November in Security

Pascal Cuoq - 12th Nov 2012

Bruce Schneier is, among other things, the author of the blog Schneier on Security. He is also one of the co-authors of the Skein cryptographic hash function the SHA-3 contestant being verified in Frama-C's value analysis tutorial in the manual and then on this blog. I feel silly introducing him considering he is rather on the “well-respected” side of the security researcher spectrum. But Bruce did provide this month's cybersecurity link this essay by Gary McGraw.

Key quote: The kind of defense I advocate (called "passive defense" or "protection" above) involves security engineering -- building security in as we create our systems knowing full well that they will be attacked in the future. One of the problems to overcome is that exploits are sexy and engineering is well not so sexy.

Bruce in his typical fisheye approach to security also recently provided this other link about security in fairy wren nests. I thought this made a lot of sense but then again Hongseok Yang lent me a copy of Dawkins' The Selfish Gene when we were both post-doc students at KAIST so your mileage may vary.

Since I came back to France I bought my own copy of The Selfish Gene to lend others. If you are around and are curious just ask.

Pascal Cuoq
12th Nov 2012