10:14:07 PM # your two cents 
8:07:26 PM # your two cents 
Have just spent the day out at a very small and perfectly formed crypto and security conference called COSAC (warning: hideous website design ahead), held this year in Naas, an Irish town about 30km from Dublin. Maybe 100 to 150 people attend -- numbers are limited. It's a total anomoly amongst industry conferences: run for the past 9 years, in Ireland, by a guy who does it out of interest in computer security -- he doesn't have a company in the area or anything like that (though we did get the de rigeur computer backpack and misc clocks, calculators and pens). Apparently COSAC has turned into a kind of nearly-invitation-only affair, attended by some of the best known security and crypto folks, with sessions more like open discussions led by a key speaker than a set of lectures. Last year the main keynote speaker was Whitfield Diffie; this year it is to be Prof Tsutomu Matsumoto (he who revealed the vulnerability of fingerprint biometric systems by creating gel fingerprints etc). He's on tomorrow.
Today I heard a very interesting session by forensics expert Andy Clark on evidence eliminator programs (basically, they don't eliminate very much very well, he says); then David Everett showed off an example of the (in)famous WAN scanner in a can (or cantennae) -- made by assembling an antennae and scanning device inside a Pringles can! He brought it along (Hot 'n'Spicy flavoured Pringles, BTW) and related the difficulties he had in getting it past airport security. I also chatted with David at lunch; most enjoyable (lunch and David's conversation). Finally, a session on information warfare by David Love and on privacy and security post-9/11 by lawyer Mark Rausch, both good lively sessions. I was sorry to miss Michael Wiener, who spoke on cracking DES, and Gene Schultz, on Win XP security, both on yesterday (my Irish Times deadline day, so couldn't attend). I'm looking forward to tomorrow's final sessions and will get a couple of pieces out of the conference, I should think. Plenty of meat. I'll throw the links up for the stories when I have them. One of the key points I carried away today was that, on a national and individual and corporate level, people frequently look for attacks from all the wrong places and misspend money on cosmetic approaches to system security, leaving open the real vulnerabilities. Also, that the US and UK governments in particular have seized the opportunity presented by people's legitimate post-9/11 fears to bring in many draconian surveillance and regulatory laws, which these experts think will do little except to deprive many, many individuals of their privacy and their civil rights. Some of the legal examples were quite shocking.
7:56:17 PM # your two cents 
And if it's time to think of something else today, here's a wonderful, wonderful website, guaranteed to keep you clicking while time (literally and figuratively!) slips past. A high speed net connection helps.
8:34:38 AM # your two cents 
Today's tribute to New York -- a second excerpt from E.B. White's classic essay, "Here is New York":
"A poem compresses much in a small space and adds music, thus heightening its meaning. The city is like poetry: it compresses all life, all races and breeds, into a small island and adds music and the accompaniment of internal engines. The island of Manhattan is without any doubt the greatest human concentrate on earth, the poem whose magic is comprehensible to millions of permanent residents but whose full meaning will always remain elusive."
8:30:29 AM # your two cents 
8:21:07 AM # your two cents 
Operation Plunging Defense Industry
Operation Nail-biting Dragon
Operation Unpleasant Venom
Operation Expansive Sucker Punch
Operation Steel Oilfield
Operation Underwear-staining Demon>>
8:17:04 AM # your two cents 
8:13:58 AM # your two cents 
Copyright 2003 Karlin Lillington
Theme Design by Bryan Bell