On Wednesday this week, 4:30 p.m. April 22.
SHERRERD HALL room 101, Princeton University
Roger Johnston of the Argonne National Laboratory will speak.
Dr. Johnston, on expert on physical security, tamper evident seals, and
cyber security, is in New Jersey to testify in the New Jersey voting
machines lawsuit. He is explaining to the Court that slapping a bunch
of supposedly tamper-evident seals on a voting machine does not provide
real protection against tampering with the firmware, especially when
the State has no protocol for inspecting the seals and when they're
getting all their security advice from the seal company salesman.
His title and abstract for the talk at Princeton:
Don’t Swallow the Snake Oil: Oscar Wilde, Method Acting,
& Vulnerability Assessments
Both cyber security and physical security (but especially the latter)
are plagued with poor products, flawed practice, and sloppy thinking.
This talk discusses what we can learn from Oscar Wilde and Method
Acting about how to think critically about security. We will then
examine some of the snake oil associated with GPS, RFIDs,
tamper-indicating seals, biometrics, and other “security” technologies.