Re: Test of BIOS Spyware

2003-10-16 Thread Dave Howe
Ralf-P. Weinmann wrote: This is *NOT* the interesting part. The interesting part is the payload it is to deliver. The claim This enables the software to spy on the user and remain hidden to the operating system. rather interests me. How do they achieve this in an OS-agnostic fashion? They

Schneier gets the heebie-Brin-jeebies (was Re: CRYPTO-GRAM, October 15, 2003)

2003-10-16 Thread R. A. Hettinga
At 10:58 PM -0500 10/14/03, Bruce Schneier wrote: The Future of Surveillance At a gas station in Coquitlam, British Columbia, two employees installed a camera in the ceiling in front of an ATM machine. They recorded thousands of people as they typed in their PIN numbers.

Re: NCipher Takes Hardware Security To Network Level

2003-10-16 Thread Peter Gutmann
Jerrold Leichter [EMAIL PROTECTED] writes: There was also an effort in England that produced a verified chip. Quite impressive, actually - but I don't know if anyone actually wanted the chip they (designed and) verified. The Viper. Because it needed to be formally verifiable, they had to leave


2003-10-16 Thread Ian Grigg
Jon Snader wrote: On Mon, Oct 13, 2003 at 06:49:30PM -0400, Ian Grigg wrote: Yet others say to be sure we are talking to the merchant. Sorry, that's not a good answer either because in my email box today there are about 10 different attacks on the secure sites that I care about. And


2003-10-16 Thread Bryce O'Whielacronx
Hopefully everyone realizes this, but just for the record, I didn't write the lines apparently attributed to me below -- I was quoting Bruce Schneier. By the way, I strongly agree with David Honig's point that the wrong entities are doing the signing. Regards, Bryce O'Whielacronx David