Peter Gutmann (computer scientist)

Peter Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, Auckland, New Zealand. He has a Ph.D. in computer science from the University of Auckland. His Ph.D. thesis and a book based on the thesis were about a cryptographic security architecture. [Peter Gutmann. (2000). " [http://hdl.handle.net/2292/2310 The Design and Verification of a Cryptographic Security Architecture] ", PhD thesis] He is interested in computer security issues, including security architecture, security usability (or more precisely the lack thereof), and hardware security, he has discovered assorted flaws in publicly released cryptosystems and protocols. He is the developer of the cryptlib open source software security library and contributed to PGP version 2. He is also known for his analysis of data deletion on electronic memory media, magnetic and otherwise, and devised the Gutmann method for erasing data from a hard drive more or less securely.

Having lived in New Zealand for some time, he has written on such subjects as wetas, which are peculiar to New Zealand, and the Auckland power crisis of 1998, during which the electrical power system failed completely in the central city for five weeks. See, for instance, "Auckland: Your Y2K beta test site" on [http://www.cs.auckland.ac.nz/~pgut001/ Gutmann's Homepage] . He has also written on his career as an "arms courier" for New Zealand, detailing the difficulty faced in complying with customs control regulations with respect to cryptographic products (once classed as "munitions").

Criticism of GSM security

In a [http://www.mail-archive.com/cryptography@c2.net/msg02546.html letter on 6 Dec 1999] he wrote:

>James Moran, the fraud and security director of the GSM Association in Dublin,>says that "nowhere in the world has it been demonstrated --an ability to>intercept a call on the GSM network. That's a fact.... To our knowledge>there's no hardware capable of intercepting."

Given that there are a number of companies who sell GSM interception gear (andwho have been selling it for quite some time, several used to advertise itquite openly on the web), this security director is, to take a line from theDeep Crack book, "either lying, or incompetent, or both". It's interesting tonote that all the vendors who advertised their stuff online have now restrictedaccess, presumably to maintain the myth that "there's no hardware capable ofintercepting" (aka security by Ostrich Algorithm :-).

Criticism of Windows Vista

His white paper "Cost Analysis of Windows Vista Content Protection", in which he described the content protection specification as "the longest suicide note in history",cite paper |author=Peter Gutmann |date=2006-12-26 |title=A Cost Analysis of Windows Vista Content Protection |url=http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html |accessdate=2007-01-28 ] generated considerable public interest since it was first posted in 2006. He discussed this with Steve Gibson in episode #74 of the Security Now! podcast on 2007-01-11. [cite news |date=2007-01-11 |title=Security Now! episode #74: Peter Gutmann on Vista DRM |url=http://www.grc.com/sn/SN-074.htm |publisher=Security Now! |work=podcast transcription |accessdate=2007-08-31 ]

See also

* Criticism of Windows Vista
* Data privacy
* Information privacy

Bibliography

* Gutmann, Peter (2003). "Cryptographic Security Architecture: Design and Verification", ISBN 978-0387953878
* Gutmann, Peter (2000). " [http://hdl.handle.net/2292/2310 The Design and Verification of a Cryptographic Security Architecture] ", PhD thesis

References

* [http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html Guttman security Algorithm]

External links

* [http://www.cs.auckland.ac.nz/~pgut001/ Gutmann's Homepage]
* [http://news.bbc.co.uk/1/hi/technology/6286245.stm Vista copy protection is defended] , 2007-01-22 BBC reported Microsoft's response to Gutman's white paper
* [http://blogs.cnet.com/8601-13509_1-9857127.html?communityId=2020 Macalope blog]