Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Is cryptography becoming less important?

Richard Brooks rrb at acm.org
Thu Feb 28 15:30:17 PST 2013


> So organizations get compromised by well-meaning users who click on a
> link in an email or slip up and use an insecure connection, and while
> we can ameloriate that to a certain extent with code, we really need
> to think more about how to make it easier for users to make the
> "right" choices versus the "wrong" choices.
>

Too often this is phrased as "users should know better." But,
to be honest, I think most anyone could be fooled by a well
planned spear-phishing attack. Last year it got RSA security,
ORNL, Lockheed-Martin, and the entire state of South Carolina.

The use of email in normal business practices far exceeds
what should be done, given the lack of authentication and
the ease of slipping malicious payloads into innocuous
looking URLs, PDFs, etc.
-- 
===================
R. R. Brooks

Associate Professor
Holcombe Department of Electrical and Computer Engineering
Clemson University

313-C Riggs Hall
PO Box 340915
Clemson, SC 29634-0915
USA

Tel.   864-656-0920
Fax.   864-656-5910
email: rrb at acm.org
web:   http://www.clemson.edu/~rrb




More information about the liberationtech mailing list