Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 4 declined, 1 accepted (5 total, 20.00% accepted)

Security

Submission + - Gary McGraw interviews Ross Anderson, who debunks Trusted Computing->

FormOfActionBanana writes: "Security expert Dr. Gary McGraw interviews security expert Dr. Ross Anderson of Cambridge University in a great podcast. Dr. Anderson opens with a debunking of UEFI and Trusted Boot; he makes multiple references to the balance of power in the Middle Ages and compares that to the modern struggle of power inherent in the establishment of Certification Authority infrastructures."
Link to Original Source
Security

Submission + - Security expert Gary McGraw interviews security expert Ross Anderson-> 1 1

FormOfActionBanana writes: "Dr. Gary McGraw interviews Dr. Ross Anderson of Cambridge University in a great podcast. They cover a variety of current topics in computer security.
Among other choice quotes, Dr. Anderson warns the preliminary output of some recent world wide web research is "Don't click on ads.""

Link to Original Source
Security

Submission + - OpenBSD IPSEC implementation compromised by FBI->

FormOfActionBanana writes: "From the email received by Theo van der Raadt: "My NDA with the FBI has recently expired, and I wanted to make you aware of the fact that the FBI implemented a number of backdoors and side channel key leaking mechanisms...[into OpenBSD's IPSEC implementation]""
Link to Original Source
Security

Submission + - Security review summary of NIST SHA-3 round 1-> 1 1

FormOfActionBanana writes: "The security firm Fortify Software has undertaken an automated code review of the NIST SHA-3 round 1 contestants' (previously Slashdotted) reference implementations. After a followup audit, the team is now reporting summary results.

According to the blog entry, "This just emphasizes what we already knew about C, even the most careful, security conscious developer messes up memory management."

Of particular interest, Professor Ron Rivest's (the "R" in RSA) MD6 team has already corrected a buffer overflow pointed out by the Fortify review. Bruce Schnier's Skein, also previously slashdotted came through defect free."

Link to Original Source

At these prices, I lose money -- but I make it up in volume. -- Peter G. Alaquon

Working...