Informations about SSL certificates and networks security
The international digital human rights organization Access Now (I am on the board) is looking to hire a Chief Security Officer. I believe that, somewhere, there is a highly qualified security person who has had enough of corporate life and wants instead of make a difference in the world. If that’s you, please consider applying. … Read More “Access Now Is Looking for a Chief Security Officer” »
Last month, the White House released the “National Cyber Strategy of the United States of America. I generally don’t have much to say about these sorts of documents. They’re filled with broad generalities. Who can argue with: Defend the homeland by protecting networks, systems, functions, and data; Promote American prosperity by nurturing a secure, thriving … Read More “The US National Cyber Strategy” »
Two teenagers figured out how to beat the “Deal or No Deal” arcade game by filming the computer animation than then slowing it down enough to determine where the big prize was hidden. Powered by WPeMatico
This is an amazing short video of a squid — I don’t know the species — changing its color instantly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Interesting research paper: “Fear the Reaper: Characterization and Fast Detection of Card Skimmers“: Abstract: Payment card fraud results in billions of dollars in losses annually. Adversaries increasingly acquire card data using skimmers, which are attached to legitimate payment devices including point of sale terminals, gas pumps, and ATMs. Detecting such devices can be difficult, and … Read More “Detecting Credit Card Skimmers” »
Noted conspiracy theorist John McAfee tweeted: The “Presidential alerts”: they are capable of accessing the E911 chip in your phones – giving them full access to your location, microphone, camera and every function of your phone. This not a rant, this is from me, still one of the leading cybersecurity experts. Wake up people! This … Read More “Conspiracy Theories Around the “Presidential Alert”” »
Bloomberg is reporting about a Chinese espionage operating involving inserting a tiny chip into computer products made in China. I’ve written (alternate link) this threat more generally. Supply-chain security is an insurmountably hard problem. Our IT industry is inexorably international, and anyone involved in the process can subvert the security of the end product. No … Read More “Chinese Supply Chain Hardware Attack” »
This is a fantastic Q&A with NYU Law Professor Helen Nissenbaum on data privacy and why it’s wrong to focus on consent. I’m not going to pull a quote, because you should read the whole thing. Powered by WPeMatico
The EU’s GDPR regulation requires companies to report a breach within 72 hours. Alex Stamos, former Facebook CISO now at Stanford University, points out how this can be a problem: Interesting impact of the GDPR 72-hour deadline: companies announcing breaches before investigations are complete. 1) Announce & cop to max possible impacted users. 2) Everybody … Read More “The Effects of GDPR’s 72-Hour Notification Rule” »
Interesting article on terahertz millimeter-wave scanners and their uses to detect terrorist bombers. The heart of the device is a block of electronics about the size of a 1990s tower personal computer. It comes housed in a musician’s black case, akin to the one Spinal Tap might use on tour. At the front: a large, … Read More “Terahertz Millimeter-Wave Scanners” »