Informations about SSL certificates and networks security
Andrew Odlyzko’s new essay is worth reading — “Cybersecurity is not very important“: Abstract: There is a rising tide of security breaches. There is an even faster rising tide of hysteria over the ostensible reason for these breaches, namely the deficient state of our information infrastructure. Yet the world is doing remarkably well overall, and … Read More “An Argument that Cybersecurity Is Basically Okay” »
Good article on the Triton malware which targets industrial control systems. Powered by WPeMatico
Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the … Read More “CAs Reissue Over One Million Weak Certificates” »
You can hunt for the Hawaiian bobtail squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
An article I co-wrote — my first law journal article — was cited by the Massachusetts Supreme Judicial Court — the state supreme court — in a case on compelled decryption. Here’s the first, in footnote 1: We understand the word “password” to be synonymous with other terms that cell phone users may be familiar … Read More “I Was Cited in a Court Decision” »
This sounds like a good development: …a new $10 million contract the Defense Department’s Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking. The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with … Read More “DARPA Is Developing an Open-Source Voting System” »
Facebook is making a new and stronger commitment to privacy. Last month, the company hired three of its most vociferous critics and installed them in senior technical positions. And on Wednesday, Mark Zuckerberg wrote that the company will pivot to focus on private conversations over the public sharing that has long defined the platform, even … Read More “Judging Facebook’s Privacy Shift” »
Data & Society just published a report entitled “Workplace Monitoring & Surveillance“: This explainer highlights four broad trends in employee monitoring and surveillance technologies: Prediction and flagging tools that aim to predict characteristics or behaviors of employees or that are designed to identify or deter perceived rule-breaking or fraud. Touted as useful management tools, they … Read More “On Surveillance in the Workplace” »
This is a bad idea: A second innovation will allow “electronic absentee voting” within voters’ home precincts. In other words, Russia is set to introduce its first online voting system. The system will be tested in a Moscow neighborhood that will elect a single member to the capital’s city council in September. The details of … Read More “Russia Is Testing Online Voting” »
Is there anything squids aren’t good for? Academic paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico