Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safecracking for the Computer Scientist

Posted by michael on from the alternate-lines-of-work dept.

secureman writes "It looks like Matt Blaze (the University of Pennsylvania CS professor best known for finding security flaws in the NSA Clipper Chip and in master keyed locks) is still causing trouble in physical security circles. There's a draft paper (dated December '04) on his web site entitled Safecracking for the Computer Scientist, which is a pretty in-depth look at what computer security can learn from safes (and vaults). The interesting thing is that it describes in detail the different ways that safes are cracked, probably revealing techniques that locksmiths would rather you didn't know about (there's a lot of security-by-obscurity there). The conclusion seems to be that while safes can fail, at least they do so in better ways than computer systems do. Warning: it's a 2.5 meg pdf file with lots of pretty pictures."

6 of 322 comments (clear)

  1. spoof? by Bryan_W · · Score: 1, Offtopic

    Did anyone else read the headline and think this was some horrible spoof on "Queer Eye for the Straight Guy"?

  2. Re:FYI, complete mirror by louden+obscure · · Score: 0, Offtopic
    hook, line and sinker.

    nize.

    i spose modding the parent to funny would be an unsafe request...

    --
    Serenity now, insanity later.
  3. PARENT IS TROLL by Accipitradea · · Score: 0, Offtopic

    Again, don't click that link unless you do, in fact, want your computer to annouce that you're looking at gay porn and pictures of a chick with sh*t on her face.

    1. Re:PARENT IS TROLL by Accipitradea · · Score: 0, Offtopic

      Yup, but I went in knowing it was a troll. The guys who did it slacked off and went with ASCII goatse instead of the real thing. The sh*t on the face was a nice touch though.

  4. Re:Mozilla Boys might want to Check it out by Rakarra · · Score: 0, Offtopic
    I'm on the latest Firefox, on Linux and with all the Java crap disabled yet it managed to hijack my browser.

    You may have disabled Java, but most likely you didn't have Javascript disabled, which is what that page used. It was tricky getting the preferences pane up and onto another desktop, but the instant that I disabled javascript, the hijinx stopped.

  5. About your signature line by some+guy+I+know · · Score: 0, Offtopic
    About your signature line:
    "Welcome to the new millenium - it's gonna be a long one."
    I was going to post the witty reply, "Not any longer than the last one.", but then I remembered that the Earth's rotation is slowing down, so the new millenium actually will be longer than the last one (possibly by several minutes), so my reply is instead "Not much longer than the last one.".
    --
    Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana