Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safecracking for the Computer Scientist

Posted by michael on from the alternate-lines-of-work dept.

secureman writes "It looks like Matt Blaze (the University of Pennsylvania CS professor best known for finding security flaws in the NSA Clipper Chip and in master keyed locks) is still causing trouble in physical security circles. There's a draft paper (dated December '04) on his web site entitled Safecracking for the Computer Scientist, which is a pretty in-depth look at what computer security can learn from safes (and vaults). The interesting thing is that it describes in detail the different ways that safes are cracked, probably revealing techniques that locksmiths would rather you didn't know about (there's a lot of security-by-obscurity there). The conclusion seems to be that while safes can fail, at least they do so in better ways than computer systems do. Warning: it's a 2.5 meg pdf file with lots of pretty pictures."

17 of 322 comments (clear)

  1. I JUST SODOMIZED MY LITTER OF KITTENS by Anonymous Coward · · Score: -1, Offtopic

    They just look so cute impaled on my cock.

  2. hahaha by Anonymous Coward · · Score: -1, Offtopic

    uw moeder !!

  3. LOL by Anonymous Coward · · Score: -1, Offtopic

    http://www.cnn.com/2005/US/01/01/sledding.accident .ap/index.html

    1. Re:LOL by Anonymous Coward · · Score: -1, Offtopic

      never funny when kids get hurt.

    2. Re:LOL by Anonymous Coward · · Score: -1, Offtopic

      The anti-religion people are just as arrogant and ignorant as those they deride.

    3. Re:LOL by Anonymous Coward · · Score: -1, Offtopic

      So we agree that religious == arrogant and ignorant. I'm anti-religion myself, but I don't go around pushing kids down hills while praying to some mythical sky-creature.

    4. Re:LOL by tomhudson · · Score: -1, Offtopic
      I'll bite, seeing as the article is unavailable (it's safe and secure behind a slashdotted server).
      Police Sgt. Winston Black said more than 100 children ages 12 to 19 attending a Youth for Christ event gathered at a high school around 4 a.m. to slide down a hill using sleds built out of cardboard boxes.
      WTF were parents thinking allowing 12-year-olds out at 4 in the morning, especially on New Years Eve (lots of boozers on the roads, etc.)

      Would you want a bunch of 12 -to -17-year-olds to be out at 4am on New Years Eve supervised by some 18- and -19-year-olds? Forget New Years Eve - would this be reasonable on ANY night?

    5. Re:LOL by fuzzy12345 · · Score: -1, Offtopic

      They were being supervised by Christ.

      --

      Everybody's a libertarian 'till their neighbour's becomes a crack house.
  4. From the safe of Perkins... HOW TO MAKE WAFFLES by Anonymous Coward · · Score: -1, Offtopic

    What better way to bring in the new year than with waffles made right - crispy, not soggy. That's how Perkins does it, but it is hard to get it right at home. Here's how. Feel free to add what you normally add to waffles, but follow the instructions for substituting 1/4 of the flour for cornstarch and whipping the egg white.

    3/4 c. all-purp flour
    1/4 c. cornstarch
    1/2 tsp salt
    1/2 tsp baking powder
    1/4 tsp baking soda
    3/4 c. buttermilk
    1/4 c. milk
    6 Tbsp (1/3 cup) oil
    1/4 cup "Egg Beaters Egg Whites" or 2 egg whites
    1 Tbsp sugar
    1/2 tsp vanilla

    Heat oven to 200 degrees

    Beat egg whites with an electric mixer until almost soft peaks. Sprinkle in sugar and continue to beat until white and glossy. Beat in vanilla extract. Transfer egg whites to another bowl.

    In the bowl combine flour, cornstarch, salt, baking powder, making soda, buttermilk, milk, and oil. Mix on lowest setting until mixed. Mix in the whipped egg whites on lowest setting.

    Optional: stir in one tbsp ground cayenne pepper for added kick

    Bake in waffle baker as directed in instructions. Place in oven until ready to serve. Serve with 100% maple syrup - avoid unhealthy corn syrup based commercial knock-offs.

  5. spoof? by Bryan_W · · Score: 1, Offtopic

    Did anyone else read the headline and think this was some horrible spoof on "Queer Eye for the Straight Guy"?

  6. Re:typical by Anonymous Coward · · Score: -1, Offtopic

    He's very good with a banjo too, I hear...

  7. Re:FYI, complete mirror by louden+obscure · · Score: 0, Offtopic
    hook, line and sinker.

    nize.

    i spose modding the parent to funny would be an unsafe request...

    --
    Serenity now, insanity later.
  8. PARENT IS TROLL by Accipitradea · · Score: 0, Offtopic

    Again, don't click that link unless you do, in fact, want your computer to annouce that you're looking at gay porn and pictures of a chick with sh*t on her face.

    1. Re:PARENT IS TROLL by Accipitradea · · Score: 0, Offtopic

      Yup, but I went in knowing it was a troll. The guys who did it slacked off and went with ASCII goatse instead of the real thing. The sh*t on the face was a nice touch though.

  9. Re:Mozilla Boys might want to Check it out by Rakarra · · Score: 0, Offtopic
    I'm on the latest Firefox, on Linux and with all the Java crap disabled yet it managed to hijack my browser.

    You may have disabled Java, but most likely you didn't have Javascript disabled, which is what that page used. It was tricky getting the preferences pane up and onto another desktop, but the instant that I disabled javascript, the hijinx stopped.

  10. About your signature line by some+guy+I+know · · Score: 0, Offtopic
    About your signature line:
    "Welcome to the new millenium - it's gonna be a long one."
    I was going to post the witty reply, "Not any longer than the last one.", but then I remembered that the Earth's rotation is slowing down, so the new millenium actually will be longer than the last one (possibly by several minutes), so my reply is instead "Not much longer than the last one.".
    --
    Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
  11. Re:Similar by Anonymous Coward · · Score: -1, Offtopic

    than they still do nothing

    "then".

    your only as secure

    "you're".