How To Enter The Cyber Security Field
Oct 22,
2019
During Cyber Security Awareness Month we hear about how important being #CyberAware is. “Do your part! Be careful!” It’s important to take this seriously. But additionally, this field offers job opportunities. Among the many ways we will discuss of how you can enter the cyber security field, one way is through our Learning Paths. You […]
How I Was Wrong About Kerberos
Oct 24,
2017
Microsoft’s Active Directory includes a version of Kerberos that has had a bad reputation. There were problems several years ago, but the criticisms are now outdated. What was the problem, and how has it been fixed? Origins of Active Directory Windows 2000 was originally going to be called Windows NT 5.0. It was released in […]
How Will Vehicle-To-Everything (V2X) Communication Transform Your Car?
Jan 19,
2017
A casual mention of Vehicle to Everything, or V2X, in a mailing list, led me to a short article, and that led to much more. It made me aware of a project that may make huge changes to how we get around. Roads can measure cars in very limited ways today with inductive loops at […]
Cyber Security Requires Cautious Logic
Jul 21,
2016
If we don’t carefully distinguish between necessary and sufficient when we are analyzing information assurance systems, we may become dangerously confident in a system that is actually quite weak. This Isn’t A New Problem Cryptography enthusiast Edgar Allan Poe wrote, in “A Few Words On Secret Writing” in Graham’s Magazine in July 1841: “Few persons […]
Are Consumer Crypto Systems Too Hard To Use?
Mar 16,
2016
In a previous post, I summarized some academic papers in which prominent cryptographers and other security experts took a very skeptical look at current cryptography, both research and practical systems. It’s not just e-mail plugins and other desktop computer applications that can disappoint us. One of the papers showed that the APCO Project 25 two-way […]
communications security,
COMSEC,
cryptography,
Diffie-Hellman,
Diffie-Hellman Ephemeral,
Man-in-the-Middle attack,
MitM,
risk analysis,
RTP,
user interface design,
VoIP,
ZRTP