[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
Re: [LUG] Security
It's a great book and highlights many problems, like:
1. Throwing crypto at a problem won't solve it.
2. There's no point in using crypto unless you've worked out the
interactions and details surrounding the algorithms. Things such as
key exchange, generation of cryptographically secure random data, and
policy are *everything*
3. Don't forget that people screw things up!
Working for a company producing a security product, it's been painfully
obvious to me (as someone who works on the security side of things)
that most technology people just don't *get* it.
But as Adrian says - the book is worth getting. If you want to know
the ins and outs of various cryptographic algorithms though, get
Schneier's book (Applied Cryptography), and if you want some *really*
in-depth stuff, go and read the references in that book :)
J.
On Thursday, May 1, 2003, at 13:31 Europe/London, Adrian Midgley wrote:
Ross Anderson's book "Security Engineering" is very good.
--
Jon Still E-mail: jon@xxxxxxxxxxx
tertial.org Web: http://www.tertial.org/
GPG Key: http://xanthein.net/key.asc Key ID: 0x00493D2B
--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.