2009 marks 60 years since the advent of modern cryptography. It was back in October 1949 when mathematician Claude Shannon published a paper on Communication Theory of Secrecy Systems. According to his employer at the time, Bell Labs, the work transformed cryptography from an art to a science and is generally considered the foundation of modern cryptography. Since then significant developments in secure communications have continued, particularly with the advent of the Internet and Web. CIO has a pictorial representation of the past six decades of research and development in encryption technology. Highlights include the design of the first quantum cryptography protocol by Charles Bennett and Gilles Brassard in 1984, and the EFF’s ‘Deep Crack’ DES code breaker of 1998.
Social-networking sites short on security [From Brief: Social-networking sites short on security]
Apple missed a golden opportunity to lock down Snow Leopard when it again failed to implement fully a security technology that Microsoft perfected nearly three years ago in Windows Vista, noted Mac researcher Charlie Miller said today. Dubbed ASLR, for address space layout randomization, the technology randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions, and thus makes it harder for them to craft reliable exploits. ‘Apple didn’t change anything,’ said Miller, of Independent Security Evaluators, the co-author of The Mac Hacker’s Handbook, and winner of two consecutive ‘Pwn2own’ hacker contests. ‘It’s the exact same ASLR as in Leopard, which means it’s not very good.
[From Five Top Cybersecurity Risks ]
With Sun busy being swallowed up by Oracle, should Linux geeks pay any interest to OpenSolaris? TuxRadar put together a guide to OpenSolaris’s most interesting features from a Linux user’s perspective, covering how to get started with ZFS and virtualisation alongside more consumer-friendly topics such as hardware and Flash support.
Wiretapping technology has grown increasingly sophisticated since the police first began to utilize it as a surveillance tool in the 1890s. What once entailed simply putting clips on wires has now evolved into building wiretapping capabilities directly into communications infrastructures (at the government’s behest). In a modern society, where surveillance is often touted as a way of ensuring our safety, it is important to take into consideration the risks to our privacy and security that electronic eavesdropping presents. In this article, Whitfield Diffie and Susan Landau examine these issues, attempting to answer the important question: does wiretapping actually make us more secure.
[From A History of Wiretapping ]
Here’s a real copy of an American citizen’s DHS Travel Record, retrieved from the US Customs and Border Patrol’s Automated Targeting System and obtained through a FOIA/Privacy Act request. The document reveals that the DHS is storing: the traveler’s credit card number and expiration; IP addresses used to make Web travel reservations; hotel information and itinerary; full airline itinerary including flight numbers and seat numbers; phone numbers including business, home, and cell; and every frequent flyer and hotel number associated with the traveler, even ones not used for the specific reservation.
Many people reveal way too much personal information on social networking sites–something that can easily lead to identity theft or unwanted attention from employers etc. Technology Review has a story about several tools cryptographic tools that can be used to hide your activity on Facebook, from both untrusted users and from Facebook itself. Urs Hengartner, an assistant professor of computer science at the University of Waterloo, developed a Firefox plugin that obfuscates anything marked with ‘@@’ on Facebook and only reveals the correct information to trusted users who have the right keys. The sensitive data itself is even stored on an outside server so that even Facebook cannot access it. The piece mentions two other projects, NOYB and flybynight, that also aim to make personal information more secure on Facebook.
How do you fit 1,000 words into a 140-character tweet? Short messaging networks like Twitter are packed with countless terse text messages, making images a more attractive way to broadcast complex messages and cut through the clutter. Wired.com shows you seven ways to visualization nirvana.
When federal regulators asked AT&T, Apple and Google to explain what happened when Apple rejected the Google Voice iPhone app, only Google filed parts of its answer in secret. Wired.com tells you why and seeks the answer.[From What's in Google's Secret iPhone App Letter to Feds?]
The San Diego Supercomputer Center has built a high-performance computer with solid-state drives, which the center says could help solve science problems faster than systems with traditional hard drives. The flash drives will provide faster data throughput, which should help the supercomputer analyze data an ‘order of magnitude faster’ than hard drive-based supercomputers, according to Allan Snavely, associate director at SDSC. SDSC intends to use the HPC system — called Dash — to develop new cures for diseases and to understand the development of Earth.