Showing All 4 Matching Links Found
Tag(s) Selected: 
Bruce Schneier
Bruce Schneier
|
|
Letter From a Passenger: "What Really Happens in the TSA Private Room?" GFTB asks: "Tell us, please, what really happens in that private room and why the TSA does not want it seen in public nor recorded." Dear GFTB, I can only speak from my personal experience on this blog, as well as from second hand accounts from screeners I knew in my time at the TSA: screeners whose accounts I consider to be quite credible, from many different angles. That being said, though there are many claims in the news about outrageous things happening in the private screening rooms (such as this one last year) I’ve never seen or even heard of anything malicious, illicit or illegal happening in the private screening room, depending, at least, upon what one’s personal definition of “illegal” may be, per the Fourth Amendment, in regards to TSA policy in general (and yes, I’m familiar with U.S. vs Davis 1973 for you TSA apologists reading this, your perennial go-to rejoinder). (Taking Sense Away) | |||
| ||||
|
|
Wiretapping the Internet On Monday, The New York Times reported that President Obama will seek sweeping laws enabling law enforcement to more easily eavesdrop on the internet. Technologies are changing, the administration argues, and modern digital systems aren't as easy to monitor as traditional telephones. The government wants to force companies to redesign their communications systems and information networks to facilitate surveillance, and to provide law enforcement with back doors that enable them to bypass any security measures. The proposal may seem extreme, but -- unfortunately -- it's not unique. Just a few months ago, the governments of the United Arab Emirates, Saudi Arabia and India threatened to ban BlackBerry devices unless the company made eavesdropping easier. China has already built a massive internet surveillance system to better control its citizens. (Bruce Schneier) | |||
| ||||
keywords: 9/11, AOL, Barack Obama, Blackberry, Bruce Schneier, Canada, China, Cybersecurity, Federal Bureau Of Investigation, Google, Greece, India, Internet, Iran, L-1 Identity Solutions, National Security Agency, New York Times, Nokia, Police, Privacy, Saudi Arabia, Secure Computing, Siemens, Skype, Sweden, Terrorists, Twitter, United Arab Emirates, United Kingdom, United States
| ||||
|
|
ELECTRONIC PRIVACY INFORMATION CENTER v. JANET NAPOLITANO, in her official capacity as Secretary of the U.S. Department of Homeland Security, No. 10-1157 “The program is designed to respect individual sensibilities regarding privacy, modesty and personal autonomy to the maximum extent possible, while still performing its crucial function of protecting all members of the public from potentially catastrophic events,” (Electronic Privacy Information Center) | |||
| ||||
keywords: Advanced Imaging Technology, Airports, Bruce Schneier, Christmas Day Bombing Attempt, Detroit, Douglas Letter, Electronic Privacy Information Center, Janet Napolitano, John Koppel, London, Natural Resources Defense Council, New York City, Police, Privacy, Terrorists, Transportation Security Administration, US Customs And Border Protection, US Department Of Homeland Security, US Department Of Justice, US Marshals, US Secret Service, US Supreme Court, United States, War On Drugs, White House, X-ray
| ||||
|
|
Crypto-Gram Newsletter: Open Source and Security As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice. Open Source Cryptography Cryptography has been espousing open source ideals for decades, although we call it "using public algorithms and protocols." The idea is simple: cryptography is hard to do right, and the only way to know if something was done right is to be able to examine it. This is vital in cryptography, because security has nothing to do with functionality. You can have two algorithms, one secure and the other insecure, and they both can work perfectly. They can encrypt and decrypt, they can be efficient and have a pretty user interface, they can never crash. The only way to tell good cryptography from bad cryptography is to have it examined. Even worse, it doesn't do any good to have a bunch of random people examine the code; the only way to tell good cryptography from bad cryptography is to have it examined by experts. Analyzing cryptography is hard, and there are very few people in the world who can do it competently. Before an algorithm can really be considered secure, it needs to be examined by many experts over the course of years. This argues very strongly for open source cryptographic algorithms. Since the only way to have any confidence in an algorithm's security is to have experts examine it, and the only way they will spend the time necessary to adequately examine it is to allow them to publish research papers about it, the algorithm has to be public. A proprietary algorithm, no matter who designed it and who was paid under NDA to evaluate it, is much riskier than a public algorithm. (Bruce Schneier) | |||
| ||||
keywords: Bruce Schneier, Cybersecurity, Internet, Open Source, United States
| ||||
