The top ten security heroes

Posted on 3 Dec 2009 at 14:35

Without getting too geeky, the problem with simply overwriting a disk with random data is that it’s theoretically possible to capture the analogue signal read by the drive head before being decoded, ignore the last written information and amplify the signal to see what went before. Low frequency signals will still hang around when overwritten by hundreds of high frequency ones, for example.

The Gutmann Method writes data patterns to disk that mitigate this effect, meaning that without a magnetic force microscope the data deletion is pretty much 100% secure. Best of all, software that implements the Gutmann method does it with a single click of the mouse.

9. Jeff Moss

Moss might seem like something of an odd choice for hero status, given that he’s better known as Dark Tangent to the hacker community.

Yet he’s also worked in the Information System Security division for Ernst & Young, graduated from university with a BA in Criminal Justice, and was recently appointed to the Homeland Security Advisory Council where he provides advice regarding cyber-security matters to the US government at the highest of levels.

Without such a high-profile venue for security exploit revelations, our computing experience would be a whole lot less secure, and we wouldn’t even know it

But it’s as the founder of the DEFCON and Black Hat security conferences that Moss earns our recognition. Yes, these are places where hackers go to exchange ideas. But they’re also places where security researchers, security vendors and law enforcement gather.

These highly technical security conferences have been responsible for revealing vulnerabilities and bugs in just about every major operating system and application.

They keep the IT industry on its toes, and without such a high-profile venue for security exploit revelations, our computing experience would be a whole lot less secure, and we wouldn’t even know it.

10. Philip R Zimmerman

Zimmerman developed an email encryption software product called Pretty Good Privacy that enabled internet users to quickly and easily make their email communications highly secure.

PGP was published for free online in 1991, and the powers that be didn’t like it one bit. Indeed, the US government investigated Zimmerman over the course of three years, regarding his software as a weapon and banning its export from the US (the US counted internet distribution as an “export”).

US Customs insisted Zimmerman had violated the Arms Export Control Act, although the investigation was eventually dropped without any charges being filed.

Before PGP it’s true to say that only the US government had real email privacy, and it’s equally true to say that Zimmerman took them on in order for everyone to benefit from the true privacy that strong encryption provides. If that doesn’t make him a security hero, then we don’t know what does.

Hell, he even gets a name check in Dan Brown’s The Da Vinci Code as a renowned “modern cryptologist”, but we’re trying desperately not to hold that against him.

Illustrations courtesy of Army of Trolls

Author: Davey Winder

1 2 3 4