THIS IS NOT AN ADVERTISEMENT BUT INFORMATION OF GENERAL INTEREST TO CYPHERPUNKS. IF YOU HAVE NO INTEREST IN DATA SECURITY THROUGH APPLIED CRYPTOGRAPHY PLEASE DELETE THIS MESSAGE NOW. SORRY FOR ANY CROSS POSTING. -------------------------------------------------------------------------------- Information Defense Strategies (IDS) Information Security Services Developed for the World And Applied to Your Office Hello All, You might be wondering, "Who is this Information Defense Strategies"? And, "Why is this in my mailbox"? And I would say, "Well, that's a good question". About three months ago I announced that a new data security corporation would be started soon. Its emphasis would be in the application of cryptographic protocols already in existence and the possible development of new ones. Well, that idea has been born into IDS. Why have you received this note? The reasons are varied. Either you contacted me with interest in getting involved, or I have been exposed to your interests in data security through public exposition of such, or a member of the security community referred you to me as an entity interested in what we are doing. Regardless, you have received this note because you are qualified in one or many ways to get involved. Many of you are already related to some sort of computer profession right now. This note is to let you know we are out there, and are interested in building bridges to your organization. Please read through the information provided below and provide feedback if you can. Many people have been anxious to see this get started, as of course I have been also. Finally, a description has been put together. Through the next round of feedback, we will be ready to begin. It is exciting to be starting out and applying ideas that have floated around for some time. This might be one of the first virtual corporations to have been born as such. I would like that sort of cutting edge to remain our vanguard at IDS. And I would like all of you to be a part of it. Matthew J. Miszewski Information Defense Strategies (IDS) -----------------------8<-------------------------8<------------- Please Distribute To Qualified Parties of Interest Direct all electronic correspondence to: mjmiski@macc.wisc.edu Snail Mail to: Matthew J. Miszewski 509 N. Lake Street, Suite 504 Madison, WI 53703 608-255-9871 Applied Cryptography No not the book (although I highly recommend it). IDS will base most of its robust security strategies upon encryption. Being well aware of ITAR we will be careful and yet aggressive in our application. I have targeted two areas for immediate concentration, Smart Card technology and encrypted challenge/response access systems. I am, of course, interested in much research and future development in other areas. These two are merely the most immediate opportunity. To remain on the cutting edge, IDS will need to be very active in Research and Development. Many people are moving towards applied cryptography. It is personally important to me that IDS be there at the same time if not before others. Security Services We will basically provide four security services. Consultation, evaluation, Tiger Teams, and IDS Custom Installs. We will consult for firms with a general interest in security as well as those that are well established in the field. This consultation will be general in nature and very affordable. IDS will also evaluate a firm's current security status. This service will offer our clients the opportunity to have a third party objectively review their security. A report of weaknesses will be generated from our evaluation. IDS may offer clients a Tiger Team ongoing contract. This will consist of teams actively attempting to covertly breach security in order to actively discover and immediately close undiscovered security holes. The insurance provisions of this area are tentative and pending and therefore this aspect of IDS is still tentative. Finally, we will offer IDS Custom Installs. These will vary from unique IDS developed Strategies to already developed strategies. Our custom security front ends will be constantly updated and evaluated. Third party product partnerships will increase our viability as well as increase the availability of robust security products. Platforms The data related operating system platforms we will deal with will attempt to be comprehensive if not exhaustive. In order to tap our targeted market we must be diverse. While I personally would love a concentration in Unix work, the reality is that many of our clients will be LAN based machines of the personal variety. We will therefore need specialists in lower level systems (PC, MAC, etc). Telephony Toll fraud can be devastating to smaller businesses. The days of "blue boxing" exploration appears to be over in this country. Unfortunately, the replacement, at least to a certain extent, is PBX and VMS abuse. In fact most people in business have been told that it is not a matter of if your PBX will be hit, but rather when. In addition Voice Mail Systems (VMS) are being utilized across the country without authorization. While some unauthorized users might mean no harm, there is no way to assure that malicious abuse does not occur. Valuable information may be left to the conscience of the underground community. Applying cryptography to this problem will be part of our charge. From front ends to challenge/response, there are many opportunities in this market. Making this security affordable will be our answer to this dilemma. IDS Basic Philosophy Data Security is VERY important. It is no longer just important to huge corporations, but to everyone. Affordable security consulting and products will help make small business information more secure. While CERT attempts much, it is slow to respond and many questions are still unanswered about its funding and allegiances. It is time to not only make security available but accessible. That is why IDS will exist. An incredibly large market is being overlooked by the elite of security professionals. IDS will address this void in the market. All people deserve good data protection. We can offer it. The plan is that IDS will actively pursue the myriads of offices around the nation with data to protect. From every small law firm with a voice mail system to an accounting firm with several LANs to a sales force that needs easy access but is still concerned with protecting its data, we can offer tailor made security strategies. Our profit (future) will be based on horizontal integration, in other words we will not profit by selling high price tickets to the few that can afford it but rather massive application of moderate priced strategies to everyone we can contact. There are a number of other points I will make in future communications. I plan on having a virtual office that may offer digital cash sales in the future. We may develop a low level net for our own communications. Partnerships will need to be developed as well as some manufacturing research. But I wanted to give those interested an introduction. If you are still interested I will send you the next update. Please respond either way so I know whom to keep on the list. More details to come.... Matthew J. Miszewski IDS ______________________________________________________________________________ In defense of liberty, encrypt for all purposes, civil and professional. In defense of privacy, encrypt all correspondence, personal and professional. In defense of sanity, do not encrypt your dry cleaning invoice! ++++++++--------mjmiski@macc.wisc.edu (c)1993