Security technology – Page 134 – SSL and internet security news

Security Vulnerabilities in the RCS Texting Protocol

December 16, 2019 infossl

cellphones, encryption, protocols, Security technology, securityengineering, ss7, vulnerabilities

Interesting research: SRLabs founder Karsten Nohl, a researcher with a track record of exposing security flaws in telephony systems, argues that RCS is in many ways no better than SS7, the decades-old phone system carriers still used for calling and texting, which has long been known to be vulnerable to interception and spoofing attacks. While … Read More “Security Vulnerabilities in the RCS Texting Protocol” »

Friday Squid Blogging: Color-Changing Properties of the Opalescent Inshore Squid

December 13, 2019 infossl

Security technology, squid

Interesting stuff. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

EFF on the Mechanics of Corporate Surveillance

December 13, 2019 infossl

businessofsecurity, eff, privacy, Security technology, surveillance, tracking

EFF has published a comprehensible and very readable “deep dive” into the technologies of corporate surveillance, both on the Internet and off. Well worth reading and sharing. Boing Boing post. Powered by WPeMatico

Scaring People into Supporting Backdoors

December 12, 2019 infossl

childpornography, crime, cryptowars, eavesdropping, encryption, fear, lawenforcement, nationalsecuritypolicy, Security technology

Back in 1998, Tim May warned us of the “Four Horsemen of the Infocalypse”: “terrorists, pedophiles, drug dealers, and money launderers.” I tended to cast it slightly differently. This is me from 2005: Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, kidnappers, and child pornographers. Seems like you can scare any public … Read More “Scaring People into Supporting Backdoors” »

Extracting Data from Smartphones

December 11, 2019 infossl

dataprotection, hacking, privacy, Security technology, smartphones

Privacy International has published a detailed, technical examination of how data is extracted from smartphones. Powered by WPeMatico

Reforming CDA 230

December 10, 2019 infossl

businessofsecurity, censorship, eff, facebook, nationalsecuritypolicy, Security technology

There’s a serous debate on reforming Section 230 of the Communications Decency Act. I am in the process of figuring out what I believe, and this is more a place to put resources and listen to people’s comments. The EFF has written extensively on why it is so important and dismantling it will ben catastrophic … Read More “Reforming CDA 230” »

Failure Modes in Machine Learning

December 9, 2019 infossl

academicpapers, machinelearning, Security technology, taxonomies, threatmodels

Interesting taxonomy of machine-learning failures (pdf) that encompasses both mistakes and attacks, or — in their words — intentional and unintentional failure modes. It’s a good basis for threat modeling. Powered by WPeMatico

Friday Squid Blogging: Squidfall Safety

December 6, 2019 infossl

Security technology, squid, television

Watchmen supporting material. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Andy Ellis on Risk Assessment

December 6, 2019 infossl

psychologyofsecurity, riskassessment, risks, Security technology

Andy Ellis, the CSO of Akamai, gave a great talk about the psychology of risk at the Business of Software conference this year. I’ve written about this before. One quote of mine: “The problem is our brains are intuitively suited to the sorts of risk management decisions endemic to living in small family groups in … Read More “Andy Ellis on Risk Assessment” »

Election Machine Insecurity Story

December 5, 2019 infossl

cybersecurity, Security technology, voting, vulnerabilities

Interesting story of a flawed computer voting machine and a paper ballot available for recount. All ended well, but only because of that paper backup. Vote totals in a Northampton County judge’s race showed one candidate, Abe Kassis, a Democrat, had just 164 votes out of 55,000 ballots across more than 100 precincts. Some machines … Read More “Election Machine Insecurity Story” »