Feeds

The Times misquoted me – crypto expert

'Lurid urban myth'

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

International cryptography expert Professor Ross Anderson has demanded a correction from the The Times for being misquoted on the subject of terrorists' use of email.

Last month Phil Zimmermann complained of being seriously misrepresented by the Washington Post, which described Zimmermann as being "overwhelmed with feelings of guilt" for devising PGP encryption.

(Zimmermann attached no blame to the Post reporter, who most emphatically did not "manufacture" quotes, and later clarified that he believed it to be "an honest misunderstanding").

By contrast, Anderson says the Times journalist "was determined - or had been instructed - to write the story anyway".

Anderson lambasts The Times for unquestioningly peddling the idea that terrorists communicate using information hidden in pornographic content.

Since the Times' stablemates the Sun and the News of the World have allegedly been hiding news in pornographic content for several years, (although we've never found any news in either paper to substantiate that meme), the allegation doesn't surprise us.

"It is unclear what national interest is served by security agencies propagating this lurid urban myth. Perhaps the goal is to manufacture an excuse for the failure to anticipate the events of September 11th.
Perhaps it is preparing the ground for an attempt at bureaucratic empire-building via Internet regulation, as a diversionary activity from the much harder and less pleasant task of going after al-Qaida.

"Perhaps the vision of bin Laden as cryptic pornographer is being spun to create a subconscious link, in the public mind, with the scare stories about child pornography that were used before September 11th
to justify government plans for greater Internet regulation," writes Anderson.

Anderson suggests the articles "should be read as a deliberate plant by MI5".

You can read more here and here. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.