Some Postings by Subject - Vulnerabilities & Assurance (20080715) Anne & Lynn Wheeler

Collected Postings

2007- Collected Postings, 2005-2006 Collected Postings, 2003-2004 Collected Postings, 2001-2002 Collected Postings, 1993-2000 Collected Postings, Internet History Postings, Old EMAIL Index

three factor authentcation
Assurance
some mention of EU FINREAD
Risk, Fraud, Exploits, Threats, Vulnerabilities
Account Number Harvesting
postings mentioning MITM attacks
Buffer overflows, overruns, exploits
Secrets and Account numbers
Counterfeit YES CARDS
Naked Transaction Metaphor

Risk, Fraud, Exploits, Threats, Vulnerabilities

aadsmail.htm#variations variations on your account-authority model (small clarification)
aadsmail.htm#complex AADS/CADS complexity issue
aadsmail.htm#parsim parsimonious
aadsmail.htm#fraud Human Nature ... a little cross-posting
aadsmail.htm#mfraud AADS, X9.59, security, flaws, privacy
aadsmail.htm#liability AADS & X9.59 performance and algorithm key sizes
aadsmail.htm#vbank Statistical Attack Against Virtual Banks (fwd)
aadsm2.htm#risk another characteristic of online validation
aadsm2.htm#integrity Scale (and the SRV record)
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#straw AADS Strawman
aadsm2.htm#strawm3 AADS Strawman
aadsm2.htm#keylength On leaving the 56-bit key length limitation
aadsm3.htm#cstech3 cardtech/securetech & CA PKI
aadsm3.htm#cstech4 cardtech/securetech & CA PKI
aadsm3.htm#cstech5 cardtech/securetech & CA PKI
aadsm3.htm#cstech6 cardtech/securetech & CA PKI
aadsm3.htm#cstech7 cardtech/securetech & CA PKI
aadsm3.htm#cstech8 cardtech/securetech & CA PKI
aadsm3.htm#cstech9 cardtech/securetech & CA PKI
aadsm3.htm#cstech10 cardtech/securetech & CA PKI
aadsm3.htm#cstech12 cardtech/securetech & CA PKI
aadsm3.htm#cstech13 cardtech/securetech & CA PKI
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss8 KISS for PKIX
aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature
aadsm4.htm#2 Public Key Infrastructure: An Artifact
aadsm4.htm#4 Public Key Infrastructure: An Artifact
aadsm4.htm#9 Thin PKI won - You lost
aadsm5.htm#epaym "e-payments" email discussion list is now "Internet-payments"
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#encryp Encryption article
aadsm5.htm#liex509 Lie in X.BlaBla
aadsm5.htm#pkimort PKI: Evolve or Die
aadsm5.htm#pkimort2 problem with the death of X.509 PKI
ansiepay.htm#privacy more on privacy
ansiepay.htm#x959pkni Ellison/Schneier article on Risks of PKI ... fyi
ansiepay.htm#cardsteal Stealing cards easy as Web browsing
ansiepay.htm#breach Security breach raises questions about Internet shopping
ansiepay.htm#theory Security breach raises questions about Internet shopping
ansiepay.htm#scaads X9.59 related press release at smartcard forum
ansiepay.htm#ifraud Internet Fraud
aepay2.htm#fed Federal CP model and financial transactions
aepay2.htm#cadis disaster recovery cross-posting
aepay2.htm#aadsx959 Account Authority Digital Signatures ... in support of x9.59
aepay2.htm#aadspriv Account Authority Digital Signatures ... in support of x9.59
aepay3.htm#riskm The Thread Between Risk Management and Information Security
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#x959risk1 Risk Management in AA / draft X9.59
aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
aepay3.htm#x959risk3 Risk Management in AA / draft X9.59
aepay3.htm#x959risk4 Risk Management in AA / draft X9.59
aepay3.htm#smrtcrd Smart Cards with Chips encouraged ... fyi
aepay4.htm#privis privacy issues
aepay4.htm#dnsinteg1 Domain Name integrity problem
aepay4.htm#visaset2 Visa Delicately Gives Hook to SET Standard
aepay5.htm#pkiillfit Some PKI references from yesterday's SlashDot
aepay5.htm#crackegg hackers crack egghead.com
aepay6.htm#fraud Online Card Fraud Thirty Times That Offline
aepay6.htm#x959b X9.59 Electronic Payment standard issue
aepay6.htm#docstore ANSI X9 Electronic Standards "store"
aepay6.htm#vouc implementations of "XML Voucher: Generic Voucher Language"?
aepay6.htm#harvest harvesting of credit card numbers
aepay6.htm#erictalk Announce: Eric Hughes giving Stanford EE380 talk this
aepay6.htm#ccfraud latest credit scam puts plastic in peril ... is your credit card being cloned?
98.html#41 AADS, X9.59, & privacy
99.html#85 Perfect Code
99.html#136 checks (was S/390 on PowerPC?)
99.html#156 checks (was S/390 on PowerPC?)
99.html#163 IBM Assembler 101
99.html#167 checks (was S/390 on PowerPC?)
99.html#168 checks (was S/390 on PowerPC?)
99.html#170 checks (was S/390 on PowerPC?)
99.html#171 checks (was S/390 on PowerPC?)
99.html#172 checks (was S/390 on PowerPC?)
99.html#189 Internet Credit Card Security
99.html#228 Attacks on a PKI
99.html#235 Attacks on a PKI
99.html#238 Attacks on a PKI
99.html#240 Attacks on a PKI
2000.html#25 Computer of the century
2000.html#28 Homework: Negative side of MVS?
2000.html#32 Homework: Negative side of MVS?
2000.html#36 "Trusted" CA - Oxymoron?
2000.html#42 "Trusted" CA - Oxymoron?
2000.html#46 question about PKI
2000.html#57 RealNames hacked. Firewall issues
2000.html#60 RealNames hacked. Firewall issues
2000b.html#17 ooh, a real flamewar :)
2000b.html#22 ooh, a real flamewar :)
2000c.html#40 Domainatrix - the final word
2000e.html#44 Why trust root CAs?
2000e.html#45 IBM's Workplace OS (Was: .. Pink)
2000f.html#1 Why trust root CAs?
2000f.html#4 Why trust root CAs?
2000f.html#14 Why trust root CAs?
2000f.html#22 Why trust root CAs?
2000f.html#50 Al Gore and the Internet (Part 2 of 2)
2000f.html#64 Cryptogram Newsletter is off the wall?
2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
2000f.html#72 SET; was Re: Why trust root CAs?
2000g.html#33 does CA need the proof of acceptance of key binding?
2000g.html#35 does CA need the proof of acceptance of key binding?
2000g.html#41 Egghead cracked, MS IIS again
2001b.html#58 Checkpoint better than PIX or vice versa???
2001c.html#15 OS/360 (was LINUS for S/390)
2001c.html#30 PKI and Non-repudiation practicalities
2001c.html#32 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#38 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#41 PKI and Non-repudiation practicalities
2001c.html#42 PKI and Non-repudiation practicalities
2001c.html#44 PKI and Non-repudiation practicalities
2001c.html#45 PKI and Non-repudiation practicalities
2001c.html#46 PKI and Non-repudiation practicalities
2001c.html#47 PKI and Non-repudiation practicalities
2001c.html#50 PKI and Non-repudiation practicalities
2001c.html#51 PKI and Non-repudiation practicalities
2001c.html#54 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#59 PKI and Non-repudiation practicalities
2001c.html#61 Risk management vs security policy
2001c.html#73 PKI and Non-repudiation practicalities
2001d.html#1 SSL question
2001d.html#19 [Newbie] Authentication vs. Authorisation?
2001d.html#41 solicit advice on purchase of digital certificate
2001d.html#56 Pentium 4 Prefetch engine?
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001d.html#62 OT Re: A beautiful morning in AFM
2001e.html#37 Can I create my own SSL key?
2001e.html#39 Can I create my own SSL key?
2001e.html#48 Where are IBM z390 SPECint2000 results?
2001e.html#77 Apology to Cloakware (open letter)
2001e.html#82 The Mind of War: John Boyd and American Security
2001f.html#15 Medical data confidentiality on network comms
2001f.html#24 Question about credit card number
2001f.html#25 Question about credit card number
2001f.html#31 Remove the name from credit cards!
2001f.html#33 IBM's "VM for the PC" c.1984??
2001f.html#35 Security Concerns in the Financial Services Industry
2001f.html#40 Remove the name from credit cards!
aepay6.htm#ccfraud2 "out of control credit card fraud"
aepay6.htm#ccfraud3 "out of control credit card fraud"
2001g.html#38 distributed authentication
aepay7.htm#fakeid Fake IDs swamp police
2001g.html#62 PKI/Digital signature doesn't work
2001g.html#63 PKI/Digital signature doesn't work
2001h.html#7 PKI/Digital signature doesn't work
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
aadsm6.htm#websecure merchant web server security
2001h.html#64 Net banking, is it safe???
2001h.html#67 Would this type of credit card help online shopper to feel more secure?
2001h.html#68 Net banking, is it safe???
2001h.html#70 Net banking, is it safe???
2001i.html#16 Net banking, is it safe???
2001i.html#25 Net banking, is it safe???
2001i.html#26 No Trusted Viewer possible?
2001i.html#55 Computer security: The Future
2001i.html#56 E-commerce security????
2001i.html#57 E-commerce security????
2001j.html#0 E-commerce security????
2001j.html#2 E-commerce security????
2001j.html#5 E-commerce security????
2001j.html#9 E-commerce security????
aepay7.htm#netsecure some recent threads on netbanking & e-commerce security
2001j.html#43 Disaster Stories Needed
2001j.html#44 Does "Strong Security" Mean Anything?
2001j.html#52 Are client certificates really secure?
2001j.html#54 Does "Strong Security" Mean Anything?
2001k.html#0 Are client certificates really secure?
2001k.html#1 Are client certificates really secure?
aadsm6.htm#terror Did Encryption Empower These Terrorists?
aadsm6.htm#terror3 Did Encryption Empower These Terrorists?
aadsm6.htm#terror4 Did Encryption Empower These Terrorists?
aadsm6.htm#terror5 Did Encryption Empower These Terrorists?
aadsm6.htm#terror6 Did Encryption Empower These Terrorists?
aadsm6.htm#terror7 Did Encryption Empower These Terrorists?
aadsm6.htm#terror8 Did Encryption Empower These Terrorists?
aadsm6.htm#terror9 Did Encryption Empower These Terrorists?
aadsm6.htm#terror10 Did Encryption Empower These Terrorists?
aadsm6.htm#terror13 Did Encryption Empower These Terrorists?
aadsm6.htm#terror14 Did Encryption Empower These Terrorists?
2001k.html#43 Why is UNIX semi-immune to viral infection?
aepay7.htm#idtheft Another Thing to Feer: ID Theft
2001k.html#53 Why is UNIX semi-immune to viral infection?
2001k.html#55 I-net banking security
2001k.html#58 I-net banking security
aadsm7.htm#auth Who or what to authenticate?
2001l.html#10 E-commerce security????
aepay7.htm#idtheft2 Reports of Identity Theft Still Rising Fast
2001l.html#49 Virus propagation risks
aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aepay7.htm#3dsecure2 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aepay7.htm#edsecure4 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm7.htm#rubberhose Rubber hose attack
aadsm7.htm#rhose3 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#3dsecure 3D Secure Vulnerabilities?
aadsm8.htm#rhose17 when a fraud is a sale, Re: Rubber hose attack]
aadsm8.htm#3dvulner 3D Secure Vulnerabilities?
aadsm8.htm#3dvulner2 3D Secure Vulnerabilities?
aadsm8.htm#3dvulner3 3D Secure Vulnerabilities?
2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aepay8.htm#ccfraud Almost Half UK E-Shopper's Fear Card Fraud (CC fraud increased by 50% in 2k)
aepay8.htm#ccfraud2 Statistics for General and Online Card Fraud
aepay8.htm#visapass VISA: All Your Password Are Belong to Us
aepay8.htm#x959paper Credit Card Fraud and E-Commerce: A Case Study
aepay8.htm#vulner ccount number & shared-secret vulnerabilities
2001n.html#30 FreeBSD more secure than Linux
2001n.html#90 Buffer overflow
2001n.html#91 Buffer overflow
2001n.html#93 Buffer overflow
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#cfppki14 CFP: PKI research workshop
aadsm10.htm#cfppki15 CFP: PKI research workshop
aadsm10.htm#smallpay2 Small/Secure Payment Business Models
aadsm10.htm#cfppki18 CFP: PKI research workshop
2002.html#19 Buffer overflow
2002.html#20 Younger recruits versus experienced veterans ( was Re: The demise of compaq
2002.html#23 Buffer overflow
2002.html#24 Buffer overflow
2002.html#25 ICMP Time Exceeded
2002.html#32 Buffer overflow
aadsm10.htm#hackhome Hackers Targeting Home Computers
2002.html#44 Calculating a Gigalapse
aadsm10.htm#risks credit card & gift card fraud (from today's comp.risks)
aepay9.htm#risks credit card & gift card fraud (from today's comp.risks)
aepay9.htm#skim High-tech Thieves Snatch Data From ATMs (including PINs)
aepay10.htm#4 Credit Card Scam
aadsm10.htm#tamper Limitations of limitations on RE/tampering (was: Re: biometrics)
aadsm10.htm#biometrics biometrics
2002c.html#7 Opinion on smartcard security requested
2002c.html#10 Opinion on smartcard security requested
2002c.html#15 Opinion on smartcard security requested
2002c.html#22 Opinion on smartcard security requested
2002c.html#23 Opinion on smartcard security requested
aepay10.htm#16 Worker Accused of Selling Colleagues' ID's Online (credit card scam)
2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
2002e.html#58 O'Reilly C Book
2002f.html#10 Least folklorish period in computing (was Re: IBM Mainframe at home)
aadsm11.htm#44 Web site exposes credit card fraud
aadsm11.htm#45 Web site exposes credit card fraud
2002i.html#62 subjective Q. - what's the most secure OS?
2002i.html#72 A Lesson In Security
2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
2002j.html#38 MITM solved by AES/CFB - am I missing something?!
aadsm12.htm#11 Some security, fraud, attack, threat, references
aadsm12.htm#12 TOC for world bank e-security paper
2002j.html#60 How to map a user account to a digital cert?
2002j.html#53 SSL integrity guarantees in abscense of client certificates
aepay10.html#41 ATM Scams - Whose Liability Is It, Anyway?
aepay10.html#44 Credit Card Skimming Rising In The US
2002l.html#20 Backdoor in AES ?
aepay10.htm#45 Credit card theft feared in Windows flaw
2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation
aadsm12.htm#31 The Bank-model Was: Employee Certificates - Security Issues
aadsm12.htm#35 Electronic Security: Risk Mitigation in Financial Transactions
aadsm12.htm#36 two other financial electronic security related URLs
aadsm12.htm#40 In Brief: Anti-'Skimming' Guidelines Coming
aadsm12.htm#46 Fraudit helps registrars battle global online fraud
aadsm12.htm#47 Online Fraud Growing in Scale, Sophistication
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#64 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#57 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#58 Time to ID Identity-Theft Solutions
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#91 SSL certs & baby steps
aepay10.htm#91 SSL certs & baby steps (addenda)
aepay10.htm#91 SSL certs & baby steps
aepay11.htm#3 Ministers to Act on Rise in Identity Theft
aepay11.htm#7 FTC says incidence of ID theft jumped in 2002
aepay11.htm#8 Internet Consumer Fraud Continues to Rise
aepay11.htm#9 Bank of America ATMs Disrupted by Virus
aepay11.htm#12 Star study: Identity Theft In The United States: An Update
aepay11.htm#17 Criminals using high-tech methods for old-style crimes
aepay11.htm#18 Hacker accesses 2.2 million credit cards
aepay11.htm#22 FBI Probing Theft of 8 Million Credit Card Numbers
aepay11.htm#32 Don't-Ask-Don't-Tell E-commerce
aepay11.htm#33 Spam's Being Used For Identity Theft And Blackmail, Symantec Says
aadsm14.htm#2 Who's afraid of Mallory Wolf? (addenda)
aadsm14.htm#3 Armoring websites
aadsm14.htm#5 Who's afraid of Mallory Wolf?
aepay11.htm#40 ID theft costs banks $1 billion a year
2003e.html#78 Microsoft strikes again - from comp.risks
aepay11.htm#41 Be Prepared: Gartner Outlines Top Security Risks
2003g.html#16 Can someone clarify, X509 spoofing?
2003g.html#17 Can someone clarify, X509 spoofing?
aepay11.htm#47 Actual Losses To Identity Fraud Top $1 Billion
aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)
aadsm14.htm#12 Tackling security threats from within
2003h.html#24 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#25 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#26 HELP, Vulnerability in Debit PIN Encryption security, possibly
aadsm14.htm#22 Identity Theft Losses Expected to Hit $2 Trillion by 2005
2003i.html#59 grey-haired assembler programmers (Ritchie's C)
2003j.html#4 A Dark Day
aadsm14.htm#32 An attack on paypal
aadsm14.htm#33 An attack on paypal
2003j.html#8 A Dark Day
aepay11.htm#57 US warns banks about virus
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
2003j.html#15 A Dark Day
aadsm14.htm#39 An attack on paypal
2003j.html#17 pbx security from 20 years ago
aepay11.htm#63 E-merchants Turn Fraud-busters
aepay11.htm#64 EFTA to Adaopt ATM Ant-Fraud Measures
aepay11.htm#65 E-merchants Turn Fraud-busters (somewhat related)
aepay12.htm#6 Know Your Enemy Automated Credit Card Fraud (automated, forwarded)
aadsm14.htm#51 Feds, industry warn of spike in ID theft scams
aadsm14.htm#53 IT Managers Critical Front in War on Identity Theft
aadsm14.htm#57 Kinko's spy case: Risks of renting PC's
aepay12.htm#7 Bugwatch: Know your security onions
aepay12.htm#8 Know your security onions (or security proportional to risk)
aepay12.htm#11 Net Worm Heightens Security Concerns
aepay12.htm#12 Identity theft rockets 80 per cent
2003l.html#2 S/360 Engineering Changes
2003l.html#3 S/360 Engineering Changes
aepay12.htm#13 Hacker's compromise Navy purchase card
aepay12.htm#14 Technology and Crime, Criminal Intelligence Service Canada - 2003
aepay12.htm#19 Tech firms band together on ID theft
aepay12.htm#21 FTC Says ID Theft Greater Problem Than Originally Thought
aadms15.htm#5 Is cryptography where security took the wrong branch?
aepay12.htm#23 Police smash UK's biggest credit card fraud ring
aepay12.htm#24 More on the ID theft saga
aepay12.htm#26 Bank One Calls Attention to ID Theft
aepay12.htm#30 ID Theft Often Goes Unrecognized
2003m.html#51 public key vs passwd authentication?
2003n.html#0 public key vs passwd authentication?
2003n.html#1 public key vs passwd authentication?
2003n.html#2 public key vs passwd authentication?
2003n.html#3 public key vs passwd authentication?
2003n.html#10 Cracking SSL
aadsm15.htm#22 Trusting the Tools - was Re: Open Source
2003n.html#14 Poor people's OS?
aadsm15.htm#23 NCipher Takes Hardware Security To Network Level
aepay12.htm#32 Internet Fraud & Attacks on the rise
2003n.html#17 which CPU for educational purposes?
2003n.html#20 which CPU for educational purposes?
aadsm15.htm#29 SSL, client certs, and MITM (was WYTM?)
aepay12.htm#35 Citibank customers hit with e-mail scam
aadsm16.htm#0 Identity Fraud costs Austrilia AU$1 billion a year
2003o.html#3 Bank security question (newbie question)
2003o.html#4 Bank security question (newbie question)
2003o.html#5 perfomance vs. key size
2003o.html#6 perfomance vs. key size
2003o.html#8 Bank security question (newbie question)
2003o.html#9 Bank security question (newbie question)
aadsm16.htm#2 Electronic Safety and Soundness: Securing Finance in a New Age
2003o.html#19 More -Fake- Earthlink Inquiries
2003o.html#22 securID weakness
2003o.html#29 Biometric cards will not stop identity fraud
2003o.html#35 Humans
2003o.html#37 Security of Oyster Cards
aadsm16.htm#6 ATM Fraud, Banking Your Money
2003o.html#50 Pub/priv key security
aadsm16.htm#7 The Digital Insider: Backdoor Trojans ... fyi
2003p.html#6 Does OTP need authentication?
2004.html#30 Threat of running a web server?
2004b.html#50 The SOB that helped IT jobs move to India is dead!
aadsm17.htm#10 fraud and phishing attacks soar
aadsm17.htm#11 are debit cards safe?
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#22 secret hackers to aid war on internet fraud
aadsm17.htm#32 visa cards violated, BofA reissuing after hack attack
aadsm17.htm#35 Online credit card fraud rocks Indonesia
2004f.html#20 Why does Windows allow Worms?
aadsm17.htm#38 Study: ID theft usually an inside job
2004f.html#31 MITM attacks
aadsm17.htm#42 Article on passwords in Wired News
2004g.html#41 [URL] (about) passwords
2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
aadsm17.htm#43 Is finding security holes a good idea?
aadsm17.htm#44 Is finding security holes a good idea?
2004h.html#2 Adventure game (was:PL/? History (was Hercules))
2004h.html#4 Adventure game (was:PL/? History (was Hercules))
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#49 Use cash machines as little as possible
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#51 authentication and authorization
aadsm17.htm#55 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#56 Question on the state of the security industry
aadsm17.htm#57 dual-use digital signature vulnerability
aadsm17.htm#58 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#8 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#9 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#10 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#11 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#12 dual-use digital signature vulnerability
aadsm18.htm#17 should you trust CAs? (Re: dual-use digital signature vulnerability)
2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
aadsm18.htm#18 Any TLS server key compromises?
2004j.html#28 Vintage computers are better than modern crap !
aadsm18.htm#19 RPOW - Reusable Proofs of Work
aadsm18.htm#20 RPOW - Reusable Proofs of Work
2004j.html#29 Vintage computers are better than modern crap !
2004j.html#32 Vintage computers are better than modern crap !
2004j.html#34 Vintage computers are better than modern crap !
2004j.html#35 A quote from Crypto-Gram
2004j.html#37 Vintage computers are better than modern crap !
2004j.html#38 Vintage computers are better than modern crap !
2004j.html#39 Methods of payment
2004j.html#56 RFCs that reference MD5
2004j.html#58 Vintage computers are better than modern crap !
2004k.html#7 A quote from Crypto-Gram
2004k.html#22 Public key authentication defeats passwd age warning
2004l.html#1 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#63 Actuarial facts
aadsm18.htm#35 Credit card leaks continue at a furious pace
aadsm18.htm#36 Phishing losses total $500 million - Nacha
aadsm18.htm#37 Fake Companies, real money; elaborate con wrings cash out of stolen credit cards
2004p.html#21 need a firewall
2004p.html#22 need a firewall
aadsm18.htm#45 Banks Test ID Device for Online Security
aadsm18.htm#46 Banks Test ID Device for Online Security
2005.html#14 Using smart cards for signing and authorization in applets
2005b.html#43 [Lit.] Buffer overruns
2005b.html#66 [Lit.] Buffer overruns
2005c.html#28 [Lit.] Buffer overruns
2005c.html#29 [Lit.] Buffer overruns
2005c.html#30 [Lit.] Buffer overruns
2005c.html#31 [Lit.] Buffer overruns
2005c.html#34 [Lit.] Buffer overruns
aadsm18.htm#49 one more time now, Leading Cause of Data Security breaches Are Due to Insiders, Not Outsiders
2005d.html#0 [Lit.] Buffer overruns
aadsm18.htm#53 ATM machine security
aadsm18.htm#54 MD5 collision in X509 certificates
aadsm18.htm#55 MD5 collision in X509 certificates
aadsm19.htm#5 Do You Need a Digital ID?
2005e.html#31 Public/Private key pair protection on Windows
2005e.html#41 xml-security vs. native security
aadsm19.htm#7 JIE - Contracts in Cyberspace
2005f.html#9 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005g.html#33 Good passwords and security priorities
2005g.html#37 MVS secure configuration standard
2005g.html#41 Maximum RAM and ROM for smartcards
2005g.html#42 TCP channel half closed
2005g.html#46 Maximum RAM and ROM for smartcards
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#10 Revoking the Root
2005i.html#11 Revoking the Root
2005i.html#19 Improving Authentication on the Internet
2005i.html#33 Improving Authentication on the Internet
2005i.html#34 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#18 Citibank discloses private information to improve security
aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#22 Citibank discloses private information to improve security
aadsm19.htm#23 Citibank discloses private information to improve security
aadsm19.htm#26 Trojan horse attack involving many major Israeli companies, executives
2005j.html#3 Request for comments - anti-phishing approach
aadsm19.htm#28 "SSL stops credit card sniffing" is a correlation/causality myth
2005j.html#22 Public disclosure of discovered vulnerabilities
2005j.html#23 Public disclosure of discovered vulnerabilities
aadsm19.htm#34 encrypted tapes (was Re: Papers about "Algorithm hiding" ?)
2005j.html#52 Banks
2005j.html#53 Banks
2005k.html#3 Public disclosure of discovered vulnerabilities
2005k.html#56 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
aadsm19.htm#38 massive data theft at MasterCard processor
aadsm19.htm#39 massive data theft at MasterCard processor
aadsm19.htm#41 massive data theft at MasterCard processor
aadsm19.htm#44 massive data theft at MasterCard processor
2005l.html#13 The Worth of Verisign's Brand
2005l.html#17 The Worth of Verisign's Brand
2005l.html#18 The Worth of Verisign's Brand
2005l.html#19 Bank of America - On Line Banking *NOT* Secure?
2005l.html@23 The Worth of Verisign's Brand
2005l.html#24 The Worth of Verisign's Brand
2005l.html#36 More Phishing scams, still no SSL being used
2005m.html#6 Creating certs for others (without their private keys)
aadsm19.htm#45 payment system fraud, etc
aadsm20.htm#1 Keeping an eye on ATM fraud
aadsm20.htm#2 US consumers want companies fined for security breaches
aadsm20.htm#3 City National Bank is the latest major US company to admit it has lost customer data
2005n.html#5 Wildcard SSL Certificates
2005n.html#23 Online ID Thieves Exploit Lax ATM Security
aadm20.htm#24 [Clips] Escaping Password Purgatory
aadsm20.htm#28 solving the wrong problem
aadsm20.htm#29 How much for a DoD X.509 certificate?
aadsm20.htm#30 How much for a DoD X.509 certificate?
2005o.html#1 The Chinese MD5 attack
2005o.html#2 X509 digital certificate for offline solution
2005o.html#3 The Chinese MD5 attack
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005p.html#2 Innovative password security
2005p.html#6 Innovative password security
aadsm21.htm#0 ID theft ring proves difficult to stop
2005p.html#24 Hi-tech no panacea for ID theft woes
2005p.html#25 Hi-tech no panacea for ID theft woes
2005p.html#25 Hi-tech no panacea for ID theft woes
aadsm21.htm#5 Is there any future for smartcards?
2005p.html#43 Security of Secret Algorithm encruption
aadsm21.htm#14 Online fraud 'ahead' of credit-card companies-experts
aadsm21.htm#15 Contactless payments and the security challenges
aadsm21.htm#16 PKI too confusing to prevent phishing, part 28
2005r.html#7 DDJ Article on "Secure" Dongle
2005s.html#15 Data Encryption Standard Today
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#13 AMD to leave x86 behind?
2005u.html#24 AMD to leave x86 behind?
2005u.html#26 RSA SecurID product
2005u.html#31 AMD to leave x86 behind?
2005u.html#33 PGP Lame question
aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates
2005v.html#2 ABN Tape - Found
2005v.html#3 ABN Tape - Found
2005v.html#4 ABN Tape - Found
aadsm21.htm#42 Phishers now targetting SSL
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#6 long-term GPG signing key
aadsm22.htm#7 long-term GPG signing key
2006.html#12a sox, auditing, finding improprieties
2006.html#33 The new High Assurance SSL Certificates
aadsm22.htm#10 thoughts on one time pads
aadsm22.htm#11 thoughts on one time pads
aadsm22.htm#12 thoughts on one time pads
aadsm22.htm#13 Face and fingerprints swiped in Dutch biometric passport crack (another card skim vulnerability)
2006.html#14 thoughts on one time pads
aadsm22.htm#16 serious threat models
2006c.html#13 X.509 and ssh
2006c.html#31 Worried about your online privacy?
2006c.html#35 X.509 and ssh
2006c.html#38 X.509 and ssh
2006d.html#25 Caller ID "spoofing"
2006d.html#26 Caller ID "spoofing"
2006d.html#28 Caller ID "spoofing"
2006d.html#30 Caller ID "spoofing"
2006d.html#31 Caller ID "spoofing"
aadsm22.htm#18 "doing the CA statement shuffle" and other dances
aadsm22.htm#19 "doing the CA statement shuffle" and other dances
aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#2 When *not* to sign an e-mail message?
aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#10 Caller ID "spoofing"
2006e.html#11 Caller ID "spoofing"
aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#21 Debit Cards HACKED now
2006e.html#22 Debit Cards HACKED now
2006e.html#23 Debit Cards HACKED now
2006e.html#24 Debit Cards HACKED now
2006e.html#26 Debit Cards HACKED now
aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#30 Debit Cards HACKED now
aadsm22.htm#26 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
aadsm22.htm#27 Meccano Trojans coming to a desktop near you
aadsm22.htm#28 Meccano Trojans coming to a desktop near you
aadsm22.htm#29 Meccano Trojans coming to a desktop near you
aadsm22.htm#30 Creativity and security
aadsm22.htm#31 Creativity and security
aadsm22.htm#33 Meccano Trojans coming to a desktop near you
aadsm22.htm#34 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#36 Unforgeable Blinded Credentials
aadsm22.htm#38 Creativity and security
aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
2006f.html#32 X.509 and ssh
2006f.html#33 X.509 and ssh
2006f.html#36 X.509 and ssh
aadsm22.htm#44 Creativity and security
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#46 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#48 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#0 Separation of Roles - an example
2006g.html#12 The Pankian Metaphor
aadsm23.htm#1 RSA Adaptive Authentication
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens
2006h.html#13 Security
2006h.html#4 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens
2006h.html#15 Security
2006h.html#26 Security
2006h.html#31 Intel vPro Technology
2006h.html#33 The Pankian Metaphor
2006h.html#34 The Pankian Metaphor
2006h.html#40 Mainframe vs. xSeries
aadsm23.htm#9 PGP "master keys"
aadsm23.htm#10 PGP "master keys"
2006i.html#3 Spoofing fingerprint scanners - NEWBIE()
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#16 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm23.htm#17 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm23.htm#18 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#19 Petrol firm suspends chip-and-pin
aadsm23.htm#20 Petrol firm suspends chip-and-pin
aadsm23.htm#21 Reliable Connections Are Not
aadsm23.htm#25 Petrol firm suspends chip-and-pin
aadsm23.htm#26 Petrol firm suspends chip-and-pin
aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#28 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#30 Petrol firm suspends chip-and-pin
aadsm23.htm#31 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#32 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#33 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
2006.html#15 Passwords for bank sites - change or not?
2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#18 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#22 Encryption for Powerpoint?
2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#26 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#33 Password Complexity
aadsm23.htm#44 ThreatWatch - markets in loss, Visa's take, 419 "chairmen"
aadsm23.htm#49 Status of SRP
2006l.html#27 Google Architecture
aadsm23.htm#53 Status of SRP
aadsm23.htm#54 Status of SRP
aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
2006l.html#32 Google Architecture
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
2006l.html#33 Google Architecture
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
aadsm24.htm#3 FraudWatch - Chip&Pin, a new tenner (USD10)
2006l.html#37 Google Architecture
aadsm24.htm#6 Securely handling credit card transactions earns Blackboard kudos
aadsm24.htm#7 Naked Payments IV - let's all go naked
2006l.html#57 DEC's Hudson fab
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm24.htm#9 Naked Payments IV - let's all go naked
2006m.html#15 OpenSSL Hacks
aadsm24.htm#10 Naked Payments IV - let's all go naked
2006m.html#24 OT - J B Hunt
aadsm24.htm#12 Naked Payments IV - let's all go naked
aadsm24.htm#14 Naked Payments IV - let's all go naked
aadsm24.htm#21 Use of TPM chip for RNG?
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers
aadsm24.htm#34 Phishers Defeat 2-Factor Auth
aadsm24.htm#35 Interesting bit of a quote
aadsm24.htm#36 Interesting bit of a quote
aadsm24.htm#38 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#38 Interesting bit of a quote
aadsm24.htm#39 Interesting bit of a quote
aadsm24.htm#40 Interesting bit of a quote
aadsm24.htm#41 Naked Payments IV - let's all go naked
aadsm24.htm#43 DDA cards may address the UK Chip&Pin woes
2006n.html#32 The System/360 Model 20 Wasn't As Bad As All That
aadsm24.htm#46 More Brittle Security -- Agriculture
aadsm24.htm#47 More Brittle Security -- Agriculture
aadsm24.htm#48 more on FBI plans new Net-tapping push
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#9 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#10 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#11 And another cloning tale
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
2006o.html#35 the personal data theft pandemic continues
2006o.html#37 the personal data theft pandemic continues
2006o.html#40 the personal data theft pandemic continues
2006o.html#47 the personal data theft pandemic continues
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#17 Hamiltonian path as protection against DOS
aadsm25.htm#18 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#21 Identity v. anonymity -- that is not the question
2006p.html#9 New airline security measures in Europe
2006p.html#18 19,000 Accounts Compromised
2006p.html#32 OT - hand-held security
2006p.html#38 Hackers steal AT&T customer data
2006p.html#41 Device Authentication - The answer to attacks lauched using stolen passwords?
2006q.html#5 Materiel and graft<
2006q.html#7 Linux More Secure on System z?
aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
2006q.html#48 Smartcard reader with certificate inside the reader
2006r.html#28 Greatest Software Ever Written?
2006r.html#29 Intel abandons USEnet news
2006r.html#34 Mozilla moves on security
2006s.html#4 Why not 2048 or 4096 bit RSA key issuance?
2006s.html#5 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
2006s.html#9 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#43 Audit Follies - Atlantic differences, branding UnTrust, thunbs on Sarbanes-Oxley, alternates
2006s.html#28 Storage Philosophy Question
aadsm25.htm#45 hashes on restricted domains: random functions or permutations?
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
2006t.html#25 Are there more stupid people in IT than there used to be?
2006u.html#3 ssh - password control or key control?
aadsm26.htm#0 Flaw in RFID-enabled passports (part 2?)
aadsm26.htm#3 Citibank e-mail looks phishy
2006u.html#36 remote support questions - curiousity
2006u.html#40 New attacks on the financial PIN processing
aadsm26.htm#4 Citibank e-mail looks phishy
aadsm26.htm#5 ATMs hacked using MP3 player
2006u.html#47 New attacks on the financial PIN processing
2006u.html#48 New attacks on the financial PIN processing
aadsm26.htm#6 Citibank e-mail looks phishy
2006u.html#53 What's a mainframe?
aadsm26.htm#7 Citibank e-mail looks phishy
2006v.html#1 New attacks on the financial PIN processing
2006v.html#2 New attacks on the financial PIN processing
aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
aadsm26.htm#12 Who has a Core Competency in Security?
2006v.html#13 Who has a Core Competency in Security?
2006v.html#27 Federal Rules May Not Fully Secure Online Banking Sites
aadsm26.htm#14 Who has a Core Competency in Security?
2006v.html#33 New attacks on the financial PIN processing
2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
2006v.html#44 User Authentication
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006v.html#46 Patent buster for a method that increases password security
2006v.html#49 Patent buster for a method that increases password security
2006v.html#50 DOS C prompt in "Vista"?
2006w.html#5 Patent buster for a method that increases password security
2006x.html#14 IBM ATM machines
2006x.html#22 'Innovation' and other crimes
2006x.html#16 Security Implications of Using the Data Encryption Standard (DES)
2006x.html#36 SSL security with server certificate compromised
2006y.html#8 Securing financial transactions a high priority for 2007
aadsm26.htm#17 Changing the Mantra -- RFC 4732 on rethinking DOS
2006y.html#25 "The Elements of Programming Style"
2007.html#5 Securing financial transactions a high priority for 2007
2007.html#6 Securing financial transactions a high priority for 2007
2007.html#27 Securing financial transactions a high priority for 2007
aadsm26.htm#21 FC07 Preliminary Programme - Leaving Room for the Bad Guys
aadsm26.htm#22 Tamperproof, yet playing Tetris
2007b.html#8 Special characters in passwords was Re: RACF - Password rules
2007b.html#13 special characters in passwords
2007b.html#20 How many 36-bit Unix ports in the old days?
2007b.html#24 Forbidding Special characters in passwords
aadsm26.htm#23 It's a Presidential Mandate, Feds use it. How come you are not using FDE?
2007b.html#59 Peter Gutmann Rips Windows Vista Content Protection
2007b.html#60 Securing financial transactions a high priority for 2007
2007b.html#62 Securing financial transactions a high priority for 2007
2007b.html#63 Is Silicon Valley strangeled by SOX?
2007b.html#64 Securing financial transactions a high priority for 2007
2007c.html#3 "New Universal Man-in-the-Middle Phishing Kit"
2007c.html#6 Securing financial transactions a high priority for 2007
2007c.html#8 Securing financial transactions a high priority for 2007
2007c.html#9 Decoding the encryption puzzle
2007c.html#10 Securing financial transactions a high priority for 2007
2007c.html#11 Decoding the encryption puzzle
2007c.html#17 Securing financial transactions a high priority for 2007
2007c.html#18 Securing financial transactions a high priority for 2007
2007c.html#22 Securing financial transactions a high priority for 2007
2007c.html#26 Securing financial transactions a high priority for 2007
2007c.html#27 Securing financial transactions a high priority for 2007
2007c.html#28 Securing financial transactions a high priority for 2007
2007c.html#30 Securing financial transactions a high priority for 2007
2007c.html#31 Securing financial transactions a high priority for 2007
2007c.html#32 Securing financial transactions a high priority for 2007
2007c.html#33 Securing financial transactions a high priority for 2007
2007c.html#35 Securing financial transactions a high priority for 2007
2007c.html#36 Securing financial transactions a high priority for 2007
2007c.html#37 Securing financial transactions a high priority for 2007
2007c.html#38 Securing financial transactions a high priority for 2007
2007c.html#43 Securing financial transactions a high priority for 2007
2007c.html#46 Securing financial transactions a high priority for 2007
2007c.html#51 Securing financial transactions a high priority for 2007
2007c.html#53 Securing financial transactions a high priority for 2007
2007d.html#5 Securing financial transactions a high priority for 2007
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#27 man in the middle, SSL ... addenda
2007d.html#26 Securing financial transactions a high priority for 2007
aadsm26.htm#30 man in the middle, SSL
aadsm26.htm#31 man in the middle, SSL ... addenda 2
aadsm26.htm#35 Failure of PKI in messaging
2007d.html#68 Securing financial transactions a high priority for 2007
2007d.html#70 Securing financial transactions a high priority for 2007
2007e.html#2 Securing financial transactions a high priority for 2007
2007e.html#12 Securing financial transactions a high priority for 2007
aadsm26.htm#37 Threatwatch: $400 to 'own' your account
aadsm26.htm#38 Usable Security 2007
2007e.html#20 Securing financial transactions a high priority for 2007
2007e.html#24 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007e.htmL#29 Securing financial transactions a high priority for 2007
2007e.html#58 Securing financial transactions a high priority for 2007
2007e.html#62 Securing financial transactions a high priority for 2007
aadsm26.htm#40 PKI: The terrorists' secret weapon
aadsm26.htm#41 PKI: The terrorists' secret weapon (part II)
2007f.html#58 Securing financial transactions a high priority for 2007
2007f.html#68 Securing financial transactions a high priority for 2007
2007f.html#72 Securing financial transactions a high priority for 2007
2007g.html#8 Securing financial transactions a high priority for 2007
2007g.html#20 T.J. Maxx data theft worse than first reported
aadsm26.htm#45 Cost of an identity
2007g.html#30 T.J. Maxx data theft worse than first reported
aadsm26.htm#47 SSL MITM-attacks make the news
2007g.html#58 Can SSL sessions be compromised?
2007g.html#50 DNSSEC to be strangled at birth
aadsm26.htm#57 Our security sucks. Why can't we change? What's wrong with us?
2007h.html#48 Securing financial transactions a high priority for 2007
2007h.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?
2007h.html#56 T.J. Maxx data theft worse than first reported
aadsm26.htm#60 crypto component services - is there a market?
2007h.html#63 T.J. Maxx data theft worse than first reported
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007i.html#19 John W. Backus, 82, Fortran developer, dies
2007i.html#28 John W. Backus, 82, Fortran developer, dies
2007i.html#73 public key password authentication
aadsm26.htm#66 More Tipping Point evidence - POS vendors sued
2007j.html#0 John W. Backus, 82, Fortran developer, dies
2007j.html#3 John W. Backus, 82, Fortran developer, dies
2007j.html#15 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#68 H6.1: Designing (Security) Without Requirements is like Building a Road Without a Route Map to a Destination You've Never Seen
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm27.htm#2 Threatwatch: Still searching for the economic MITM
2007j.html#60 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
aadsm27.htm#5 Leadership, the very definition of fraud, and the court of security ideas
aadsm27.htm#7 Solution to phishing -- an idea who's time has come?
aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
aadsm27.htm#11 Is this Risk Management's Waterloo?
aadsm27.htm#12 0wned .gov machines (was Re: Russian cyberwar against Estonia?)
aadsm27.htm#13 Is this Risk Management's Waterloo?
2007k.html#50 John W. Backus, 82, Fortran developer, dies
2007k.html#51 IBM Unionization
2007k.html#52 John W. Backus, 82, Fortran developer, dies
2007k.html#54 John W. Backus, 82, Fortran developer, dies
2007k.html#55 My Dream PC -- Chip-Based
2007k.html#56 My Dream PC -- Chip-Based
2007k.html#63 My Dream PC -- Chip-Based
2007k.html#79 John W. Backus, 82, Fortran developer, dies
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007l.html#18 Non-Standard Mainframe Language?
2007l.html#35 My Dream PC -- Chip-Based
2007l.html#40 My Dream PC -- Chip-Based
2007m.html#33 nouns and adjectives
2007m.html#65 nouns and adjectives
aadsm27.htm#31 The bank fraud blame game
aadsm27.htm#32 The bank fraud blame game
aadsm27.htm#33 The bank fraud blame game
aadsm27.htm#35 The bank fraud blame game
aadsm27.htm#38 The bank fraud blame game
aadsm27.htm#39 a fraud is a sale, Re: The bank fraud blame game
aadsm27.htm#40 a fraud is a sale, Re: The bank fraud blame game
2007n.html#50 WindowsMonitor or CUSP?
aadsm27.htm#43 a fraud is a sale, Re: The bank fraud blame game
2007n.html#71 Poll: oldest computer thing you still use
2007n.html#72 Poll: oldest computer thing you still use
aadsm27.htm#44 Threatwatch: how much to MITM, how quickly, how much lost
aadsm27.htm#45 Threatwatch: how much to MITM, how quickly, how much lost
2007n.html#80 Poll: oldest computer thing you still use
aadsm27.htm#46 Threatwatch: how much to MITM, how quickly, how much lost
aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
2007o.html#16 Hypervisors May Replace Operating Systems As King Of The Data Center
2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
2007o.html#29 EZPass: Yes, Big Brother IS Watching You!
2007o.html#30 EZPass: Yes, Big Brother IS Watching You!
aadsm27.htm#59 Threatwatch - more data on cost of your identity
2007p.html#40 what does xp do when system is copying
2007p.html#50 Newsweek article--baby boomers and computers
aadsm27.htm#60 Retailers try to push data responsibilities back to banks
2007q.html#41 Newsweek article--baby boomers and computers
2007r.html#30 Is the media letting banks off the hook on payment card security
2007r.html#32 Is the media letting banks off the hook on payment card security
2007r.html#47 Translation of IBM Basic Assembler to C?
2007r.html#61 The new urgency to fix online privacy
2007r.html#63 Translation of IBM Basic Assembler to C?
2007r.html#72 Translation of IBM Basic Assembler to C?
2007s.html#1 Translation of IBM Basic Assembler to C?
2007s.html#11 Translation of IBM Basic Assembler to C?
2007s.htmL#12 Translation of IBM Basic Assembler to C?
2007s.html#13 The new urgency to fix online privacy
2007s.htmL#25 Translation of IBM Basic Assembler to C?
2007s.html#28 Translation of IBM Basic Assembler to C?
2007s.html#34 File sharing may lead to identity theft
aadsm27.htm#64 How to crack RSA
2007s.html#66 The new urgency to fix online privacy
2007t.html#7 Identity Theft Prevention tips
2007t.html#20 UK Retail Giant Breached by Insider
2007t.html#22 'Man in the browser' is new threat to online banking
2007t.html#27 'Man in the browser' is new threat to online banking
2007t.html#47 Translation of IBM Basic Assembler to C?
2007u.html#10 Crypto Related Posts
2007u.html#11 Public Computers
2007u.html#45 Folklore references to CP67 at Lincoln Labs
2007u.html#47 folklore indeed
2007u.html#48 folklore indeed
2007u.html#49 folklore indeed
2007u.html#50 folklore indeed
2007u.html#53 folklore indeed
2007u.html#54 folklore indeed
2007u.html#55 folklore indeed
2007u.html#58 folklore indeed
2007u.html#62 folklore indeed
2007u.html#63 folklore indeed
2007u.html#68 folklore indeed
2007u.html#70 folklore indeed
2007u.html#71 folklore indeed
2007u.html#74 folklore indeed
2007u.html#82 Education ranking
2007v.html#2 folklore indeed
2007v.html#6 Ironke
2007v.html#8 Virtualization still hot, death of antivirus software imminent
2007v.html#25 Newsweek article--baby boomers and computers
2007v.html#35 Inside a Modern Malware Distribution System
2007v.html#66 2007: year in review
2007v.html#74 folklore indeed
aadsm28.htm#2 Death of antivirus software imminent
2007v.html#77 folklore indeed
2007v.html#78 folklore indeed
2007v.html#86 folklore indeed
2007v.html#87 Data Breaches Soar In 2007
2007v.html#88 Data Breaches Soar In 2007
2007v.html#89 2007 Roundup: The march of the botnets
2007v.html#90 folklore indeed
aadsm28.htm#3 Why Security Modelling doesn't work -- the OODA loop of today's battle
2007v.html#95 folklore indeed
2007v.html#97 folklore indeed
2008.html#2 folklore indeed
2008.html#4 folklore indeed
2008.html#5 folklore indeed
aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle
aadsm28.htm#6 Death of antivirus software imminent
2008.html#11 Information security breaches quadrupled in 2007
2008.html#31 1975 movie "Three Days of the Condor" tech stuff
2008.html#35 U.S. Identity Theft at Record Level in 2007
2008.html#36 1970s credit cards, was: 1975 movie "Three Days of the Condor" tech stuff
2008.html#70 As Expected, Ford Falls From 2nd Place in U.S. Sales
2008.html#71 As Expected, Ford Falls From 2nd Place in U.S. Sales
2008.html#90 Computer Science Education: Where Are the Software Engineers of Tomorrow?
2008b.html#12 Computer Science Education: Where Are the Software Engineers of Tomorrow?
2008b.html#19 Yahoo's CAPTCHA Security Reportedly Broken
2008b.html#26 folklore indeed
2008b.html#67 Govt demands password to personal computer
2008b.html#68 Govt demands password to personal computer
2008b.html#72 Govt demands password to personal computer
2008b.html#74 Too much change opens up financial fault lines
2008b.html#82 Break the rules of governance and lose 4.9 billion
aadsm28.htm#13 Break the rules of governance and lose 4.9 billion
aadsm28.htm#14 Break the rules of governance and lose 4.9 billion
2008c.html#4 folklore indeed
aadsm28.htm#15 Dutch Transport Card Broken
aadsm28.htm#17 Lack of fraud reporting paths considered harmful
aadsm28.htm#18 Lack of fraud reporting paths considered harmful
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008c.html#44 Toyota Sales for 2007 May Surpass GM
aadsm28.htm#21 Dutch Transport Card Broken
2008c.html#47 Data Erasure Products
aadsm28.htm#25 middle banking in a english muddle
2008c.html#59 Govt demands password to personal computer
2008c.html#76 Neglected IT Tasks May Have Led to Bank Meltdown
aadsm28.htm#27 Break the rules of governance and lose 4.9 billion
aadsm28.htm#28 middle banking in a english muddle
2008c.html#89 Toyota Sales for 2007 May Surpass GM
2008d.html#2 Spammers' bot cracks Microsoft's CAPTCHA
2008d.html#3 Govt demands password to personal computer
2008d.html#6 How Safe Are Your Personal Records In The Hands Of Government Officials?
aadsm28.htm#29 Chip&PIN cards: 1 in 5 cloned?
2008d.html#10 Toyota Sales for 2007 May Surpass GM
2008d.html#18 New Research Confirms Identity Fraud Is On Decline
2008d.html#26 Toyota Sales for 2007 May Surpass GM
aadsm28.htm#33 on Revocation of Signing Certs and Public Key Signing itself
2008d.html#27 Kerberized authorization service
2008d.html#34 New Research Confirms Identity Fraud Is On Decline
2008d.html#84 The hands-free way to steal a credit card
2008d.html#88 The hands-free way to steal a credit card
2008e.html#3 The hands-free way to steal a credit card
2008e.html#25 Spammers crack Gmail Captcha
2008e.html#34 The hands-free way to steal a credit card
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008e.html#35 PIN devices vulnerable to 'tapping' attacks, researchers warn
2008e.html#42 Banks failing to manage IT risk - study
2008e.html#44 insider fraud
2008e.html#65 Banks failing to manage IT risk - study
2008e.html#66 independent appraisers
2008e.html#69 independent appraisers
US aerospace and defense sector braces for potential brain drain as Cold War workers retire
2008e.html#77 independent appraisers
2008f.html#2 EPIC, Ending Piracy of Integrated Circuits
2008f.html#9 EPIC, Ending Piracy of Integrated Circuits
2008f.html#11 independent appraisers
aadsm28.htm#38 The Trouble with Threat Modelling
2008f.html#25 independent appraisers
2008f.html#26 independent appraisers
2008f.html#33 EPIC, Ending Piracy of Integrated Circuits
aadsm28.htm#40 Attack on Brit retail payments -- some takeways
aadsm28.htm#41 Trojan with Everything, To Go!
2008f.html#49 How do OTP tokens work?
2008f.html#51 independent appraisers
2008f.html#54 How do OTP tokens work?
aadsm28.htm#46 The bond that fell to Earth
2008f.html#63 Antivirus Inventor: Security Departments Are Wasting Their Time
2008f.html#73 Bush - place in history
aadsm28.htm#50 Liability for breaches: do we need new laws?
2008f.html#86 Banks failing to manage IT risk - study
2008f.html#88 Has Banking Industry Overlooked Its Biggest Breach Ever?
aadsm28.htm#51 Liability for breaches: do we need new laws?
2008f.html#89 Bush - place in history
2008f.html#94 Bush - place in history
aadsm28.htm#52 Pogo reports: big(gest) bank breach was covered up?
2008f.html#96 Bush - place in history
2008g.html#0 Bush - place in history
2008g.html#2 Bush - place in history
2008g.html#4 CDOs subverting Boyd's OODA-loop
2008g.html#10 Hannaford case exposes holes in law, some say
2008g.html#12 independent appraisers
2008g.html#13 independent appraisers
2008g.html#16 independent appraisers
2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
2008g.html#25 CA ESD files Options
2008g.html#28 Hannaford case exposes holes in law, some say
aadsm28.htm#53 Pogo reports: big(gest) bank breach was covered up?
2008g.html#36 Lehman sees banks, others writing down $400 bln
2008g.html#59 Credit crisis could cost nearly $1 trillion, IMF predicts
2008g.html#64 independent appraisers
2008g.html#66 independent appraisers
2008g.html#67 independent appraisers
2008h.html#4 You won't guess who's the bad guy of ID theft
aadsm28.htm#54 Liability for breaches: do we need new laws?
aadsm28.htm#57 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#58 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#60 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#61 Is Basel 2 out...Basel 3 in?
aadsm28.htm#62 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#66 Would the Basel Committee's announced enhancement of Basel II Framework and other steps have prevented the current global financial crisis had they been implemented years ago?
2008h.html#20 handling the SPAM on this group
aadsm28.htm#71 Paypal -- Practical Approaches to Phishing -- open white paper
2008h.html#32 subprime write-down sweepstakes
aadsm28.htm#74 Visa and MasterCard mandated PCI compliance as of Jan 1, 2008. I would like to get a feel or opinion on this subject
aadsm28.htm#75 Fun with Data Theft/Breach Numbers
aadsm28.htm#77 How safe do you feel when using a debit or credit card?
2008h.html#44 Two views of Microkernels (Re: Kernels
2008h.html#89 Credit Crisis Timeline
2008h.html#90 subprime write-down sweepstakes
2008i.html#1 Do you belive Information Security Risk Assessment has shortcoming like
2008i.html#21 Worst Security Threats?
aadsm28.htm#80not crypto, but fraud detection
aadsm28.htm#81 not crypto, but fraud detection
2008i.html#30 subprime write-down sweepstakes
2008i.html#42 "Security Breaches"
2008i.html#43 IT Security Statistics
2008i.html#55 Is data classification the right approach to pursue a risk based information security program?
2008i.html#64 Is the credit crunch a short term aberation
2008i.html#67 Do you have other examples of how people evade taking resp. for risk
2008i.html#70 Next Generation Security
2008i.html#71 The End of Privacy?
2008i.html#76 Security Awareness
2008i.html#81 Selling Security using Prospect Theory. Or not
2008i.html#88 squirrels
2008i.html#101 We're losing the battle
2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#35 Data Breach Reports Up 69 Percent in 2008
2008j.html#37 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#38 dollar coins
2008j.html#51 dollar coins
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#57 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#60 dollar coins
2008j.html#61 German court finds Bank responsible for malwared PC
2008j.html#62 German court finds Bank responsible for malwared PC
2008j.html#63 CLIs and GUIs
2008j.html#64 lack of information accuracy
2008j.html#66 lack of information accuracy
2008j.html#71 lack of information accuracy
2008j.html#84 dollar coins
2008k.html#10 Why do Banks lend poorly in the sub-prime market? Because they are not in Banking!
2008k.html#13 dollar coins
2008k.html#19 dollar coins

top , by subject , technology , networking , public key , Boyd - home

Buffer overflows, overruns, exploits

99.html#70 Series/1 as NCP (was: Re: System/1 ?)
99.html#85 Perfect Code
99.html#163 IBM Assembler 101
99.html#219 Study says buffer overflow is most common security bug
ansiepay.htm#theory Security breach raises questions about Internet shopping
aadsm9.htm#cfppki10 CFP: PKI research workshop
aepay11.htm#65 E-merchants Turn Fraud-busters (somewhat related)
aadsm12.htm#16 Feasability of Palladium / TCPA
aadsm14.htm#32 An attack on paypal
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm14.htm#38 An attack on paypal (trivia addenda)
aadsm16.htm#1 FAQ: e-Signatures and Payments
aadsm18.htm#18 Any TLS server key compromises?
2000.html#25 Computer of the century
2000.html#30 Computer of the century
2000b.html#17 ooh, a real flamewar :)
2000b.html#22 ooh, a real flamewar :)
2000c.html#40 Domainatrix - the final word
2000g.html#50 Egghead cracked, MS IIS again
2001b.html#47 what is interrupt mask register?
2001b.html#58 Checkpoint better than PIX or vice versa???
2001c.html#32 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#38 How Commercial-Off-The-Shelf Systems make society vulnerable
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001i.html#54 Computer security: The Future
2001k.html#43 Why is UNIX semi-immune to viral infection?
2001l.html#49 Virus propagation risks
2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
2001n.html#30 FreeBSD more secure than Linux
2001n.html#71 Q: Buffer overflow
2001n.html#72 Buffer overflow
2001n.html#76 Buffer overflow
2001n.html#84 Buffer overflow
2001n.html#90 Buffer overflow
2001n.html#91 Buffer overflow
2001n.html#93 Buffer overflow
2002.html#4 Buffer overflow
2002.html#19 Buffer overflow
2002.html#20 Younger recruits versus experienced veterans ( was Re: The demise of compa
2002.html#23 Buffer overflow
2002.html#24 Buffer overflow
2002.html#26 Buffer overflow
2002.html#27 Buffer overflow
2002.html#28 Buffer overflow
2002.html#29 Buffer overflow
2002.html#32 Buffer overflow
2002.html#33 Buffer overflow
2002.html#34 Buffer overflow
2002.html#35 Buffer overflow
2002.html#37 Buffer overflow
2002.html#38 Buffer overflow
2002.html#39 Buffer overflow
2002e.html#58 O'Reilly C Book
2002h.html#74 Where did text file line ending characters begin?
2002i.html#62 subjective Q. - what's the most secure OS?
2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation
2002m.html#8 Backdoor in AES ?
2002m.html#10 Backdoor in AES ?
2002m.html#58 The next big things that weren't
2002p.html#6 unix permissions
2003g.html#62 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003h.html#41 Segments, capabilities, buffer overrun attacks
2003h.html#47 Segments, capabilities, buffer overrun attacks
2003i.html#59 grey-haired assembler programmers (Ritchie's C)
2003j.html#4 A Dark Day
2003j.html#8 A Dark Day
2003j.html#20 A Dark Day
2003k.html#64 C & reliability: Was "The Incredible Shrinking Legacy"
2003l.html#2 S/360 Engineering Changes
2003n.html#14 Poor people's OS?
2003o.html#5 perfomance vs. key size
2003o.html#6 perfomance vs. key size
2003o.html#20 IS CP/M an OS?
2003o.html#25 Any experience with "The Last One"?
2003o.html#50 Pub/priv key security
2004.html#30 Threat of running a web server?
2004e.html#41 Infiniband - practicalities for small clusters
2004e.html#43 security taxonomy and CVE
2004f.html#20 Why does Windows allow Worms?
2004h.html#2 Adventure game (was:PL/? History (was Hercules))
2004j.html#28 Vintage computers are better than modern crap !
2004j.html#29 Vintage computers are better than modern crap !
2004j.html#37 Vintage computers are better than modern crap !
2004j.html#38 Vintage computers are better than modern crap !
2004j.html#46 Vintage computers are better than modern crap !
2004j.html#47 Vintage computers are better than modern crap !
2004j.html#58 Vintage computers are better than modern crap !
2004k.html#2 Linguistic Determinism
2004k.html#5 Losing colonies
2004k.html#6 Losing colonies
2004k.html#13 FAST TCP makes dialup faster than broadband?
2004l.html#21 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#40 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#41 "Perfect" or "Provable" security both crypto and non-crypto?
2004m.html#25 Shipwrecks
2004m.html#26 Shipwrecks
2004m.html#27 Shipwrecks
2004m.html#28 Shipwrecks
2004m.html#34 tracking 64bit storage
2004m.html#60 Shipwrecks
2004p.html#21 need a firewall
2004p.html#46 US-CERT Technical Cyber Security Alert TA04-336A -- another buffer overflow
2004q.html#2 [Lit.] Buffer overruns
2004q.html#3 [Lit.] Buffer overruns
2004q.html#4 [Lit.] Buffer overruns
2004q.html#5 [Lit.] Buffer overruns
2004q.html#7 [Lit.] Buffer overruns
2004q.html#8 [Lit.] Buffer overruns
2004q.html#9 [Lit.] Buffer overruns
2004q.html#10 [Lit.] Buffer overrun
2004q.html#11 [Lit.] Buffer overruns
2004q.html#12 [Lit.] Buffer overruns
2004q.html#13 [Lit.] Buffer overruns
2004q.html#14 [Lit.] Buffer overruns
2004q.html#15 [Lit.] Buffer overruns
2004q.html#17 [Lit.] Buffer overruns
2004q.html#26 [Lit.] Buffer overruns
2004q.html#28 [Lit.] Buffer overruns
2004q.html#31 Integer types for 128-bit addressing
2004q.html#35 [Lit.] Buffer overruns
2004q.html#43 [Lit.] Buffer overruns
2004q.html#47 [Lit.] Buffer overruns
2004q.html#48 [Lit.] Buffer overruns
2004q.html#50 [Lit.] Buffer overruns
2004q.html#51 [Lit.] Buffer overruns
2004q.html#74 [Lit.] Buffer overruns
2004q.html#78 [Lit.] Buffer overruns
2004q.html#80 [Lit.] Buffer overruns
2004q.html#81 [Lit.] Buffer overruns
2004q.html#82 [Lit.] Buffer overruns
2004q.html#83 [Lit.] Buffer overruns
2004q.html#84 [Lit.] Buffer overruns
2005.html#0 [Lit.] Buffer overruns
2005.html#1 [Lit.] Buffer overruns
2005.html#3 [Lit.] Buffer overruns
2005.html#8 [Lit.] Buffer overruns
2005.html#32 8086 memory space [was: The Soul of Barb's New Machine]
2005.html#51 something like a CTC on a PC
2005b.html#17 [Lit.] Buffer overruns
2005b.html#20 [Lit.] Buffer overruns
2005b.html#21 [Lit.] Buffer overruns
2005b.html#30 [Lit.] Buffer overruns
2005b.html#31 [Lit.] Buffer overruns
2005b.html#33 [Lit.] Buffer overruns
2005b.html#34 [Lit.] Buffer overruns
2005b.html#35 [Lit.] Buffer overruns
2005b.html#37 [Lit.] Buffer overruns
2005b.html#39 [Lit.] Buffer overruns
2005b.html#42 [Lit.] Buffer overruns
2005b.html#43 [Lit.] Buffer overruns
2005b.html#45 [Lit.] Buffer overruns
2005b.html#46 [Lit.] Buffer overruns
2005b.html#48 [Lit.] Buffer overruns
2005b.html#52 [Lit.] Buffer overruns
2005b.html#60 [Lit.] Buffer overruns
2005b.html#61 [Lit.] Buffer overruns
2005b.html#63 [Lit.] Buffer overruns
2005b.html#64 [Lit.] Buffer overruns
2005b.html#66 [Lit.] Buffer overruns
2005c.html#5 [Lit.] Buffer overruns
2005c.html#13 [Lit.] Buffer overruns
2005c.html#14 [Lit.] Buffer overruns
2005c.html#28 [Lit.] Buffer overruns
2005c.html#29 [Lit.] Buffer overruns
2005c.html#30 [Lit.] Buffer overruns
2005c.html#31 [Lit.] Buffer overruns
2005c.html#33 [Lit.] Buffer overruns
2005c.html#34 [Lit.] Buffer overruns
2005c.html#37 [Lit.] Buffer overruns
2005c.html#40 [Lit.] Buffer overruns
2005c.html#44 [Lit.] Buffer overruns
2005c.html#47 [Lit.] Buffer overruns
2005c.html#48 [Lit.] Buffer overruns
2005c.html#52 [Lit.] Buffer overruns
2005c.html#55 [Lit.] Buffer overruns
2005d.html#53 [Lit.] Buffer overruns
2005d.html#54 [Lit.] Buffer overruns
2005d.html#55 [Lit.] Buffer overruns
2005d.html#65 [Lit.] Buffer overruns
2005d.html#67 [Lit.] Buffer overruns
2005d.html#69 [Lit.] Buffer overruns
2005f.html#39 [Lit.] Buffer overruns
2005j.html#42 Public disclosure of discovered vulnerabilities
2005j.html#46 Public disclosure of discovered vulnerabilities
2005j.html#48 Public disclosure of discovered vulnerabilities
2005j.html#49 Public disclosure of discovered vulnerabilities
2005j.html#57 Ancient history
2005j.html#60 Ancient history
2005j.html#61 Ancient history
2005j.html#64 More on garbage
2005k.html#24 Ancient history
2005o.html#10 Virtual memory and memory protection
2005p.html#12 Is there any RFC for telnet proxy?
aadsm21.htm#6 Clearing sensitive in-memory data in perl
aadsm21.htm#9 Clearing sensitive in-memory data in perl
aadsm21.htm#10 Clearing sensitive in-memory data in perl
2005r.html#35 X68-64 buffer overflow exploits and the borrowed code chunks exploitation techniqu
2005r.html#36 X68-64 buffer overflow exploits and the borrowed code chunks exploitation technique
2005r.html#37 X68-64 buffer overflow exploits and the borrowed code chunks exploitation technique
2006c.html#27 Mount DASD as read-only
2006c.html#28 Mount DASD as read-only
2006d.html#8 IBM 610 workstation computer
2006d.html#9 IBM 610 workstation computer
aadsm23.htm#3 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens
2006p.html#51 what's the difference between LF(Line Fee) and NL (New line) ?
2006q.html#7 Linux More Secure on System z?
aadsm25.htm#40 Why security training is really important (and it ain't anything to do with security!)
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
2006s.html#64 Is the teaching of non-reentrant HLASM coding practices ever defensible?
2006x.html#20 "The Elements of Programming Style"
2006x.html#29 "The Elements of Programming Style"
2006x.html#35 "The Elements of Programming Style"
2006y.html#15 "The Elements of Programming Style"
2007b.html#12 Special characters in passwords was Re: RACF - Password rules
2007h.html#41 Fast and Safe C Strings: User friendly C macros to Declare and use C Strings
2007l.html#11 John W. Backus, 82, Fortran developer, dies
2007l.html#18 Non-Standard Mainframe Language?
2007l.html#21 Non-Standard Mainframe Language?
2007l.html#55 Scholars needed to build a computer history bibliography
aadsm27.htm#48 If your CSO lacks an MBA, fire one of you
aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
2007o.html#50 64 gig memory
2007p.html#71 Translation of IBM Basic Assembler to C?
2007q.html#31 what does xp do when system is copying
2007r.html#57 Translation of IBM Basic Assembler to C?
2007t.html#9 How the pages tables of each segment is located
2007t.html#21 How the pages tables of each segment is located
2008d.html#58 Linux zSeries questions
2008e.html#22 Linux zSeries questions
2008e.html#49 Any benefit to programming a RISC processor by hand?
2008f.html#64 Panic in Multicore Land
2008g.html#29 CA ESD files Options
2008j.html#77 CLIs and GUIs

top , by subject : technology , networking , public key , Boyd - home

Assurance

aadsmore.htm#client3 Client-side revocation checking capability
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#useire3 U.S. & Ireland use digital signature
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#straw AADS Strawman
aadsm2.htm#strawm2 AADS Strawman
aadsm2.htm#strawm3 AADS Strawman
aadsm3.htm#cstech4 cardtech/securetech & CA PKI
aadsm3.htm#cstech5 cardtech/securetech & CA PKI
aadsm3.htm#cstech9 cardtech/securetech & CA PKI
aadsm3.htm#cstech10 cardtech/securetech & CA PKI
aadsm3.htm#cstech12 cardtech/securetech & CA PKI
aadsm3.htm#cstech13 cardtech/securetech & CA PKI
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss8 KISS for PKIX
aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature
aadsm5.htm#asrn1 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn4 assurance, X9.59, etc
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm6.htm#terror3 [FYI] Did Encryption Empower These Terrorists?
aadsm7.htm#rubberhose Rubber hose attack
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki10 CFP: PKI research workshop
aadsm9.htm#cfppki11 CFP: PKI research workshop
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#cfppki18 CFP: PKI research workshop
aadsm10.htm#paiin PAIIN security glossary & taxonomy
aadsm10.htm#keygen2 Welome to the Internet, here's your private key
ansiepay.htm#breach Security breach raises questions about Internet shopping
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#x959risk1 Risk Management in AA / draft X9.59
aepay3.htm#x959risk4 Risk Management in AA / draft X9.59
aepay4.htm#comcert3 Merchant Comfort Certificates
aepay6.htm#idf Intel Developer's Forum ... fyi
aepay6.htm#ecom some electronic commerce discussion from dcsb & IDF
aepay6.htm#cacr7 7th CACR Information Security Workshop
aepay6.htm#asrn5 assurance, X9.59, etc
aepay10.htm#22 PKI: An Insider's View
2000.html#39 "Trusted" CA - Oxymoron?
2000b.html#40 general questions on SSL certificates
2000g.html#33 does CA need the proof of acceptance of key binding?
2001.html#50 What exactly is the status of the Common Criteria
2001c.html#34 PKI and Non-repudiation practicalities
2001d.html#41 solicit advice on purchase of digital certificate
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001e.html#26 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#40 Can I create my own SSL key?
2001e.html#59 Design (Was Re: Server found behind drywall)
2001g.html#0 FREE X.509 Certificates
2001h.html#7 PKI/Digital signature doesn't work
2001h.html#16 D
2001h.html#64 Net banking, is it safe???
2001i.html#52 misc loosely-coupled, sysplex, cluster, supercomputer, & electronic commerce
2001i.html#57 E-commerce security????
2001j.html#5 E-commerce security????
2001j.html#54 Does "Strong Security" Mean Anything?
2001n.html#71 Q: Buffer overflow
2001n.html#91 Buffer overflow
2002.html#28 Buffer overflow
2002.html#29 Buffer overflow
2002.html#32 Buffer overflow
2002c.html#35 TOPS-10 logins (Was Re: HP-2000F - want to know more about it)
2002d.html#16 Mainframers: Take back the light (spotlight, that is)
2002e.html#17 Smart Cards
2002e.html#58 O'Reilly C Book
2002e.html#71 Blade architectures
2002e.html#73 Blade architectures
2002f.html#23 Computers in Science Fiction
2002f.html#24 Computers in Science Fiction
2002f.html#27 Security Issues of using Internet Banking
2002f.html#28 Security Issues of using Internet Banking
2002f.html#31 Security and e-commerce
2002h.html#68 Are you really who you say you are?
2002h.html#39 Beginner question on Security
2002j.html#55 AADS, ECDSA, and even some TCPA
aadsm12.htm#16 Feasability of Palladium / TCPA
2002k.html#11 Serious vulnerablity in several common SSL implementations?
2002k.html#43 how to build tamper-proof unix server?
2002k.html#44 how to build tamper-proof unix server?
2002l.html#5 What good is RSA when using passwords?
2002l.html#9 Moore law
2002l.html#11 IEEE article on intelligence and security
2002l.html#12 IEEE article on intelligence and security
2002l.html#23 >Moore law
2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
2002o.html#14 Home mainframes
2003.html#34 Calculating expected reliability for designed system
2003.html#37 Calculating expected reliability for designed system
2003.html#38 Calculating expected reliability for designed system
2003.html#48 InfiniBand Group Sharply, Evenly Divided
2003.html#49 InfiniBand Group Sharply, Evenly Divided
2003.html#52 SSL & Man In the Middle Attack
2003b.html#53 Microsoft worm affecting Automatic Teller Machines
2003b.html#54 Microsoft worm affecting Automatic Teller Machines
2003e.html#11 PDP10 and RISC
2003e.html#73 Security Certifications?
2003e.html#74 Security Certifications?
2003g.html#62 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003g.html#65 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003j.html#15 A Dark Day
2003j.html#25 Idea for secure login
2003j.html#30 How is a smartcard created?
2003j.html#36 CC vs. NIST/TCSEC - Which do you prefer?
2003j.html#44 Hand cranking telephones
2003j.html#45 Hand cranking telephones
aadsm14.htm#50 E-banking is board-level Issue, Says Basel Committee
aadsm14.htm#52 Committee calls for better e-banking security management
2003k.html#23 virtual machines for security
2003k.html#25 virtual machines for security
2003l.html#19 Secure OS Thoughts
2003l.html#20 Secure OS Thoughts
2003l.html#22 Secure OS Thoughts
2003l.html#26 Secure OS Thoughts
aepay12.htm#25 Cyber Security In The Financial Services Sector
aadsm15.htm#23 NCipher Takes Hardware Security To Network Level
aadsm15.htm#24 Homeland Security chief mulls SEC cybersecurity filings
2003n.html#21 Is it possible to devise a public-key cipher with no flaws?
aepay12.htm#36 DNS, yet again
2003n.html#31 hardware vs software security
aadsm15.htm#31 Electronic Safety and Soundness: A Four Piller Approach; Public Policy Issues
aadsm15.htm#34 VS: On-line signature standards (slight addenda)
aadsm15.htm#36 VS: On-line signature standards
aadsm15.htm#38FAQ: e-Signatures and Payments
aadsm15.htm#39 FAQ: e-Signatures and Payments
aadsm16.htm#1 FAQ: e-Signatures and Payments
2003o.html#15 secure delete on 3390
2003o.html#20 IS CP/M an OS?
2003o.html#44 Biometrics
2003o.html#45 Any experience with "The Last One"?
2003o.html#46 What 'NSA'?
2003o.html#50 Pub/priv key security
aadsm16.htm#8 example: secure computing kernel needed
2003p.html#4 Does OTP need authentication?
aadsm16.htm#9 example: secure computing kernel needed
2003p.html#10 Secure web logins w random passwords
aadsm16.htm#12 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
2003p.html#37 The BASIC Variations
aadsm17.htm#0 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
2004.html#30 passwords
2004.html#36 merged security taxonomy & glossary
2004.html#37 When rsa vs dsa
2004.html#38 When rsa vs dsa
2004b.html#8 Mars Rover Not Responding
2004b.html#10 Mars Rover Not Responding
2004b.html#44 Foiling Replay Attacks
2004b.html#45 Foiling Replay Attacks
2004b.html#48 Automating secure transactions
2004b.html#51 Using Old OS for Security
2004c.html#4 OS Partitioning and security
aadsm17.htm#39 The future of security
aadsm17.htm#40 The future of security
aadsm17.htm#42 Article on passwords in Wired News
2004h.html#4 Adventure game (was:PL/? History (was Hercules))
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#57 dual-use digital signature vulnerability
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#4 dual-use digital signature vulnerability
aadsm18.htm#12 dual-use digital signature vulnerability
aadsm18.htm#13 dual-use digital signature vulnerability
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#52 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#53 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#54 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#55 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#56 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#57