Dragan on Security

The Enigma was an electro-mechanical cipher machine used by the German Military during WW II. The following link shows Enigma Simulation done in Adobe Flash 8 by Dr. Frank Spiess. You will have chance to see how it worked. Highlighted wires show steps of encryption.

This Enigma simulation is part of Cryptool.com, a great collection of cryptographic tools and demos.

Merry Christmas to all.

Santa and the TSA:

See more comics here.

I’ve put poll on this blog to find out what is public opinion on primary motives for hacking.  There are six possible choices and you can choose one according your opinion. Answers are based on Australian government Institute of Criminology i.e. its High tech crime centre classification. You can see paper here and vote in box with yellow background at right sidebar.

Eric Bidstrup has posted interesting and a thought provoking commentary about the Common Criteria on MSDN blog. He concludes:

If customers expect a real-world answer to the question “Is it Safe?” to be answered by Common Criteria, then Common Criteria must change.

You can read it here: The Security Development Lifecycle : Common Criteria and answering the question ‘Is it Safe’.

If you are interested in cryptography, there is very good YouTube video: Theory and Practice of Cryptography. You’ll need one hour of time to watch it.

Topics include: Introduction to Modern Cryptography, Using Cryptography in Practice and at Google, Proofs of Security and Security Definitions and A Special Topic in Cryptography.

This talk is one in a series hosted by Google University. Speaker is Steve Weis. He received his PhD from the Cryptography and Information Security group at MIT, where he was advised by Ron Rivest. He is a member of Google’s Applied Security (AppSec) team and is the technical lead for Google’s internal cryptographic library, KeyMaster.

Insecure.org has Top 100 Network Security Tools list. Author says:

Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don’t know where to start”.

The Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone is available online - legitimately. This is a good book, and well worth downloading. I also would recommend Applied Cryptography by Bruce Schneier which is not free yet, but is very good and considered as bible of cryptography.

Coming soon. This is a new Operating systems I course textbook with lab exercises for GNU/Linux System Programming. More details here. I contributed a little bit.

Note: Book is in Serbian language. Original title is GNU/Linux sistemsko programiranje.