Security quotes of the week

The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two or more parties generate a shared secret key. We will cover the relevant number theory and discuss public-key encryption and basic key-exchange. Throughout the course students will be exposed to many exciting open problems in the field.

Actually from what I've seen on the security front there seems to a distinct view that secure boot is irrelevant because Windows 8 is so suspend/resume focussed that you might as well just trojan the box until the next reboot as its likely to be a couple of weeks [away].

The job placement ad reveals that the law enforcement agency is currently looking to recruit two people to work on telecommunications interception at the source of the messages ("Quellen-TKÜ") at its head office in Cologne; the position is to be filled as soon as possible. The role principally involves "planning, operating and optimising a modern telecommunications network" designed to eavesdrop on internet telephone calls.

Sophos claim their products are deployed throughout healthcare, government, finance and even the military. The chaos a motivated attacker could cause to these systems is a realistic global threat. For this reason, Sophos products should only ever be considered for low-value non-critical systems and never deployed on networks or environments where a complete compromise by adversaries would be inconvenient,