If I had to guess right now, I’d say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents of any of this stuff. It’s exactly what you’d expect the CIA to be doing in cyberspace. That makes the whistleblower motive less likely. And … Read More “More on the CIA Document Leak” »
Month: March 2017
The New York Times is reporting that the US has been conducting offensive cyberattacks against North Korea, in an effort to delay its nuclear weapons program. EDITED TO ADD (3/8): Commentary. Powered by WPeMatico
WikiLeaks just released a cache of 8,761 classified CIA documents from 2012 to 2016, including details of its offensive Internet operations. I have not read through any of them yet. If you see something interesting, tell us in the comments. EDITED TO ADD: There’s a lot in here. Many of the hacking tools are redacted, … Read More “WikiLeaks Releases CIA Hacking Tools” »
Matthew Green and students speculate on what truly well-designed ransomware system could look like: Most modern ransomware employs a cryptocurrency like Bitcoin to enable the payments that make the ransom possible. This is perhaps not the strongest argument for systems like Bitcoin — and yet it seems unlikely that Bitcoin is going away anytime soon. … Read More “Building Smarter Ransomware” »
Longtime Internet security-policy pioneer Howard Schmidt died on Friday. He will be missed. Powered by WPeMatico
The New York Times reports that Uber developed apps that identified and blocked government regulators using the app to find evidence of illegal behavior: Yet using its app to identify and sidestep authorities in places where regulators said the company was breaking the law goes further in skirting ethical lines — and potentially legal ones, … Read More “Uber Uses Ubiquitous Surveillance to Identify and Block Regulators” »
Squid evolved during an “evolutionary war” — the Mesozoic Marine Revolution — about 100 million years ago. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
This is my talk at the RSA Conference last month. It’s on regulation and the Internet of Things, along the lines of this essay. I am slowly meandering around this as a book topic. It hasn’t quite solidified yet. Powered by WPeMatico
A delightful story. Powered by WPeMatico
Researchers have demonstrated how a malicious piece of software in an air-gapped computer can communicate with a nearby drone using a blinking LED on the computer. I have mixed feelings about research like this. On the one hand, it’s pretty cool. On the other hand, there’s not really anything new or novel, and it’s kind … Read More “Jumping Air Gaps with Blinking Lights and Drones” »