computersecurity, humor, nationalsecuritypolicy, Security technology, voting
Funny and true. Powered by WPeMatico
Month: August 2018
airtravel, Security technology, securitytheater, terrorism, tsa
Last week, CNN reported that the Transportation Security Administration is considering eliminating security at U.S. airports that fly only smaller planes — 60 seats or fewer. Passengers connecting to larger planes would clear security at their destinations. To be clear, the TSA has put forth no concrete proposal. The internal agency working group’s report obtained … Read More “Don’t Fear the TSA Cutting Airport Security. Be Glad That They’re Talking about It.” »
certificates, machinelearning, phishing, Security technology, spoofing
Really interesting article: A trained eye (or even a not-so-trained one) can discern when something phishy is going on with a domain or subdomain name. There are search tools, such as Censys.io, that allow humans to specifically search through the massive pile of certificate log entries for sites that spoof certain brands or functions common … Read More “Detecting Phishing Sites with Machine Learning” »
cloudcomputing, courts, nationalsecuritypolicy, secrecy, Security technology, transparency
BoingBoing has the story. I have never quite trusted the idea of a warrant canary. But here it seems to have worked. (Presumably, if SpiderOak wanted to replace the warrant canary with a transparency report, they would have written something explaining their decision. To have it simply disappear is what we would expect if SpiderOak … Read More “SpiderOak’s Warrant Canary Died” »
academicpapers, economicsofsecurity, psychologyofsecurity, Security technology, securityeducation
Interesting research: “Dancing Pigs or Externalities? Measuring the Rationality of Security Decisions“: Abstract: Accurately modeling human decision-making in security is critical to thinking about when, why, and how to recommend that users adopt certain secure behaviors. In this work, we conduct behavioral economics experiments to model the rationality of end-user security decision-making in a realistic … Read More “Measuring the Rationality of Security Decisions” »
fraud, games, hacking, Security technology
Long and interesting story — now two decades old — of massive fraud perpetrated against the McDonald’s Monopoly sweepstakes. The central fraudster was the person in charge of securing the winning tickets. Powered by WPeMatico
Security technology, squid
The calamari squid grabs prey three feet away with its fast tentacles. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
books, schneiernews, Security technology
Humble Bundle sells groups of e-books at ridiculously low prices, DRM free. This month, the bundles are all Wiley titles, including three of my books: Applied Cryptography, Secrets and Lies, and Cryptography Engineering. $15 gets you everything, and they’re all DRM-free. Even better, a portion of the proceeds goes to the EFF. As a board … Read More “Three of My Books Are Available in DRM-Free E-Book Format” »
cybersecurity, hacking, military, Security technology
Interesting commentary: The military is an impossible place for hackers thanks to antiquated career management, forced time away from technical positions, lack of mission, non-technical mid- and senior-level leadership, and staggering pay gaps, among other issues. It is possible the military needs a cyber corps in the future, but by accelerating promotions, offering graduate school … Read More “How the US Military Can Better Keep Hackers” »
apple, crime, games, Security technology
Evidence that stolen credit cards are being used to purchase items in games like Clash of Clans, which are then resold for cash. Powered by WPeMatico