Informations about SSL certificates and networks security
The California Consumer Privacy Act is a lesson in missed opportunities. It was passed in haste, to stop a ballot initiative that would have been even more restrictive: In September 2017, Alastair Mactaggart and Mary Ross proposed a statewide ballot initiative entitled the “California Consumer Privacy Act.” Ballot initiatives are a process under California law … Read More “Another California Data Privacy Law” »
It’s the oldest squid attack on record: An ancient squid-like creature with 10 arms covered in hooks had just crushed the skull of its prey in a vicious attack when disaster struck, killing both predator and prey, according to a Jurassic period fossil of the duo found on the southern coast of England. This 200 … Read More “Friday Squid Blogging: Jurassic Squid Attack” »
Used Tesla components, sold on eBay, still contain personal information, even after a factory reset. This is a decades-old problem. It’s a problem with used hard drives. It’s a problem with used photocopiers and printers. It will be a problem with IoT devices. It’ll be a problem with everything, until we decide that data deletion … Read More “Used Tesla Components Contain Personal Information” »
This is a good explanation of an iOS bug that allowed someone to break out of the application sandbox. A summary: What a crazy bug, and Siguza’s explanation is very cogent. Basically, it comes down to this: XML is terrible. iOS uses XML for Plists, and Plists are used everywhere in iOS (and MacOS). iOS’s … Read More “iOS XML Bug” »
It’s the twentieth anniversary of the ILOVEYOU virus, and here are three interesting articles about it and its effects on software design. Powered by WPeMatico
Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam. At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the … Read More “Malware in Google Apps” »
This paper describes a SIGINT and code-breaking alliance between Denmark, Sweden, Germany, the Netherlands and France called Maximator: Abstract: This article is first to report on the secret European five-partner sigint alliance Maximator that started in the late 1970s. It discloses the name Maximator and provides documentary evidence. The five members of this European alliance … Read More “Denmark, Sweden, Germany, the Netherlands and France SIGINT Alliance” »
Makes sense; there’s room inside a squid’s body cavity: Latin American drug lords have sent bumper shipments of cocaine to Europe in recent weeks, including one in a cargo of squid, even though the coronavirus epidemic has stifled legitimate transatlantic trade, senior anti-narcotics officials say. As usual, you can also use this squid post to … Read More “Friday Squid Blogging: Cocaine Smuggled in Squid” »
I was quoted in BuzzFeed: “My problem with contact tracing apps is that they have absolutely no value,” Bruce Schneier, a privacy expert and fellow at the Berkman Klein Center for Internet & Society at Harvard University, told BuzzFeed News. “I’m not even talking about the privacy concerns, I mean the efficacy. Does anybody think … Read More “Me on COVID-19 Contact Tracing Apps” »
The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this. Zoom does offer end-to-end encryption if … Read More “Securing Internet Videoconferencing Apps: Zoom and Others” »