Search
Join ACM

Bruce Schneier

Advertisement

Opinion Oct 1 2001

Inside Risks: The Perils of Port 80

In the months that the Code Red worm and its relatives have traveled the Net, they’ve caused considerable consternation among users of Microsoft’s Internet Information Server, and elicited abundant schadenfreude from unaffected onlookers. Despite the limited havoc it wrought, the Code Red family highlights a much more pernicious problem: the vulnerability of embedded devices with […]
Computing Applications
Opinion Apr 1 2001

Inside Risks: Cyber Underwriters Lab

Underwriters Laboratories (UL) is an independent testing organization created in 1893, when William Henry Merrill was called in to find out why the Palace of Electricity at the Columbian Exposition in Chicago kept catching on fire (which is not the best way to tout the wonders of electricity). After making the exhibit safe, he realized […]
Architecture and Hardware
Research and Advances Mar 1 2001

Insurance and the Computer Industry

In the future, the computer security industry will be run by the insurance industry. I don’t mean insurance companies will start selling firewalls, but rather the kind of firewall you use—along with the kind of authentication scheme you use, the kind of operating system you use, and the kind of network monitoring scheme you use—will […]
Computing Applications
Opinion Dec 1 2000

Inside Risks: Semantic Network Attacks

On August 25, 2000, Internet Wire received a forged email press release seemingly from Emulex Corp., saying that the Emulex CEO had resigned and the company’s earnings would be restated. Internet Wire posted the message, without verifying either its origin or contents. Several financial news services and Web sites further distributed the false information, and […]
Architecture and Hardware
Opinion Feb 1 2000

Inside Risks: Risks of PKI: E-Commerce

Open any popular article on public-key infrastructure (PKI) and you’re likely to read that a PKI is desperately needed for e-commerce to flourish. Don’t believe it. E-commerce is flourishing, PKI or no PKI. Web sites are happy to take your order, even if you use a secure connection, or don’t have a certificate. Fortunately, you’re […]
Computing Applications
Opinion Jan 1 2000

Inside Risks: Risks of PKI: Secure Email

Public-key infrastructure (PKI), usually meaning digital certificates from a commercial or corporate certificate authority (CA), is touted as the current cure-all for security problems. Certificates provide an attractive business model. They cost almost nothing to manufacture, and you can dream of selling one per year to everyone on the Internet. Given that much potential income […]
Architecture and Hardware
Opinion Oct 1 1999

Inside Risks: Risks of Relying on Cryptography

Cryptography is often treated as if it were magic security dust: "sprinkle some on your system, and it is secure; then, you’re secure as long as the key length is large enough—112b, 128b, 256b" (I’ve even seen companies boast of 16,000b.) "Sure, there are always new developments in cryptanalysis, but we’ve never seen an operationally […]
Computing Applications
Opinion Sep 1 1999

Inside Risks: the Trojan Horse Race

This year has been pivotal for malicious software (malware) such as viruses, worms, and Trojan horses. Although the problem is not new, Internet growth and weak system security have increased the risks. Viruses and worms survive by moving from computer to computer. Prior to the Internet, computers communicated slowly, mostly from floppy disks and bulletin […]
Computing Applications

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved