Paper: The Security of Password Expiration

by adam on January 5, 2012

The security of modern password expiration: an algorithmic framework and empirical analysis, by Yingian Zhang, Fabian Monrose and Michael Reiter. (ACM DOI link) This paper presents the first large-scale study of the success of password expiration in meeting its intended (…)

Read the rest of this entry »

Steve Bellovin’s “Lessons from Suppressing Research”

by adam on January 4, 2012

Steve Bellovin has a good deal of very useful analysis and context about “an experiment that showed that the avian flu strain A(H5N1) could be changed to permit direct ferret-to-ferret spread. While the problem the government is trying to solve (…)

Read the rest of this entry »

New podcast with Dave Birch

by adam on January 3, 2012

I really enjoyed a conversation with Dave Birch for Consult Hyperion’s “Tomorrow’s Transactions” podcast series. The episode is here. We covered the New School, lessons learned from Zero-Knowledge Systems, and games for security and privacy.