Showing posts with label Bruce Schneier. Show all posts
Showing posts with label Bruce Schneier. Show all posts

Friday, July 31, 2015

A Backdoor is Pretty Much Useless for Law Enforcement

Here is a good article from Bruce Schneier discussing why, even if a "law enforcement backdoor" could be made hacker proof, it will not solve the problem it is intended for.

Back Doors Won't Solve Comey's Going Dark Problem

A "backdoor" is a deliberately introduced security hole that, in this case, allows anyone with the relevant knowledge to eavesdrop on communication. This does more than introduce wiretapping capabilities into private communications. It increases the complexity of the system which decreases reliability. It makes patching bugs more difficult because the wiretap functions will have to be validated. Additionally, if anyone really thinks that a mandated backdoor will remain "law enforcement only" he needs to look up the Athens Affair.

Posted by parabarbarian at 2:32 PM 0 comments
Labels: , ,

Thursday, June 5, 2014

Edward Snowden Wins "Champion of Freedom" Award.

I lot of people are hating on Snowden calling him a traitor or accusing him of being a spy but I am glad he is getting some positive, public recognition. Of course he couldn't attend without risking arrest but his father, stepmother and attorney were there to accept on his behalf. Bruce Schneier presented the award.

Edward Snowden Wins EPIC "Champion of Freedom" Award

Posted by parabarbarian at 9:31 AM 0 comments
Labels: , ,

Thursday, May 22, 2014

Should the NSA Disclose Exploits it Discovers?

A very important part of any attack is the ability to defend against it. One of the reasons for research into chemical and biological weapons is to be ready with a defense if or when an enemy develops them. The United State is far more dependent on electronic systems and networks than most of those attacking us. This disparity causes the MAD approach to favor the enemy.

Bruce Schneier makes a good point that, if there really are a large number of vulnerabilities then each side may be discovering different ones. This means that patching any discovered at this end would close it off from any exploitation but may not affect the ability of the other side to use another exploit. However, that seems more an argument for getting critical infrastructure off the public networks than for keeping the information secret.

Disclosing vs. Hoarding Vulnerabilities

Posted by parabarbarian at 2:28 PM 0 comments
Labels: , ,
Subscribe to: Posts (Atom)