Informations about SSL certificates and networks security
Auto Added by WPeMatico
The California legislature unanimously passed the strongest data privacy law in the nation. This is great news, but I have a lot of reservations. The Internet tech companies pressed to get this law passed out of self-defense. A ballot initiative was already going to be voted on in November, one with even stronger data privacy … Read More “California Passes New Privacy Law” »
Interesting research in using traffic analysis to learn things about encrypted traffic. It’s hard to know how critical these vulnerabilities are. They’re very hard to close without wasting a huge amount of bandwidth. The active attacks are more interesting. Powered by WPeMatico
Good-looking recipe. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Here’s some interesting research about how we perceive threats. Basically, as the environment becomes safer we basically manufacture new threats. From an essay about the research: To study how concepts change when they become less common, we brought volunteers into our laboratory and gave them a simple task – to look at a series of … Read More “Conservation of Threat” »
The Norwegian Consumer Council just published an excellent report on the deceptive practices tech companies use to trick people into giving up their privacy. From the executive summary: Facebook and Google have privacy intrusive defaults, where users who want the privacy friendly option have to go through a significantly longer process. They even obscure some … Read More “Manipulative Social Media Practices” »
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. We oppose efforts by governments to restrict the use of strong encryption and/or to mandate exceptional access mechanisms such as “backdoors” or “key escrow schemes” in order to facilitate … Read More “IEEE Statement on Strong Encryption vs. Backdoors” »
Last week, a story was going around explaining how to brute-force an iOS password. Basically, the trick was to plug the phone into an external keyboard and trying every PIN at once: We reported Friday on Hickey’s findings, which claimed to be able to send all combinations of a user’s possible passcode in one go, … Read More “Bypassing Passcodes in iOS” »
We’re starting to see research into designing speculative execution systems that avoid Spectre- and Meltdown-like security problems. Here’s one. I don’t know if this particular design secure. My guess is that we’re going to see several iterations of design and attack before we settle on something that works. But it’s good to see the research … Read More “Secure Speculative Execution” »
In this 2013 TED talk, oceanographer Edith Widder explains how her team captured the giant squid on video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
The Center for Human Rights in Iran has released a report outlining the effect’s of that country’s ban on Telegram, a secure messaging app used by about half of the country. The ban will disrupt the most important, uncensored platform for information and communication in Iran, one that is used extensively by activists, independent and … Read More “The Effects of Iran’s Telegram Ban” »