(95-752)
Announcements
Exam/Project Information
Grading
Fall 2009
Comments?
(c) Copyright 2000-2009
The Heinz School, CMU
| Links | ||
| Link to TALK and RESEARCH PAPER | How to use a "non-identifying" biometrics template to build images that can defeat facial recognition algorithms. | |
| Security Attribute | Security Attribute Evaluation Method, a means of identifying useful overlapping layers of security controls. | |
| http://www.nsa.gov/selinux/
IBM's Description on how it works |
Series of patches for the linux kernel | |
| Honeynet Project | Collection of observations from the Honeynet Project, talking about the hacker community. | |
| Counterpane.com | This site has a lot of information about encryption from one of its leading (unclassified) practitioners. Their electronic newsletter "Cryptogram" is well worth reading. | |
| Hackers tricks to avoid detection | Article on reviewing web logs for hacker tricks. | |
| Dumpster Diving | Here is an interesting article on dumpster diving, stressing the need toinclude trash as part of physical security. | |
| Security Focus | Security Focus's on-line archive of security papers | |
| GRC.com | Suffered a script-kiddie DDOS attack. Here's their pretty detailed statement over what went on. | |
| Hacker Crackdown | This is a reasonably thorough discussion of some of the roots of the Internet and of crackers/defenders/civil libertarians on the Net. | |
| European Union | Has been struggling with how to balance privacy protection and criminal investigation. Here's one resolution on the subject. | |
| SQL Slammer | Read about the MS-SQL Server Worm (being referred to as the SQLSlammer, W32.Slammer, and Sapphire worm) which caused varied levels of network degradation across the Internet during Jan 25-26, 2003 weekend. | |
| Secure Cyberspace Strategy | Read about the National Strategy to secure cyberspace. | |
| Warhol Worms | Warhol worms - fast attack strategies on the Internet. | |
| Overview of Cryptography | Fairly broad-spectrum overview of a lot of crypto topics. | |
| Handbook of Applied Cryptography | Downloadable version of good handbook on cryptography (in chapters, Postscript or PDF). $90 in stores, free here. (Note usage restrictions) | |
| Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations | Extensive manual on Computer Forensics (more than 250 pages in PDF, obtained by replacing final htm in URL with pdf). Covers US Law, produced by US Dept. of Justice | |
| Day in life of a security bulletin | Article by Microsoft on how a vulnerability report becomes a security bulletin. | |
| Accoustical Spying | Shoulder surfing by sound. | |
| Security issue of multiple passwords | RSA reveals the security weaknesses of having multiple passwords. | |
| MS dropping DES, MD4, MD5, SHA1 | Microsoft decides to ban use of digital signature algorithms found to be weak. | |
| Hackers going criminal | News story about the shift in hacker culture. | |
| Crazy Email Hoaxes | News story about internet hoaxes that many have believed. | |
| Top Nine Cyber Crimes | Magazine story about high-profile cybercrimes. | |