The Japanese Response to Terrorism Lessons from Japan’s response to Aum Shinrikyo: Yet what’s as remarkable as Aum’s potential for mayhem is how little of it, on balance, they actually caused. Don’t misunderstand me: Aum’s crimes were horrific, not merely the terrible subway gassing but their long history of murder, intimidation, extortion, fraud, and exploitation. What they did was unforgivable,
Keccak is SHA-3 NIST has just announced that Keccak has been selected as SHA-3. It’s a fine choice. I’m glad that SHA-3 is nothing like the SHA-2 family; something completely different is good. Congratulations to the Keccak team. Congratulations—and thank you—to NIST for running a very professional, interesting, and enjoyable competition. The process has increased our understanding about the crypt
SHA-3 to Be Announced NIST is about to announce the new hash algorithm that will become SHA-3. This is the result of a six-year competition, and my own Skein is one of the five remaining finalists (out of an initial 64). It’s probably too late for me to affect the final decision, but I am hoping for “no award.” It’s not that the new hash functions aren’t any good, it’s that we don’t really need on
So You Want to Be a Security Expert I regularly receive e-mail from people who want advice on how to learn more about computer security, either as a course of study in college or as an IT person considering it as a career choice. First, know that there are many subspecialties in computer security. You can be an expert in keeping systems from being hacked, or in creating unhackable software. You ca
New Attacks on CAPTCHAs Nice research: Abstract: We report a novel attack on two CAPTCHAs that have been widely deployed on the Internet, one being Google’s home design and the other acquired by Google (i.e. reCAPTCHA). With a minor change, our attack program also works well on the latest ReCAPTCHA version, which uses a new defence mechanism that was unknown to us when we designed our attack. This
Societal Security Humans have a natural propensity to trust non-kin, even strangers. We do it so often, so naturally, that we don’t even realize how remarkable it is. But except for a few simplistic counterexamples, it’s unique among life on this planet. Because we are intelligently calculating and value reciprocity (that is, fairness), we know that humans will be honest and nice: not for any imme
NIST Defines New Versions of SHA-512 NIST has just defined two new versions of SHA-512. They’re SHA-512/224 and SHA-512/256: 224- and 256-bit truncations of SHA-512 with a new IV. They’ve done this because SHA-512 is faster than SHA-256 on 64-bit CPUs, so these new SHA variants will be faster. This is a good thing, and exactly what we did in the design of Skein. We defined different outputs for th
Security in 2020 There’s really no such thing as security in the abstract. Security can only be defined in relation to something else. You’re secure from something or against something. In the next 10 years, the traditional definition of IT security—that it protects you from hackers, criminals, and other bad guys—will undergo a radical shift. Instead of protecting you from the bad guys, it will
Man-in-the-Middle Attacks Against SSL Says Matt Blaze: A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don’t even do that much. Scary research by Christopher Soghoian and Sid Stamm: Abstract: This paper introduces a new attack, the compelled certificate creation attack, in which go
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く