ADMIN: "subscribers only" posting

Moderator's Note: As of now, if you want to be able to send a message to the list, you have to be a subscriber. Otherwise, the message will bounce at the SMTP transaction with my mail server. The old fashioned method of forwarding non-member posts to the moderator (me) for approval was swamping

Microsoft Plans Security Perks for SQL Server 2005

Internet News May 25, 2004 Microsoft Plans Security Perks for SQL Server 2005 By Clint Boulton Little by little, Microsoft (Quote, Chart) is peeling away the layers of SQL Server 2005, the company's forthcoming database server sof

Re: The future of security

Ben Laurie wrote: Steven M. Bellovin wrote: The spammers are playing with other people's money, cycles, etc. They don't care. We took that into account in the paper. Perhaps you should read it? http://www.dtc.umn.edu/weis2004/clayton.pdf (Most of the people on this list are far too professiona

Re: The future of security

In message <[EMAIL PROTECTED]>, Ben Laurie writes: >Steven M. Bellovin wrote: >> In message <[EMAIL PROTECTED]>, "Anton Stiglic" write >s: >> >>>- Original Message - >>>From: "Steven M. Bellovin" <[EMAIL PROTECTED]> >>> >j. a cryptographic solution for spam and >viruses won't be

Re: Yahoo releases internet standard draft for using DNS as public key server

thats pretty much DNSSEC, now eleven years old. or - presuming DNS is fine w/o integrity checks, one should look at the rational for the creation of the CERT (x509) resource record back in 1999 and documented in RFC 2538. > > > > yahoo draft internet sta

[Publicity-list]: DIMACS Workshop on Usable Privacy and Security Software

* DIMACS Workshop on Usable Privacy and Security Software July 7 - 8, 2004 DIMACS Center, Rutgers University, Piscataway, NJ Organizers: Lorrie Cranor, Chair, AT&T, [EMAIL PROTECTED] Mark Ackerman, University

Very scary...

Browsing around in bookstore this afternoon, I came across 'Cryptography for Dummies'. Yikes. It was suggested to general approval that the book should open up to a single page with DON'T in a large font. http://www.dummies.com/WileyCDA/DummiesTitle/productCd-0764541889.html The TOC on the site

[ISN] REVIEW: "Beyond Fear", Bruce Schneier

--- begin forwarded text Date: Wed, 26 May 2004 02:29:33 -0500 (CDT) From: InfoSec News <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [ISN] REVIEW: "Beyond Fear", Bruce Schneier Reply-To: [EMAIL PROTECTED] List-Id: InfoSec News List-Archive: List-Po

Re: The future of security

In message <[EMAIL PROTECTED]>, "Anton Stiglic" writes: > >- Original Message - >From: "Steven M. Bellovin" <[EMAIL PROTECTED]> > >> > >> >j. a cryptographic solution for spam and >> >viruses won't be found. >> >> This ties into the same thing: spam is *unwanted* email, but it's not >>

Re: The future of security

At 09:36 AM 5/11/2004, Steven M. Bellovin wrote: In message <[EMAIL PROTECTED]>, Ian Grigg writes: > Security architects >will continue to do most of their work with >little or no crypto. And rightly so, since most security problems have nothing to do with the absence of crypto. > >j. a cryptograp

ADMIN: sad but needed anti-spam measures being implemented

Moderator's Note: One of the main delays I have in moderating the list has been the massive increase in spam that has happened in the last six months. I have had to wade through first two or three spams per real list message, and then five or ten, and finally one hundred or more. Most days, I sim

Re: SSL accel cards

> > Does anyone know of an SSL acceleration card that actually works under > Linux/*BSD? I successfully used a Broadcom PCI card on a Linux (don't remember what Linux and kernel version, this was close to 2 years ago). If I remember correctly it was the BCM5820 processor I used http://www.broadcom

Re: The future of security

- Original Message - From: "Steven M. Bellovin" <[EMAIL PROTECTED]> To: "Ian Grigg" <[EMAIL PROTECTED]> Cc: "Graeme Burnett" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, May 11, 2004 11:36 AM Subject: Re: The future of security > In message <[EMAIL PROTECTED]>, Ian Grigg wri

Re: SSL accel cards

> Does anyone know of an SSL acceleration card that actually works under > Linux/*BSD? I've been looking at vendor web pages (AEP, Rainbow, etc), and > while they all claim to support Linux, Googling around all I find are people > saying "Where can I get drivers? The ones shipped only work on RedH

Re: Yahoo releases internet standard draft for using DNS as public key server

On Thu, May 20, 2004 at 10:07:43AM -0400, R. A. Hettinga wrote: [...] > yahoo draft internet standard for using DNS as a public key server > http://www.ietf.org/internet-drafts/draft-delany-domainkeys-base-00.txt This sounds quite a lot like the ideas outlined in a paper I co-authored in 1995, pro