Philosophically Secure

This is both scary and hilarious at the same time. I’m not a Skype user, so this hasn’t affected me at all. But apparently the huge number of Skype users rebooting last week, due to the patches released by Microsoft on Tuesday, set off a nasty chain of events. First of all, when all these systems came back up, each one attempted to log back in to Skype, causing a huge load on their servers. Coupled with the fact that Skype relies on a peer-to-peer architecture, and since the majority of their users were temporarily down for reboots, they simply could not handle the number of requests. This prevented users from getting back on Skype, and therefore prevented the recovery of the peer-to-peer network.

Skype may want to change their architecture slightly, so that users can initially join the network without logging in, and possibly allow not-yet-authenticated users to accept incoming data connections.

There is a good post about this topic on Security Fix.

On Sunday, three researchers led by lock-picking expert Marc Webber Tobias showed how they could easily “bump” and pick Biaxial and high-security M3 locks made by Medeco Security Locks, a Virginia-based company that claimed last year that its locks were “bump-proof.”

I’ve seen some of these lock picking demonstrations in person, and it’s very impressive. It really makes you question how much we depend on locks for security, given how most of them are trivial to open. The cheap ones are especially bad, and yet they are the most common locks found on homes - even the White House. There is some great information on everything lock-related at Deviant Ollam’s site.

source: http://seclists.org/isn/2007/Aug/0019.html