Feed Aggregator Page 7
Rendered on Tue, 17 Jan 2017 12:30:10 GMT
Rendered on Tue, 17 Jan 2017 12:30:10 GMT
via Schneier on Security by Bruce Schneier on Mon, 16 Jan 2017 12:40:19 GMT
Interesting post on Cloudflare's experience with receiving a National Security Letter. News article....via Schneier on Security by Bruce Schneier on Fri, 13 Jan 2017 22:52:24 GMT
This article discusses a giant squid attack on a schooner off the coast of Sri Lanka in 1874. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....via Schneier on Security by Bruce Schneier on Fri, 13 Jan 2017 17:58:31 GMT
Imagine that you are someone in the CIA, concerned about the future of America. You have this Russian dossier on Donald Trump, which you have some evidence might be true. The smartest thing you can do is to leak it to the public. By doing so, you are eliminating any leverage Russia has over Trump and probably reducing the effectiveness...via Schneier on Security by Bruce Schneier on Fri, 13 Jan 2017 12:48:42 GMT
Interesting research: Sebastian Hellmeier, "The Dictator's Digital Toolkit: Explaining Variation in Internet Filtering in Authoritarian Regimes," Politics & Policy, 2016 (full paper is behind a paywall): Abstract: Following its global diffusion during the last decade, the Internet was expected to become a liberation technology and a threat for autocratic regimes by facilitating collective action. Recently, however, autocratic regimes took control...via Schneier on Security by Bruce Schneier on Fri, 13 Jan 2017 11:06:39 GMT
The FDA has issued a report giving medical devices guidance on computer and network security. There's nothing particularly new or interesting; it reads like standard security advice: write secure software, patch bugs, and so on. Note that these are "non-binding recommendations," so I'm really not sure why they bothered....via Schneier on Security by Bruce Schneier on Mon, 09 Jan 2017 11:53:29 GMT
President Barack Obama's public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in political considerations. The administration is...via Schneier on Security by Bruce Schneier on Fri, 06 Jan 2017 22:29:00 GMT
Easy recipe from America's Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....via Emergent Chaos by adam on Fri, 06 Jan 2017 16:34:22 GMT
This post has spoilers for Rogue One, and also Return of the Jedi. We learn in Rogue One that the Death Star’s main gun is powered by Kyber crystal. We know from various sources that it’s rare. Then the Death … Continue readingvia Schneier on Security by Bruce Schneier on Fri, 06 Jan 2017 15:44:42 GMT
Good article debunking the myth that requiring people to use their real names on the Internet makes them behave better....via Schneier on Security by Bruce Schneier on Thu, 05 Jan 2017 11:58:51 GMT
They're not much, but they do exist....via Schneier on Security by Bruce Schneier on Wed, 04 Jan 2017 21:17:29 GMT
Someone just registered their company name as ; DROP TABLE "COMPANIES";-- LTD. Reddit thread. Obligatory xkcd comic....via Emergent Chaos by adam on Wed, 04 Jan 2017 16:37:42 GMT
There’s a cycle that happens as you engage on the internet. You post something, and wait, hoping, for the likes, the favorites, the shares, the kind comments to come in. You hit reload incessantly even though the site doesn’t need … Continue readingvia Schneier on Security by Bruce Schneier on Wed, 04 Jan 2017 13:42:33 GMT
In The Better Angels of Our Nature, Steven Pinker convincingly makes the point that by pretty much every measure you can think of, violence has declined on our planet over the long term. More generally, "the world continues to improve in just about every way." He's right, but there are two important caveats. One, he is talking about the long...via Schneier on Security by Bruce Schneier on Tue, 03 Jan 2017 12:50:39 GMT
There's a concept from computer security known as a class break. It's a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system's software. Or a vulnerability in Internet-enabled...via Schneier on Security by Bruce Schneier on Mon, 02 Jan 2017 12:12:17 GMT
A modern photocopier is basically a computer with a scanner and printer attached. This computer has a hard drive, and scans of images are regularly stored on that drive. This means that when a photocopier is thrown away, that hard drive is filled with pages that the machine copied over its lifetime. As you might expect, some of those pages...via Schneier on Security by Bruce Schneier on Fri, 30 Dec 2016 22:06:04 GMT
BBC.com reports that squid are proliferating around the North Sea, and speculates that they will become an increasingly common British dinner. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....via Emergent Chaos by adam on Thu, 29 Dec 2016 17:33:41 GMT
There’s some really interesting leaked photos and analysis by Charles Goodman. “Leaked photos from the Rogue One sequel (Mainly Speculation – Possible Spoilers).”via Schneier on Security by Bruce Schneier on Thu, 29 Dec 2016 12:50:50 GMT
Nice article on the 2011 DigiNotar attack and how it changed security practices in the CA industry....via Schneier on Security by Bruce Schneier on Wed, 28 Dec 2016 12:20:03 GMT
Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal's new anti-censorship feature uses a trick called "domain fronting," Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can block any direct request to...via Schneier on Security by Bruce Schneier on Tue, 27 Dec 2016 12:11:12 GMT
Former TSA Administrator Kip Hawley wrote an op-ed pointing out the security vulnerabilities in the TSA's PreCheck program: The first vulnerability in the system is its enrollment process, which seeks to verify an applicant's identity. We know verification is a challenge: A 2011 Government Accountability Office report on TSA's system for checking airport workers' identities concluded that it was "not...