Category: essays

Auto Added by WPeMatico

Defense Against Doxing

Posted on By infossl
doxing, essays, google, googleglass, hacking, passwords, privacy, Security technology, surveillance

A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers, what we said disappeared once we’d said it. Neither face-to-face conversations nor telephone conversations were routinely recorded. A permanent communication was something different and special; we called it correspondence. The Internet changed … Read More “Defense Against Doxing” »

Attributing the DNC Hacks to Russia

Posted on By infossl
attribution, citizenlab, essays, hacking, leaks, nsa, russia, secrecy, Security technology, wikileaks

President Barack Obama’s public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in … Read More “Attributing the DNC Hacks to Russia” »

Class Breaks

Posted on By infossl
computersecurity, essays, internetofthings, locks, risks, Security technology, vulnerabilities

There’s a concept from computer security known as a class break. It’s a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system’s software. … Read More “Class Breaks” »

Security Design: Stop Trying to Fix the User

Posted on By infossl
essays, passwords, Security technology, securityengineering, usability, usb

Every few years, a researcher replicates a security study by littering USB sticks around an organization’s grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get … Read More “Security Design: Stop Trying to Fix the User” »

Organizational Doxing and Disinformation

Posted on By infossl
dataloss, doxing, essays, forgery, hacking, Security technology

In the past few years, the devastating effects of hackers breaking into an organization’s network, stealing confidential data, and publishing everything have been made clear. It happened to the Democratic National Committee, to Sony, to the National Security Agency, to the cyber-arms weapons manufacturer Hacking Team, to the online adultery site Ashley Madison, and to … Read More “Organizational Doxing and Disinformation” »

Someone Is Learning How to Take Down the Internet

Posted on By infossl
cyberwar, denialofservice, essays, internet, Security technology, verisign

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who … Read More “Someone Is Learning How to Take Down the Internet” »

The NSA Is Hoarding Vulnerabilities

Posted on By infossl
cisco, dhs, edwardsnowden, essays, exploits, lies, nationalsecuritypolicy, nsa, Security technology, vulnerabilities, zeroday

The National Security Agency is lying to us. We know that because of data stolen from an NSA server was dumped on the Internet. The agency is hoarding information about security vulnerabilities in the products you use, because it wants to use it to hack others’ computers. Those vulnerabilities aren’t being reported, and aren’t getting … Read More “The NSA Is Hoarding Vulnerabilities” »

Hacking the Vote

Posted on By infossl
doxing, essays, hacking, nationalsecuritypolicy, Security technology, voting

Russia has attacked the US in cyberspace in an attempt to influence our national election, many experts have concluded. We need to take this national security threat seriously and both respond and defend, despite the partisan nature of this particular attack. There is virtually no debate about that, either from the technical experts who analyzed … Read More “Hacking the Vote” »

Samsung Television Spies on Viewers

Posted on By infossl
android, cellphones, databreaches, eavesdropping, essays, internetofthings, iphone, nationalsecuritypolicy, phones, privacy, samsung, Security technology, surveillance, television

Earlier this week, we learned that Samsung televisions are eavesdropping on their owners. If you have one of their Internet-connected smart TVs, you can turn on a voice command feature that saves you the trouble of finding the remote, pushing buttons and scrolling through menus. But making that feature work requires the television to listen … Read More “Samsung Television Spies on Viewers” »

Accountability as a Security System

Posted on By infossl
accountability, complexity, essays, nationalsecuritypolicy, Security technology

At a CATO surveillance event last month, Ben Wittes talked about inherent presidential powers of surveillance with this hypothetical: “What should Congress have to say about the rules when Barack Obama wants to know what Vladimir Putin is talking about?” His answer was basically that Congress should have no say: “I think most people, going … Read More “Accountability as a Security System” »