Monday, July 6, 2009

Podcast: Crypto-Gram 15 Jan 2007: The real threat is the alliance between the Gov & private industry.

from the Jan 15, 2007 Crypto-Gram Newsletter
by Bruce Schneier

* Automated Targeting System

Automated Targeting System is: a "risk assessment" score to people entering or leaving the country, or engaging in import or export activity. This score, and the information used to derive it, can be shared with federal, state, local and even foreign governments. It can be used if you apply for a government job, grant, license, contract or other benefit. It can be shared with nongovernmental organizations and individuals in the course of an investigation. In some circumstances private contractors can get it, even those outside the country. And it will be saved for 40 years.

* Wal-Mart Stays Open During Bomb Scare

A Wal-Mart store in Mitchell, South Dakota receives a bomb threat. The store managers decide not to evacuate while the police search for the bomb.
I think this is a good sign. It shows that people are thinking rationally about security trade-offs, and not thoughtlessly being terrorized.

* Auditory Eavesdropping

The threats to privacy in the information age are not solely from government; they're from private industry as well. And the real threat is the alliance between the two.

* NSA Helps Microsoft with Windows Vista

NSA has two roles: eavesdrop on their stuff, and protect our stuff.
When both sides use the same stuff -- Windows Vista, for example -- the agency has to decide whether to exploit vulnerabilities to eavesdrop on their stuff or close the same vulnerabilities to protect our stuff. In its partnership with Microsoft, it could have decided to go either way: to deliberately introduce vulnerabilities that it could exploit, or deliberately harden the OS to protect its own interests.

time 28:51
PS: this is my cheat sheet of Bruce Schneier's Podcast:

Labels: ,


Post a Comment

<< Home