Things tagged security:
Monaro M, Gamberini L, Sartori G in PLOS ONE:
The detection of faked identities is a major problem in security. Current memory-detection techniques cannot be used as they require prior knowledge of the respondent’s true identity. Here, we report a novel technique for detecting faked identities based on the use of unexpected questions that may be used to check the respondent identity without any prior autobiographical information. While truth-tellers respond automatically to unexpected questions, liars have to “build” and verify their responses. This lack of automaticity is reflected in the mouse movements used to record the responses as well as in the number of errors.
Via Schneier on Security.
Daniel E. Geer, Jr. at Hoover Institution:
Optimality and efficiency work counter to robustness and resilience. Complexity hides interdependence, and interdependence is the source of black swan events. The benefits of digitalization are not transitive, but the risks are. Because single points of failure require militarization wherever they underlie gross societal dependencies, frank minimization of the number of such single points of failure is a national security obligation. Because cascade failure ignited by random faults is quenched by redundancy, whereas cascade failure ignited by sentient opponents is exacerbated by redundancy, (preservation of) uncorrelated operational mechanisms is likewise a national security obligation.
If you are intrested in hardware reverse enginereering in crypto systems, this is a very accessable talk.
A few words from the other side. Worth considering, as we don’t get a chance often.
The man who was Edward Snowden’s boss when the National Security Agency (NSA) leaker fled the United States is now speaking out about his experiences and how to counter insider threats.
Steven Bay, who served as Snowden’s boss when he worked as a NSA contractor with Booz Allen Hamilton from April 1 to May 20, 2013, told The Cipher Brief he has decided to publicly discuss his brief time working with the NSA leaker to fill out a “gap in the history” and combat what he calls a wealth of “misinformation that’s out there.”