Security technology, squid
Cool photo. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Month: February 2020
books, cybersecurity, schneiernews, Security technology
For years, Humble Bundle has been selling great books at a “pay what you can afford” model. This month, they’re featuring as many as nineteen cybersecurity books for as little as $1, including four of mine. These are digital copies, all DRM-free. Part of the money goes to support the EFF or Let’s Encrypt. (The … Read More “Humble Bundle’s 2020 Cybersecurity Books” »
email, gmail, google, machinelearning, malware, phishing, Security technology
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google’s security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week. … Read More “Deep Learning to Find Malicious Email Attachments” »
courts, internetofthings, laws, publicinterest, Security technology
This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT. It proposes proactive class action litigation against manufacturers of unsafe and unsecured IoT devices … Read More “Securing the Internet of Things through Class-Action Lawsuits” »
intelligence, metadata, nationalsecuritypolicy, nsa, phones, Security technology
The New York Times is reporting on the NSA’s phone metadata program, which the NSA shut down last year: A National Security Agency system that analyzed logs of Americans’ domestic phone calls and text messages cost $100 million from 2015 to 2019, but yielded only a single significant investigation, according to a newly declassified study. … Read More “Newly Declassified Study Demonstrates Uselessness of NSA’s Phone Metadata Program” »
browsers, childpornography, dns, firefox, https, mozilla, Security technology, securityengineering, terrorism
This is good news: Whenever you visit a website — even if it’s HTTPS enabled — the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can’t be intercepted or hijacked in order to send a user … Read More “Firefox Enables DNS over HTTPS” »
eavesdropping, ireland, russia, Security technology
The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe. The cables enable millions of people to communicate and allow financial transactions to take place seamlessly. Garda and military sources believe the … Read More “Russia Is Trying to Tap Transatlantic Cables” »
Security technology, squid
It’s probably a juvenile: Researchers aboard the New Zealand-based National Institute of Water and Atmospheric Research Ltd (NIWA) research vessel Tangaroa were on an expedition to survey hoki, New Zealand’s most valuable commercial fish, in the Chatham Rise an area of ocean floor to the east of New Zealand that makes up part of … Read More “Friday Squid Blogging: 13-foot Giant Squid Caught off New Zealand Coast” »
inrupt, schneiernews, Security technology
For decades, I have been talking about the importance of individual privacy. For almost as long, I have been using the metaphor of digital feudalism to describe how large companies have become central control points for our data. And for maybe half a decade, I have been talking about the world-sized robot that is the … Read More “Inrupt, Tim Berners-Lee’s Solid, and Me” »
Security technology
Sometime around 1993 or 1994, during the first Crypto Wars, I was part of a group of cryptography experts that went to Washington to advocate for strong encryption. Matt Blaze and Ron Rivest were with me; I don’t remember who else. We met with then Massachusetts Representative Ed Markey. (He didn’t become a senator until … Read More “Policy vs Technology” »