Security technology, squid
Squid Bikes is a California brand. Article from Velo News. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Month: November 2014
academicpapers, certificates, costbenefitanalysis, economicsofsecurity, externalities, https, Security technology, vulnerabilities
Interesting paper: “Security Collapse of the HTTPS Market.” From the conclusion: Recent breaches at CAs have exposed several systemic vulnerabilities and market failures inherent in the current HTTPS authentication model: the security of the entire ecosystem suffers if any of the hundreds of CAs is compromised (weakest link); browsers are unable to revoke trust in … Read More “Economic Failures of HTTPS Encryption” »
academicpapers, cooperation, gametheory, generations, Security technology
This is an interesting paper — the full version is behind a paywall — about how we as humans can motivate people to cooperate with future generations. Abstract: Overexploitation of renewable resources today has a high cost on the welfare of future generations. Unlike in other public goods games, however, future generations cannot reciprocate actions … Read More “"Cooperating with the Future"” »
eavesdropping, edwardsnowden, gchq, phones, privacy, Security technology, surveillance
A new story based on the Snowden documents and published in the German newspaper Süddeutsche Zeitung shows how the GCHQ worked with Cable & Wireless — acquired by Vodafone in 2012 — to eavesdrop on Internet and telecommunications traffic. New documents on the page, and here. Ars Technica article. Slashdot thread. Powered by WPeMatico
courts, fbi, hotels, searches, Security technology, socialengineering, undercover
This is a creepy story. The FBI wanted access to a hotel guest’s room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant. From the motion to suppress: The next time you call for assistance because the internet service … Read More “FBI Agents Pose as Repairmen to Bypass Warrant Process” »
espionage, kaspersky, malware, microsoft, privacy, Security technology, surveillance, symantec
Regin is another military–grade surveillance malware (tech details from Symantec and Kaspersky). It seems to have been in operation between 2008 and 2011. The Intercept has linked it to NSA/GCHQ operations, although I am still skeptical of the NSA/GCHQ hacking Belgian cryptographer Jean-Jacques Quisquater. Powered by WPeMatico
academicpapers, algorithms, cryptography, Security technology, securityengineering
Nice article on some of the security assumptions we rely on in cryptographic algorithms. Powered by WPeMatico
cia, cryptanalysis, cryptography, encryption, historyofcryptography, Security technology
Jim Sanborn has given the world another clue to the fourth cyphertext in his Kryptos sculpture at the CIA headquarters. Older posts on Kryptos. Powered by WPeMatico
nsa, patriotact, phones, privacy, Security technology, surveillance
AP is reporting that in 2009, several senior NSA officials objected to the NSA call-records collection program. The now-retired NSA official, a longtime code-breaker who rose to top management, had just learned in 2009 about the top secret program that was created shortly after the Sept. 11, 2001, attacks. He says he argued to then-NSA … Read More “Pre-Snowden Debate About NSA Call-Records Collection Program” »
malware, passwords, passwordsafe, Security technology
Citadel is the first piece of malware I know of that specifically steals master passwords from password managers. Note that my own Password Safe is a target. Powered by WPeMatico