legal
New Legislation: SAFE and PRO IP
There has been some controversy over two new security-related bills in the United States Congress right now: the SAFE Act and PRO IP. The SAFE Act (Secure Adolescents From Exploitation Online; another case where the acronym almost certainly came first) aims to protect children and teenagers from exploitation by increasing enforcement of child pornography laws. [...]
Securing Data at Rest with Cryptography
Over at Schneier on Security, Bruce Schneier has a post today about securing data on disk. Encryption is often sold as a panacea for all security problems — which it’s not — but keeping people from reading your data if they steal your laptop is one thing encryption is really good at, and it’s an [...]
Backdoored PNRGs from the NSA
Bruce Schneier has an article at wired.com about the new government-sponsored official standards for random number generators in NIST Special Publication 800-90. Apparently, it’s possible that one of them contains a back-door for the NSA; depending on how the constants in the algorithm were chosen, the NSA may have another set of constants that let [...]
Secure P2P for Pirates
According to a recent Reuters article, the unrepentant pirates of Sweden’s The Pirate Bay are working on developing their own peer-to-peer networking system. It turns out that this is a relatively fascinating security problem, even though in this case it’s the criminals needing the security, vs. the law-abiding companies trying to break it — a [...]
Do Not Track Lists: Good Luck With That
The New York Times reports that people will be able to sign up for “do-not-track” lists to prevent online advertisers from monitoring their activities. It is not clear from the article if they’re expecting a government solution, along the lines of the National Do Not Call Registry for telemarketers, or merely solutions from ISPs and [...]
