Tag Archives: cybersecurity

Formally verifying zlib
Pascal Cuoq on 6 December 2012

In a blog post earlier this year, John Regehr wonders when software verification will finally matter. He means “formal verification”, I am pretty sure. “Verification” is what practitioners of, say, the software development V-cycle have been doing for decades, and it has kept us safe for that long—at least, when...

Read More

November in Security
Pascal Cuoq on 12 November 2012

Bruce Schneier is, among other things, the author of the blog Schneier on Security. He is also one of the co-authors of the Skein cryptographic hash function the SHA-3 contestant being verified in Frama-C's value analysis tutorial in the manual and then on this blog. I feel silly introducing him...

Read More

October in security
Pascal Cuoq on 30 October 2012

Today, the New York Times has an homage to Peter G. Neumann. Many people cite Albert Einstein’s aphorism “Everything should be made as simple as possible but no simpler.” Only a handful however have had the opportunity to discuss the concept with the physicist over breakfast. One of those is...

Read More

September in security
Pascal Cuoq on 8 October 2012

October is National Cyber Security Awareness Month (if you are in the United States; otherwise it is Another Country's Cyber Security Awareness Month). In celebration here is a short list of recent cyber-security failures: An iPhone user navigating to a malicious webpage can see eir personal information (address book browsing...

Read More

Security and safety
Pascal Cuoq on 16 March 2012

I usually feel uncomfortable diving into the subject of safety vs security, because while I think I have a good intuition of the difference between them, I find this difference hard to formalize in writing. Fortunately, a large “security” “administration” provides: “We use layers of security to ensure the security...

Read More