Group items tagged

An interesting article that is relevant to this weeks (week2) discussion questions regarding cryptology. Needed or not needed?

Does this article from 1998 still hold true today?

I believe this article is still very relevant. After reading Bruce Schneier's article, one of the things I took away was his comment regarding the inherent lack of security created by implementers of tamper resistant methodologies, such as smart cards, and biometric technologies. If these systems fail, we want to make sure that we can still access the resource which is being protected, so we tend to build insecure systems in place to bypass the tamper resistant security. In the end, things like biometrics and smart cards seem to be built more for convenience, instead of security. A similar affect is pointed out in the article when users give their access tokens to others so they can do their work. As long as the human element has control in the implementation of security, the risk of failure will always be there, no matter how great the security method is.

This document is part of your Week 2 DQ. It is 289 pages so I do not expect you to read the entire document. However, open the Voicethread to see the key areas for the DQ and you can search the document for those key words.

A fun read about a former Google vulnerability. Of note is the "attacker's" use of Amazon Web Services to aid in cracking certificates.

How to secure a robust cloud storage with cryptography and access control.