneier, who's founder and chief technology officer of Counterpane Internet Security Inc. , a security services provider, is the author of several books, the last two of which—"Beyond Fear" and "Secrets and Lies"—attempted to put security in perspective for the masses. ...
• Tuesday at the RSA Conference here, Schneier took part in a cryptographer panel earlier in the day, but his own popularity was in evidence as he later filled a large theater at the Metreon to, as he said, discuss what's new in security since the publication of "Beyond Fear" last fall. ...
• To find out what Gates said in his keynote, read "Gates Unleashes Security Initiatives at RSA. ...
• "Was it just me or was he just not excited? I expected more excitement," Schneier said. ... But until he gets animated about security you know he's not going to solve the problem. ...
• Schneier's audience clearly shared his feelings about the Microsoft executive's remarks. ...
• "Security is not as exciting as the next cool thing in Windows," Schneier said. ...
• "It's a big boat to turn around," Schneier said about Microsoft's security initiatives, such as Trustworthy Computing. ... Security should be his bottom line. ...
• Next page: Schneier advises: Get involved.
• 3/10 - Information Security Peace of Mind: Managed Security Services with Michael Krieger. ...
• 3/15 - Achieving Security Compliance For Mobile Users with Frank Derfler. ...

• Two new security bugs reported; PGP (serious one), Internet Explorer said to be.
• By Don Clark THE WALL STREET JOURNAL --snip-- The researchers, Bruce Schneier of Counterpane Internet Security Inc. ... Schneier said. ... --snip-- Separately, programmer Mike Benham said a bug in Internet Explorer can allow an unscrupulous Web-site operator to masquerade as the operator of other sites. ...
• "Two new security bugs reported; PGP (serious one), Internet Explorer said to be" | Create an account | 0 Comments.

• The problems observed in the November 2000 election accelerated existing trends to get rid of lever machines, punch-cards, and hand-counted paper ballots and replace them with mark-sense balloting, Internet, and automatic teller machine (ATM) kiosk-style computer-based systems see table . ...
• Trade secrecy, usability, privacy, security, and other inherent computer issues result in a dangerous "trust us" mentality on the part of manufacturers .
• Such problems plague all electronic voting products, whether kiosk systems, where voters go to a polling station, or Internet-based, where voters can submit a ballot from their homes, offices, or any site connected to the global network. ...
• Internet voting is further flawed because authentication of the voter must be performed by the same system that records the ballots, and this compounds the auditability and privacy problems. ...
• To quote cryptographer Bruce Schneier, founder of Counterpane Internet Security Inc. ... ): "A secure Internet voting system is theoretically possible, but it would be the first secure networked application ever created in the history of computers. ...
• These systems will have different requirements for security and auditability, depending upon their use. Web-based shareholder balloting has grown in popularity despite fears of computer security experts. ... ), is one expert who for years has warned that "the Internet is not safe for elections, due to its vast potential for disruption by viruses, denial-of-service flooding, spoofing, and other commonplace malicious interventions. ...
• The difficulties with Internet security are insurmountable, yet government officials have announced online voting initiatives in many countries, including France, Germany, Australia, and Estonia. In the United States, Internet voting was used in the Alaska and Arizona primaries in 2000, and some military personnel tested an experimental product later that year. The lure of increased voter participation seems to be the primary motivation for deploying Internet voting systems, although actual elections have demonstrated that such improvement may be relatively insignificant. ...
• But reliance on this type of so-called fail-safe system design is risky, as Counterpane's Bruce Schneier has noted: "Computerized voting machines, whether they have keyboard and screen or a touch-screen ATM-like interface, could easily make things worse. ...
• The combination of the lack of standards, legislative loopholes, trade secrecy, usability problems, privacy, security, and other inherent computer issues results in a dangerous "trust-us" mentality. ...
• Those designing and those buying election systems must be aware of their inherent limitations, mindful of the sometimes conflicting needs for privacy, auditability, and security in the election process, and willing to seek out-of-the-(ballot)-box solutions. ...

• CALOYANNIDES, Mitretek Systems THE RISE OF THE SO-CALLED INFORMATION ECONOMY, borne along by proliferating computers, sprawling telecommunications, and the Internet, has radically transformed how people do business, govern, entertain themselves, and converse with friends and family. ... Mounting concern over the new threats to privacy and security has led to widespread adoption of cryptography. ...
• Whenever a computer is connected to a network, be that a corporate intranet or the Internet, then unless proper precautions are taken, the data residing in the machine can be accessed and otherwise modified by another knowledgeable user. ... The key is a randomly selected string of numbers; generally speaking, the longer the string, the stronger the security. ...
• ; RC6, by RSA Laboratories and Ronald Rivest of the Massachusetts Institute of Technology; Rijndael, by two Belgians, Joan Daemen and Vincent Rijmen; Serpent, by Ross Anderson, Eli Biham, and Lars Knudsen, of the UK, Israel, and Norway, respectively; and Twofish, by Bruce Schneier, of Counterpane Internet Security, Inc. ... Repeated use of the same key creates its own security weakness. ...
• It is used, for example, when sending credit card information to an on-line vendor or when sending e-mail using the standard S/MIME protocol and a security certificate, which can be obtained from on-line commercial vendors or created locally using special software. ... Its security derives from the difficulty of factoring large prime integers. ... Its security rests on the difficulty of computing discrete logarithms in a finite field generated by a large prime number, which is regarded as even harder than factoring large numbers into their prime-number components. ... After one of his colleagues posted PGP on the Internet, the Department of Justice launched an investigation of Zimmermann, for possible violation of U. ... , although freeware versions continue to be available from the Internet. ...
• The proliferation of encryption has coincided with the explosive growth of the Internet. ... In essence, the simultaneous spread of encryption and the Internet has amounted to a transfer of power to the individual. ... In January the government began requiring any company doing business in China to disclose the types of Internet encryption software it uses, as well as the names of employees who use it. ...
• Who can prove that an innocuous-sounding e-mail message reporting "The temperature in the garage was 75 degrees" really means "Meet me behind Joe's garage on July 5"? Or again, out of hundreds of thousands of digitized images posted to a Usenet electronic bulletin board, who can detect the one image in particular, perhaps of an antique car, that contains a secret message intended for a specific person, who along with thousands of unsuspecting others will download that image to his or her computer? The very existence of the Internet has made it easy to circumvent bans. In most, though not all, countries, a sender can log onto any public computer connected to the Internet, such as those in public libraries or Internet cafes, and send encryption software anonymously to a recipient, who can also retrieve it anonymously. A would-be user of encryption software can anonymously download it from any of the thousands of Internet servers that openly provide a large collection of programs of this kind. ...

• The Futility of Digital Copy Prevention, by Bruce Schneier.
• Founder and CTO, Counterpane Internet Security, Inc.
• Music, videos, books on the Internet! Freely available to anyone without paying! The entertainment industry sees services like Napster as the death of its business, and it's using every technical and legal means possible to prevail against them. ...
• All entertainment media on the Internet (like everything else on the Internet) is just bits: ones and zeros. ... This is a natural law of the digital world, and makes copying on the Internet different from copying Rolex watches or Louis Vuitton luggage. ...
• For these purposes, three kinds of people inhabit the Internet: .
• Any security measure will work against the average users, who are at the mercy of their software. ...
• The entertainment industry is trying to turn your computer into an Internet Entertainment Console, where they, not you, have control over your hardware and software. ...
• The entertainment industry is now trying to pin liability on Internet service providers. ...
• "The Futility of Digital Copy Prevention," Crypto-Gram, May 2001 -- a free monthly newsletter providing summaries, analyses, insights, and commentaries on computer security and cryptography.
• "Security Systems Standards and Certification Act (SSSCA)," Crypto-Gram, October 2001.
• PDF Security Secure & lock collections.

• IT Management: Security.
• Computer Weekly asked five of the world's leading IT security experts from business and academia to identify what they consider to be the biggest threat to IT security over the coming 12 months. ...
• Bruce Schneier, chief technology officer at Counterpane Internet Security and author of Applied Cryptography and Secrets and Lies.
• In computer security, the older attacks never go away and the newer ones just get worse, writes Bruce Schneier, chief technology officer of Counterpane Internet Security. The most serious problem in computer security is not the newest attack, but the ever-increasing tsunami of all the old attacks that continue to do damage.
• They were first talked about as early as the 1960s and were known by the security literati even earlier than that. ... In 1988, the Morris worm dropped 10% of the hosts on the Internet with a buffer overflow attack.
• Most attacks on the Internet are buffer overflows, even though there are automatic programs being developed which will find and fix them.
• Today, millions of credit card numbers are stolen via the Internet, but it's not news any more.
• Back Orifice was going to be the death of the Internet. ... They're as old as the Internet. ... Today, there are thousands of DoS attacks on the Internet every week.
• Last year you had to be a self-directed, self-infecting, self-modifying Internet worm to make the news. ...
• We can't get software companies to reliably produce security patches that work without breaking other things. ...
• Ross Anderson, head of information security research at Cambridge University's Computer Laboratory.
• When considering your IT security budget, don't believe the hype. So says Ross Anderson, head of information security research at Cambridge University's Computer Laboratory. Anderson, who last year published a book on security engineering, believes many companies spend too much on over-hyped security technology, but fail to focus on important areas such as adequate internal controls.

Do you have a great site about Bruce Schneier And Internet Security? Is your Bruce Schneier And Internet Security site listed here? Would you like a prefered placement of your site in this directory?

It's easy! First place, the HTML from the box below on your page that you would like listed in this directory.

Then use our link submission request with your name, your contact information, and the URL of your site that has a link to this directory. After we verify your link to us, we'll make sure your site stays in our directory, and we'll give it prefered placement here also.

Here is how to make a simple text link to us. Just copy the code in this box to your website:

We can also develop a custom Guide To The Internet for your site. Please request your own custom Guide To The Internet.