Informations about SSL certificates and networks security
Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network. Among other things, the locked network wouldn’t allow any of the guests to open their hotel room doors. I expect IoT ransomware to become a major area of crime in the next few years. How long before we see … Read More “IoT Ransomware against Austrian Hotel” »
Last week, President Trump signed an executive order affecting the privacy rights of non-US citizens with respect to data residing in the US. Here’s the relevant text: Privacy Act. Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents … Read More “New Rules on Data Privacy for Non-US Citizens” »
New fossil bed discovered in Alberta: The finds at the site include 16 vampyropods, a relative of the vampire squid with its ink sac and fine details of its muscles still preserved in exquisite detail. As usual, you can also use this squid post to talk about the security stories in the news that I … Read More “Friday Squid Blogging: Squid Fossils from the Early Jurassic” »
There are a lot of them. In a world where the number of fans, friends, followers, and likers are social currency — and where the number of reposts is a measure of popularity — this kind of gaming the system is inevitable. Powered by WPeMatico
Mike Specter has an interesting idea on how to make biometric access-control systems more secure: add a duress code. For example, you might configure your iPhone so that either thumb or forefinger unlocks the device, but your left middle finger disables the fingerprint mechanism (useful in the US where being compelled to divulge your password … Read More “Duress Codes for Fingerprint Access Control” »
Reports are that President Trump is still using his old Android phone. There are security risks here, but they are not the obvious ones. I’m not concerned about the data. Anything he reads on that screen is coming from the insecure network that we all use, and any e-mails, texts, Tweets, and whatever are going … Read More “Security Risks of the President's Android Phone” »
Interesting research — “Cracking Android Pattern Lock in Five Attempts“: Abstract: Pattern lock is widely used as a mechanism for authentication and authorization on Android devices. In this paper, we demonstrate a novel video-based attack to reconstruct Android lock patterns from video footage filmed u sing a mobile phone camera. Unlike prior attacks on pattern … Read More “Capturing Pattern-Lock Authentication” »
Good article that crunches the data and shows that the press’s coverage of terrorism is disproportional to its comparative risk. This isn’t new. I’ve written about it before, and wrote about it more generally when I wrote about the psychology of risk, fear, and security. Basically, the issue is the availability heuristic. We tend to … Read More “How the Media Influences Our Fear of Terrorism” »
NextGov has a nice article summarizing President Obama’s accomplishments in Internet security: what he did, what he didn’t do, and how it turned out. Powered by WPeMatico
This graphic shows the important difference between arms and tentacles. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico