A good warning, delivered in classic Dan Geer style. Powered by WPeMatico
Category: risks
Auto Added by WPeMatico
Google has a new login service for high-risk users. it’s good, but unforgiving. Logging in from a desktop will require a special USB key, while accessing your data from a mobile device will similarly require a Bluetooth dongle. All non-Google services and apps will be exiled from reaching into your Gmail or Google Drive. Google’s … Read More “Google Login Security for High-Risk Users” »
I am part of this very interesting project: For many users, blog posts on how to install Signal, massive guides to protecting your digital privacy, and broad statements like “use Tor” — all offered in good faith and with the best of intentions — can be hard to understand or act upon. If we want … Read More “Digital Security Exchange: Security for High-Risk Communities” »
Summer Fowler at CMU has invented a new word: prosilience: I propose that we build operationally PROSILIENT organizations. If operational resilience, as we like to say, is risk management “all grown up,” then prosilience is resilience with consciousness of environment, self-awareness, and the capacity to evolve. It is not about being able to operate through … Read More “Buzzword Watch: Prosilience” »
Good article that crunches the data and shows that the press’s coverage of terrorism is disproportional to its comparative risk. This isn’t new. I’ve written about it before, and wrote about it more generally when I wrote about the psychology of risk, fear, and security. Basically, the issue is the availability heuristic. We tend to … Read More “How the Media Influences Our Fear of Terrorism” »
There’s a concept from computer security known as a class break. It’s a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system’s software. … Read More “Class Breaks” »
Interesting paper. John Scott-Railton on securing the high-risk user. Powered by WPeMatico
Interesting research that shows we exaggerate the risks of something when we find it morally objectionable. From an article about and interview with the researchers: To get at this question experimentally, Thomas and her collaborators created a series of vignettes in which a parent left a child unattended for some period of time, and participants … Read More “Confusing Security Risks with Moral Judgments” »
Andrew Appel has a good two–part essay on securing elections. And three organizations — Verified Voting, EPIC, and Common Cause — have published a report on the risks of Internet voting. The report is primarily concerned with privacy, and the threats to a secret ballot. Powered by WPeMatico
In an interview this week, President Obama said that terrorism does not pose an existential threat: What I do insist on is that we maintain a proper perspective and that we do not provide a victory to these terrorist networks by overinflating their importance and suggesting in some fashion that they are an existential threat … Read More “Obama Says Terrorism Is Not an Existential Threat” »