Practical Cryptography Privacy Handbook : Proven Countermeasures for Combating Threats to Privacy, Security, and Personal Freedom The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance Strategies for Web Hosting and Managed Services Cryptography for Visual Basic(r) : A Programmer's Guide to the Microsoft(r) CryptoAPI Al Jazeera: How the Free Arab News Network Scooped the World and Changed the Middle East Secrets and Lies : Digital Security in a Networked World Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition Security in Information Systems : A Guide for Business and Accounting

• COUNTERPANE INTERNET SECURITY, INC.
• Counterpane Internet Security, Inc. ... It was founded by security technologist and author Bruce Schneier and seasoned security entrepreneur Tom Rowley in order to address the critical need for increased levels of security services for business and e-commerce. Centered around a network of sophisticated Secure Operations Centers staffed by expert security analysts, the Company provides 24x7 security monitoring, as well as penetration detection, prevention, and response. ...
• Bruce Schneier and Tom Rowley believe that the real problem in computer security is no longer technology, but how to use the technology. ... As Schneier states, "Security is a process, not a product. " Based on their strong informed vision of where the security industry needs to head, they founded Counterpane Internet Security, Inc. Funded by Accel Partners and Bessemer Ventures, Rowley and Schneier assembled world-class technical and business management teams to carry out the Company's initiative. ...
• Managed Security Monitoring .
• Counterpane is the first entrant into the security service category named Managed Security Monitoring by industry analysts. Unlike existing network security products and traditional Managed Security Service (MSS) providers, Counterpane offers around-the-clock human interface by highly trained and bonded security analysts, who provides constant monitoring of the entire network, attack prediction and proactive protection, immediate response to intrusions, and accurate, frequent reporting. ...
• View Jobs for Counterpane Internet Security .

• av: Niels Ferguson, Bruce Schneier .
• Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies. ...
• Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. ...
• Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).

• Bruce Schneier.
• Home Books Beyond Fear Secrets & Lies Other Books Essays and Other Writings In the News Speaking Schedule Password Safe Crypto-Gram Newsletter Subscribe Current Issue Back Issues Cryptography and Computer Security Resources Contact Information .
• Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," Schneier is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier. ...
• His first bestseller, Applied Cryptography, explained how the arcane science of secret codes actually works, and was described by Wired as "the book the National Security Agency wanted never to be published. " His book on computer and network security, Secrets and Lies, was called by Fortune " a jewel box of little surprises you can actually use. " His current book, Beyond Fear, tackles the problems of security from the small to the large: personal safety, crime, corporate security, national security. ...
• Counterpane Internet Security, Inc. , the world's leader in Managed Security Monitoring. ...
• Schneier also publishes a free monthly newsletter, Crypto-Gram, with over 100,000 readers. In its seven years of regular publication, Crypto-Gram has become one of the most widely read forums for free-wheeling discussions, pointed critiques, and serious debate about security. As head curmudgeon at the table, Schneier explains, debunks, and draws lessons from security stories that make the news. Regularly quoted in the media, Schneier has written op ed pieces for several major newspapers, and has testified on security before the United States Congress on many occasions. ...
• Bruce Schneier is the founder and CTO of Counterpane Internet Security, Inc. , the premier provider of Managed Security Monitoring services in the world. ...

• Bruce Schneier is a computer security guru. ...
• Schneier runs a company called Counterpane Internet Security, Inc. ...
• Crypto-Gram is a free monthly email newsletter on computer security and cryptography published by Bruce Schneier. ...
• Schneier sometimes posts to news:comp. ...

• Sys-Security. com is a web site dedicated to computer security research. ...
• Secrets and Lies : Digital Security in a Networked World.
• by Bruce Schneier.
• Whom can you trust? Try Bruce Schneier, whose rare gift for common sense makes his book Secrets and Lies: Digital Security in a Networked World both enlightening and practical. He's worked in cryptography and electronic security for years, and has reached the depressing conclusion that even the loveliest code and toughest hardware still will yield to attackers who exploit human weaknesses in the users. The book is neatly divided into three parts, covering the turn-of-the-century landscape of systems and threats, the technologies used to protect and intercept data, and strategies for proper implementation of security systems. Moving away from blind faith in prevention, Schneier advocates swift detection and response to an attack, while maintaining firewalls and other gateways to keep out the amateurs. ...
• The Information Systems Security Officer's Guide : Establishing and Managing an Information Protection Program .
• Total systems approach; Straightforward, easy-to-read, non-technical writing The information systems security (infosec) profession is one of the fastest growing professions today, which has caused an ever-increasing need and demand for training of security professionals. With the advent of email and the Internet and their wide uses as methods of conducting business, a growing amount of emphasis is being placed on infosec. ...
• Intranet Security : Stories from the Trenches.
• With information flowing freely in and from all directions and electronic commerce knocking down new doors, network security has come to include a lot more than just using a good firewall to connect to the Internet. ...
• I've spent a lot of time auditing security on distributed networks. ...
• Internet Security for Business .
• This book describes how to develop a complete and effective Internet security program. ... It addresses how to educate and train end-users to identify and respond to breach of security incidents. This book also describes how to assess risk; develop an Internet security policy; develop end-user awareness of problems and implement the right mix of preventive and detective measures. ...

• Leading cybercrime expert to launch new Internet security system.
• (AP) -- A leading cybercrime expert on Monday plans to launch a new Internet burglar alarm system that analysts say may raise the bar in the burgeoning and vital field of computer security. ...
•  Security consultant and author Bruce Schneier's Counterpane Internet Security Inc. ... , to scrutinize activity logs from customers' Internet sites. ...
•  If the analysts notice something fishy -- a potential hacking attempt, for example -- they alert the customer and help them plug the security breach. ...
•  It's a field expected to explode as major corporations' Internet sites become a crucial part of their business. ...
•  "Computer security without monitoring is kind of like having a car alarm go off in the inner city," Schneier said. ...
•  The system, which costs $12,000 a month, differs from traditional Internet security systems that are usually built and staffed in-house either by company employees or consultants. ...
•  "Counterpane is kicking off the next big trend in security outsourcing," said Steve Hunt, a security analyst at Giga Information Group. ...
•  Internet security industry leader Computer Associates International Inc. ...
•  Simon Perry, security business manager at Computer Associates, said they're not concerned about competition from Counterpane or similar systems that use human analysts at remote locations to watch for break-ins. ...
•  Sixty-two percent of businesses and government agencies reported unauthorized use of their computer systems last year in a survey by the FBI and San Francisco's Computer Security Institute. ...
• Those costs are expected to reach $17 billion by 2003, according to Internet analysts at Aberdeen Group in Boston, Mass. ...
•  Mark Kadrich, director of security for Conxion Corp. ...
• Though one advantage will be Schneier's name recognition, Pescatore said. ...
•  Schneier has written five books, including "Applied Cryptography," the seminal work in its field. ...

• -------------------------------------------------------------- Schneier: No "magic security dust" By Alorie Gilbert Special to ZDNet December 2, 2002, 7:14 AM PT URL: http://zdnet. ... html Tech entrepreneur Bruce Schneier is one of America's best-known computer security experts. His testimony before Congress helped defeat legal restrictions on cryptography sought by the FBI and the National Security Agency when an appellate court ruled in 1999 that crypto algorithms were a form of speech covered by the First Amendment. ...
• Schneier co-founded security services company Counterpane Internet Security where he serves as chief technologist. Arguing that constant vigilance not technology is the best defense against computer break-ins, Schneier believes security breaches are nonetheless fated to increase as networking systems become more complex.
• What's going to be different about the state of Internet and network security three years from now? I think we're finally past the era where people believe in magic security dust, that all they need to do is buy the right set of products and their network will be imbued with the property of "secure. " Security is a process. ...
• Will security breaches become fewer or more frequent? They will increase. As more of our infrastructure moves online, as more things that someone might want to access or steal move online, there will be more security breaches. As our networking systems become more complex, there will be more security breaches. As our computers get more powerful and more useful, there will be more security breaches. Everything about computer networks points to more security breaches in the future.
• Will security firms come up with the secret weapon that turns the tables on cyberintruders, thus banishing illegal hacks to memory? If only it were possible. ...
• In the absence of such measures, are we headed for a devastating attack on the Internet or other computer networks in the near future? By devastating, I mean one that wreaks havoc, such as the shutdown of airports or businesses. ...
• Why should people be worried about Internet security? Because their privacy and financial security may be compromised. Terrorism is so rare in the United States, so why should people be worried about home security? There are lots of other attackers. ...

• The Key Role of Security in e-commerce.
• Bruce Schneier, Counterpane Internet Security Inc, USA.
• Digital Security: Security is an enabling technology of the Internet. ... Security turns the Internet into a serious tool for both business and personal uses. The limits of security are the limits of the Internet. ...
• Security has been failing us, again and again, faster and faster. ...

• RFC 1135 - The Helminthiasis of the Internet kertoo vuoden 1988 "Internet-madosta", joka tunkeutui lyhyessä ajassa tuhansiin tietokoneisiin ja sai aikaan niiden tukkeutumisen. ...
• RFC 1281 - Guidelines for the Secure Operation of the Internet antaa ohjeita Internetin turvalliseen käyttöön. ...
• RFC 1636 - Report of IAB Workshop on Security in the Internet Architecture, February 8-10, 1994 on raportti IAB:n (Internet Architecture Board) workshopista, jossa käsiteltiin myös tietoturvaa sivuavia aiheita, mm. ...
• RFC 1704 - On Internet Authentication käsittelee autentikointimenetelmiä. ...
• RFC 2196 - Site Security Handbook on käsikirja tietoturvasta vastaavalle henkilölle. ...
• RFC 2316 (päivitys) - Report of the IAB Security Architecture Workshop. ...
• RFC 2504 - Users' Security Handbook. ...
• RFC 2828 - Internet Security Glossary. ...
• RFC 3013 - Recommended Internet Service Provider Security Services and Procedures. ...
• IT Security Cookbook (Sean Boran) .
• Practical UNIX and Internet Security (Simson Garfinkel & Gene Spafford) .
• Computer Security Basics (Deborah Russell & G. ...
• Java Security (Scott Oaks) .
• Intrusion Detection: Network Security Beyond the Firewall (Terry Escamilla) .
• Secrets & Lies (Bruce Schneier) .
• Building Internet Firewalls (D. ...

•      internet/intranet.
•      security.
• Niels Ferguson (Counterpane Internet Security, Amsterdam, Netherlands); Bruce Schneier (Counterpane Internet Security, Minneapolis, Minnesota).
• Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies.
• Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. ...
• Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).

• Security expert: Tighter measures needed.
• Bruce Schneier .
• WASHINGTON (CNN) -- A noted computer security expert told a Senate subcommittee Monday that the Internet is steadily becoming a more dangerous place, and traditional computer security measures simply don't work. ...
• Bruce Schneier, chief technical officer of Counterpane Internet Security Inc. ...
• These network predators regularly steal corporate assets and intellectual property, cause service breaks and system failures, sully corporate brands, and frighten customers," Schneier said in prepared remarks. ...
• He predicted that many companies will be forced by economic reality to make security more than just an afterthought in their business plan. He said "network security insurance" will soon be as much a necessity as fire and theft insurance. ...
• "What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical," Schneier testified. "Microsoft, and other companies with shoddy security, will start losing sales because companies don't want to pay the insurance premiums. ...
• In response to Schneier's comments, Microsoft spokesman Jim Desler told CNN that the idea of Internet security insurance is still evolving. ...
• And, he said, the company's process of responding to security vulnerabilities is "unmatched. ...
• Part of the complexity of all these security issues is the dramatic morphing of the Internet from a government and academic research tool into a multi-billion dollar commercial enterprise. ...
• "It was designed to be an open, borderless medium for communication and sharing information, and was not programmed with security features. ...
• Miller said it will not be an easy task to make security a priority in the corporate culture. ...
• "Whenever tradeoffs arise, the bias is toward speed, not safety and security. ...
• Miller said that's because worldwide, business-to-consumer e-commerce revenues will reach $96 billion this year, and business-to-business transactions on the Internet will reach $448 billion, according to Forrester Research. ...

• The World Wide Web Security FAQ.
• Internet Security Alerts.
• General Security for Web Servers.
• Web Security: A Step-by-Step Guide, by Lincoln Stein Addison-Wesley Longman, 1998. ...
• Web Security and Commerce, by Simson Garfinkle with Gene Spafford, O'Reilly & Associates, 1997. ...
• Web Security Sourcebook, by Aviel Rubin, Daniel Geer and Marcus Ranum, John Wiley and Sons, 1997. ...
• Managing Internet Information Systems, by Cricket Liu, Jerry Peek, Russ Jones, Bryan Buus, and Adrian Nye ( O'Reilly & Associates, Inc. ...
• Firewalls and Internet Security: Repelling the Wily Hacker, by William R. ...
• Building Internet Firewalls by D. ...
• Unix System Security.
• Unix System Security: A Guide for Users and System Administrators, by David Curry (Addison Wesley Longman). ...
• Practical Unix and Internet Security, by Simson Garfinkel and Gene Spafford (O'Reilly & Associates,Inc. ...
• Windows NT Security.
• Windows NT Security Guide, by Stephan Sutton, Addison Wesley Developers Press, 1997. ...
• The CGI Security FAQ.
• CGI security FAQ .

• Internet & Law.
• Security.
• Schneier, chief technology officer of Counterpane Internet Security, and inventor of the Blowfish algorithm, will argue in the next issue of his Crypro-Gram email newsletter that the Sklyarov case shows the DMCA is being used to restrict basic freedoms of speech.
• A copy of his essay, which will be published on August 15, was sent by Schneier to the Register in order to raise awareness about the ramification for security research raised by the case.
• Although Sklyarov was released earlier this week on bail of $50,000, the prosecution against him continues and Schneier's comments are interesting because they highlight some of the wider issues the case raises.
• One of the main points Schneier makes is that provisions in the DMCA that allow for security research "which I and others fought hard to have included" are being ignored in the Sklyarov case and others, such as the DeCSS case against 2600 Magazine.
• "What the DMCA has done is create a new controlled technology," Schneier argues. ...
• Sklyarov was engaged in legitimate security research, Schneier said, but for highlighting the poor security of eBook readers, and working for a firm that develops software that "circumvents these ineffectual security systems" he ended up in jail.
• Schneier recalls cases in the seventies when the government failed to get a restraining article preventing The Progressive publishing an article containing technical information on H-Bomb design.
• This seems to go a bit far but makes the point that freedom of speech is going out the window in this case, or as Schneier puts it: "Welcome to 21st Century America, where the profits of the major record labels, movie houses, and publishing companies are more important than First Amendment rights. ...
• Schneier compares the actions of the entertainment industry with the ill-fated attempt of the NSA to restrict access to encryption technology in the 1990s.
• Both the actions of the NSA of the use of the DMCA by the entertainment industry are prepared to resort to unconstitutional methods, Schneier argues.
• "The entertainment industry is fighting a holding action, and fear, uncertainty, and doubt are their weapons," Schneier writes, "The DMCA is unconstitutional, but they don't care. ...
• Sklyarov freed on Bail Adobe DMCA protests spread to UK Adobe Folds! Boycott Adobe campaign launches eBook security debunker arrested by Feds DoJ sticks its nose in 2600. com DeCSS appeal DeCSS arguments invoke free speech There's no going back after CPRM, warns Schneier.
• Oracle - A serious challenger to the Internet applications throne?.

• -- A leading cybercrime expert plans to launch today a new Internet burglar alarm system that analysts say may raise the bar in the burgeoning and vital field of computer security. ...
• -- A leading cybercrime expert plans to launch today a new Internet burglar alarm system that analysts say may raise the bar in the burgeoning and vital field of computer security.
• Security consultant and author Bruce Schneier's Counterpane Internet Security Inc. ... , to scrutinize activity logs from customers' Internet sites.
• If the analysts notice something fishy -- a potential hacking attempt, for example -- they alert the customer and help them plug the security breach.
• It is a field expected to explode as major corporations' Internet sites become a crucial part of their business.
• "Computer security without monitoring is kind of like having a car alarm go off in the inner city," Schneier said. ...
• The system, which costs $12,000 a month, differs from traditional Internet security systems that are usually built and staffed in-house either by company employees or consultants.
• "Counterpane is kicking off the next big trend in security outsourcing," said Steve Hunt, a security analyst at Giga Information Group.
• Internet security industry leader Computer Associates International Inc. ...
• Simon Perry, security business manager at Computer Associates, said they aren't concerned about competition from Counterpane or similar systems that use human analysts at remote locations to watch for break-ins.
• Sixty-two percent of businesses and government agencies reported unauthorized use of their computer systems last year in a survey by the FBI and San Francisco's Computer Security Institute. ...
• Those costs are expected to reach $17 billion by 2003, according to Internet analysts at Aberdeen Group in Boston, Mass.
• Mark Kadrich, director of security for Conxion Corp. ...
• Though one advantage will be Schneier's name recognition, Pescatore said.
• Schneier has written five books, including "Applied Cryptography," the seminal work in its field. ...

• Computers & Internet Book Review.
• AUTHOR: Niels Ferguson (Author), Bruce Schneier (Author).
• Book Store & Book Review > Computers & Internet > Computers & Internet .
• - Book Review, by Niels Ferguson (Author), Bruce Schneier (Author).
• Information Security Bulletin, July 2003.
• Two of the world’s top experts in cryptography teach you how to secure your digital future In today’s world, security is a top concern for businesses worldwide. ... Cryptography holds great promise as the technology to provide security in cyberspace. ... You’ll find discussions on: Practical rules for choosing and using cryptographic primitives, from block ciphers to digital signatures Implementing cryptographic algorithms and systems in a secure way on today’s computers A consistent design philosophy to ensure that every part of the system achieves the required security level Why security affects every part of the system, and why it has to be a primary goal of the project How simple interfaces for cryptographic primitives reduce system complexity and increase system security .
• He has extensive experience in the design and implementation of cryptographic algorithms, protocols, and large-scale security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI, and he worked closely with Bruce Schneier at Counterpane Internet Security. ... BRUCE SCHNEIER is founder and chief technical officer at Counterpane Internet Security, a managed-security monitoring company. A world-renowned scientist, security expert, and lecturer, he is the author of Secrets and Lies: Digital Security in a Networked World and Applied Cryptography (both from Wiley). ...
• Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies.
• Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. ...

• Abstract - Security Symposium - 2000 .
• Jonathan Katz, Columbia University; Bruce Schneier, Counterpane Internet Security, Inc. ...
• Several security protocols (PGP, PEM, MOSS, S/MIME, PKCS#7, CMS, etc. ... These protocols are widely used and trusted for private communication over the Internet. We point out a potentially serous security hole in these protocols: any encrypted e-mail can be decrypted using a one-message, adaptive chosen-ciphertext attack which exploits the structure of the block cipher chaining models used. ...

• Bruce Schneier: No "magic security dust".
• This is an interview with Bruce Schneier, one of America's best-known computer security experts and co-founder of Counterpane Internet Security. What's going to be different about the state of Internet and network security three years from now? I think we're finally past the era where people believe in magic security dust, that all they need to do is buy the right set of products and their network will be imbued with the property of "secure. " Security is a process. ... Will security breaches become fewer or more frequent? They will increase. As more of our infrastructure moves online, as more things that someone might want to access or steal move online, there will be more security breaches. As our networking systems become more complex, there will be more security breaches. As our computers get more powerful and more useful, there will be more security breaches. Everything about computer networks points to more security breaches in the future.
• + Microsoft Internet Explorer BMP File Memory Denial of Service Vulnerability.
• + Sanctum Hits Record Numbers in Q1 2004, Extending Lead in Application Security Market with 95 Percent Revenue Growth.

• Who's Who in Infosec: Bruce Schneier.
• Who's Who in Infosec is an ongoing series featuring profiles of security professionals and their contributions to the industry. ... com Trailblazer Leadership Award at Security Decisions 2003. ...
• Internationally-renowned security technologist and author Bruce Schneier is both a founder and the chief technical officer of Counterpane Internet Security, Inc. Counterpane provides managed security monitoring services to organizations world-wide.
• Schneier is responsible for maintaining Counterpane's technical lead in world-class information security technology and its practical and effective implementation. Schneier's security experience makes him uniquely qualified to shape the direction of the company's research endeavors, as well as to act as a spokesperson to the business community on security issues and solutions.
• Schneier is the author of six books, including Secrets & Lies: Digital Security in a Networked World. ... He has presented papers at many international conferences and he is a frequent writer, contributing editor and lecturer on the topics of cryptography, computer security and privacy.
• Schneier designed the popular Blowfish encryption algorithm, and Schneier's Twofish was a finalist for the new Federal Advanced Encryption Standard (AES). Schneier served on the board of directors of the International Association for Cryptologic Research, and is an Advisory Board member for the Electronic Privacy Information Center. ...
• Schneier holds an MS degree in computer science from American University and a BS degree in physics from the University of Rochester. ...
• Dire straits (April 2004 Information Security magazine) .
• Live editorial webcast: Best practices in software security (SearchSecurity. ...
• RFID not ready for primetime (Security Wire Perspectives) EXCLUSIVE! .
• E-voting company releases source code (Security Wire Perspectives) EXCLUSIVE! .

• Reliable Software Technologies Discovers Security Flaw in Netscape Navigator Defective Password Cryptography Identified .
• , December 15, 1999—Reliable Software Technologies (RST), the leading software assurance consulting vendor, today warned of a serious security flaw in the password encryption of Netscape Navigator's email system. In an eight-hour effort, RST's Software Security Group easily duplicated the algorithm used to scramble an individual's mail password, potentially exposing the password to any attacker.
• The lack of any real security in Windows95/98 makes exploiting this particular flaw in Netscape particularly easy. ...
• The importance of software security is thus growing exponentially," said Dr. Gary McGraw, Chief Technology Officer and head of the Software Security Group at RST. "Businesses think they can solve all of their security problems with firewalls and network perimeter security, but we have found that the biggest risks in today's distributed systems exist in custom software applications. Software security assurance requires real expertise, and must be designed into a system from day one. ...
• What makes this vulnerability particularly nasty is that people tend to use the same passwords over and over again," said Bruce Schneier, CTO of Counterpane Internet Security and author of the best-selling book Applied Cryptography. ... Software security is important. ...
• Tim Hollebeek and John Viega, members of RST's Software Security Group and Research Labs, did not reverse engineer Netscape's code or use automation to discover the flawed algorithm. ...
• With expertise in test optimization, security and metrics, RST helps corporations, independent software vendors and system integrators optimize time spent in development and test, dramatically accelerating time-to-market.

• Get the latest Internet news every day with the InternetWeek NewsBreak e-mail newsletter.
•   Security Pipeline.
• Opinion: Secure Knowledge > Is Disclosing Vulnerabilities A Security Risk In Itself? > November 19, 2001 --> .
• Is Disclosing Vulnerabilities A Security Risk In Itself?.
• By BRUCE SCHNEIER.
• We'd all be a lot safer if security experts and researchers would stop publishing details about security vulnerabilities, according to a recent essay by Scott Culp, manager of the security response center at Microsoft. Culp's argument that disclosing each security flaw that's discovered arms hackers with offensive tools makes some valid points, but I disagree with his overall claim that such disclosures are bad.
• A security vulnerability is typically the result of a programming mistake: either an out-and-out error like a buffer overflow, which should have been caught and prevented, or an opening introduced by a failure to understand the interactions in a complex piece of code.
• Each time Microsoft releases an operating system, it crows about how extensive the testing was and how secure the OS is; and every time, the OS contains more security vulnerabilities than the previous one. ...
• Vendors don't take security seriously because there's no market incentive for them to. ... When this happens, vendors will do more than pay lip service to security vulnerabilities; they'll fix them as quickly as possible. ...
• Microsoft's motives in promoting bug secrecy are obvious: It's a whole lot easier to squelch security information than it is to fix problems or design products securely in the first place. Microsoft's steady stream of public security vulnerabilities has led many people to question the security of future products. And with analysts such as Gartner advising people to abandon Microsoft IIS because of all its security holes, Microsoft knows it's better off giving customers less security information about its products.
• Disclosure doesn't create security vulnerabilities; programmers create them, and they remain until other programmers find and remove them. ...
• Bruce Schneier is chief technology officer at Counterpane Internet Security Inc. , a managed-security monitoring firm. He can be reached at schneier@counterpane. ...

• --> Bruce Schneier, "license to surf", and context Bruce Schneier did not propose there be a license to use a computer, he just responded tongue-in-cheek to a question about it. ...
• --> Infothought Seth Finkelstein's Infothought blog « 9/11 and the mathematics of terrorism screening | Main | Blogiversary » September 12, 2003 Bruce Schneier, "license to surf", and context.
• It might be a good idea," said Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. ...
• "The downside is everybody you know won't be able to have a computer anymore, and I like being able to send e-mail to friends," Schneier said. ...
• Reading the context, it's obvious Bruce Schneider was asked something along the lines of "Could there be an ``Internet license''? What would it entail?". ...
• NaugaHunter writes "A story on Yahoo asks Should a License Be Required to Go Online? It appears to be suggested by Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. ...
• So 250,000+ people hear "It appears to be suggested by Bruce Schneier". ... Poor Bruce Schneier. ...

• Tech entrepreneur Bruce Schneier is one of America's best-known computer security experts. His testimony before Congress helped defeat legal restrictions on cryptography sought by the FBI and the National Security Agency when an appellate court ruled in 1999 that crypto algorithms were a form of speech covered by the First Amendment. ...
• Schneier co-founded security services company Counterpane Internet Security, where he serves as chief technologist. Arguing that constant vigilance, not technology, is the best defense against computer break-ins, Schneier believes security breaches are nonetheless fated to increase as networking systems become more complex.
• What's going to be different about the state of Internet and network security three years from now? I think we're finally past the era where people believe in magic security dust, that all they need to do is buy the right set of products and their network will be imbued with the property of "secure. " Security is a process. ...
• Will security breaches become fewer or more frequent? They will increase. As more of our infrastructure moves online, as more things that someone might want to access or steal move online, there will be more security breaches. As our networking systems become more complex, there will be more security breaches. As our computers get more powerful and more useful, there will be more security breaches. Everything about computer networks points to more security breaches in the future.
• Will security firms come up with the secret weapon that turns the tables on cyberintruders, thus banishing illegal hacks to memory? If only it were possible. ...
• In the absence of such measures, are we headed for a devastating attack on the Internet or other computer networks in the near future? By devastating, I mean one that wreaks havoc, such as the shutdown of airports or businesses. ...
• Why should people be worried about Internet security? Because their privacy and financial security may be compromised. Terrorism is so rare in the United States, so why should people be worried about home security? There are lots of other attackers. ...
• What is the biggest wild card in Internet security? What is the aspect or element that is hardest to control or predict? People.

• Security Portal: Information & Communication Technology .
• Usefull links about security: .
• com, The web portal for the certified information systems security professionals http://www. ...
• Bruce Schneier's  Counterpane Internet Security http://www. ...
• NIST Computer Security Division 893 and CSRC Home Page http://csrc. ...
• 11 Security” Web Site http://www. ...
• Rivest Cryptography and Security http://theory. ... edu/~rivest/crypto-security. ...
• org/internet-drafts/draft-ietf-pppext-eap-srp-03. ...
• IP Security Protocol (ipsec) http://www. ...
• Network Security Library http://secinf. ...
• Internet Security Alliance http://www. ...
• SLAN (Secured LAN/Internet Link) http://slan. ...
• Wireless Security Perspectives http://www. ...
• Information Systems Security Association (ISSA)® http://www. ...
• Security portal site, with news, research, products, jobs, and white papers with daily updates http://www. ...

• Despite added security spending, Internet more dangerous .
• NEW YORK -- Spending on Internet security continues to grow, yet the worldwide supernetwork remains more vulnerable than ever to viruses, break-ins and terrorism. ...
• "The rate of growth of our vulnerabilities is exceeding the rate of improvements in security measures," said Michael Vatis, former director of the FBI's National Infrastructure Protection Center. ...
• Bruce Schneier, chief technical officer at Counterpane Internet Security, said companies that invest in security may be reducing their own risks, but new networks with minimal protections are constantly joining the Internet. ...
• "Overall, security goes down," Schneier said. ...
• CERT Coordination Center, the government-funded computer emergency response team at the Carnegie Mellon University, says it received reports last year of 52,658 security breaches and attacks, and 2,437 computer vulnerabilities _ more than double the figures for 2000. ...
• Last year, the Internet was hit with a new class of worms, which unlike viruses do not require human intervention to spread. Code Red and Nimda found new ways to propagate rapidly and tied up Internet traffic worldwide by exploiting well-known software vulnerabilities. ...
• "A single threat can now combine a number of different attacks," said Stephen Trilling, a research director at security company Symantec Corp. ...
• In addition to unleashing Medusa-like threats, hackers are also quicker to exploit new vulnerabilities, giving system administrators less time to react, said Chris Rouland, director of the X-Force research team at Internet Security Systems Inc. ...
• As a result, computer security companies saw revenue growth of 15 percent to 20 percent last year, according to Chris Christiansen, a research analyst at IDC. ...
• And while security companies said the Sept. ...
• Steve Lipner, director of security assurance at Microsoft Corp. , sought to put security risks in perspective, saying millions of people use the Internet daily "without any ill effect at all. ...
• Even so, Microsoft Chairman Bill Gates directed employees last week to put security and privacy ahead of new capabilities in the company's products. ...
• Many security breaches, including Code Red and Nimda, exploited flaws in Microsoft products, and security experts disclosed last month that hackers could seize control of computers running Windows XP - marketed as the company's most secure system - unless users installed a patch to fix it. ...

• bsy's Security Related Net-pointers.
• Updates to this page occurs at its new location This is a list of pointers to security related information that I wrote or culled from the net. ...
• Security/Cryptography Standards, Books, and Papers .
• The Enterprise Security Workshop .
• Crypto Freedom & Privacy Security/Cryptography Standards, Books, and Papers.
• Errata for Applied Cryptography by Bruce Schneier. ...
• Science Applications International Corp (SAIC) security information. Orange book style multi-level security and compartment mode workstation info. ...
• W3 security page .
• CTCPEC and related InfoSec works archived at the Canadian System Security Centre. ...
• Internet Merchantile Protocol information .
• Internet security papers (from AT&T Bell Labs) .
• Economics of the Internet, including various electronic cash / electronic commerce proposals. ...
• Ron Rivest's page on Cryptography and Security .
• IBM Zurich Security Research page .
• IBM Research's Massively Distributed Systems Security Page .

Do you have a great site about Bruce Schneier And Internet Security? Is your Bruce Schneier And Internet Security site listed here? Would you like a prefered placement of your site in this directory?

It's easy! First place, the HTML from the box below on your page that you would like listed in this directory.

Then use our link submission request with your name, your contact information, and the URL of your site that has a link to this directory. After we verify your link to us, we'll make sure your site stays in our directory, and we'll give it prefered placement here also.

Here is how to make a simple text link to us. Just copy the code in this box to your website:

We can also develop a custom Guide To The Internet for your site. Please request your own custom Guide To The Internet.