Informations about SSL certificates and networks security
Yesterday’s DDoS attacks against Dyn are being reported everywhere. I have received a gazillion press requests, but I am traveling in Australia and Asia and have had to decline most of them. That’s okay, really, because we don’t know anything much of anything about the attacks. If I had to guess, though, I don’t think … Read More “DDoS Attacks against Dyn” »
Interesting article listing the squid species that can still be ethically eaten. The problem, of course, is that on a restaurant menu it’s just labeled “squid.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. EDITED TO ADD: By “ethically,” I meant … Read More “Friday Squid Blogging: Which Squid Can I Eat?” »
Interesting research. Powered by WPeMatico
Interesting interview: Obama: Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls. Increasingly, I find myself looking to medicine and thinking about viruses, antibodies. Part of the reason why cybersecurity continues to be so hard is because the threat is not a bunch of tanks rolling at … Read More “President Obama Talks About AI Risk, Cybersecurity, and More” »
Researchers discover a clever attack that bypasses the address space layout randomization (ALSR) on Intel’s CPUs. Here’s the paper. It discusses several possible mitigation techniques. Powered by WPeMatico
Lance Spitzner looks at the safety features of a power saw and tries to apply them to Internet security: By the way, here are some of the key safety features that are built into the DeWalt Mitre Saw. Notice in all three of these the human does not have to do anything special, just use … Read More “Security Lessons from a Power Saw” »
Former NSA attorneys John DeLong and Susan Hennessay have written a fascinating article describing a particular incident of oversight failure inside the NSA. Technically, the story hinges on a definitional difference between the NSA and the FISA court meaning of the word “archived.” (For the record, I would have defaulted to the NSA’s interpretation, which … Read More “Intelligence Oversight and How It Can Fail” »
This is a harrowing story of a scam artist that convinced a mother that her daughter had been kidnapped. More stories are here. It’s unclear if these virtual kidnappers use data about their victims, or just call people at random and hope to get lucky. Still, it’s a new criminal use of smartphones and ubiquitous … Read More “Virtual Kidnapping” »
Squid ink risotto is a good accompaniment for any mild fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
On today’s Internet, too much power is concentrated in too few hands. In the early days of the Internet, individuals were empowered. Now governments and corporations hold the balance of power. If we are to leave a better Internet for the next generations, governments need to rebalance Internet power more towards the individual. This means … Read More “Cybersecurity Issues for the Next Administration” »