Security technology
I missed this story when it came around last year: someone tried to steal a domain name at gunpoint. He was just sentenced to 20 years in jail. Powered by WPeMatico
Category: Security technology
Auto Added by WPeMatico
Security technology
Algeria shut the Internet down nationwide to prevent high-school students from cheating on their exams. The solution in New South Wales, Australia was to ban smartphones. Powered by WPeMatico
apple, authentication, banking, ios, Security technology, sms, twofactorauthentication, usability
Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, so that people can use them without having to memorize or type them. Sounds like a really good idea, but Andreas Gutmann points … Read More “Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill” »
cyberattack, cybercrime, cyberespionage, cybersecurity, nationalsecuritypolicy, privacy, Security technology
Jack Goldsmith and Stuart Russell just published an interesting paper, making the case that free and democratic nations are at a structural disadvantage in nation-on-nation cyberattack and defense. From a blog post: It seeks to explain why the United States is struggling to deal with the “soft” cyber operations that have been so prevalent in … Read More “Free Societies are at a Disadvantage in National Cybersecurity” »
bluetooth, locks, physicalsecurity, Security technology
Tapplock sells an “unbreakable” Internet-connected lock that you can open with your fingerprint. It turns out that: The lock broadcasts its Bluetooth MAC address in the clear, and you can calculate the unlock key from it. Any Tapplock account an unlock every lock. You can open the lock with a screwdriver. Regarding the third flaw, … Read More “Ridiculously Insecure Smart Lock” »
Security technology, squid
It’s Cephalopod Week! “Three hearts, eight arms, can’t lose.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
audio, complexity, conferences, Security technology, securityconferences, securityengineering, video
For many years, I have said that complexity is the worst enemy of security. At CyCon earlier this month, Thomas Dullien gave an excellent talk on the subject with far more detail than I’ve ever provided. Video. Slides. Powered by WPeMatico
android, apple, censorship, cloudcomputing, iphone, russia, Security technology, signal, telegram, whatsapp
Internet censors have a new strategy in their bid to block applications and websites: pressuring the large cloud providers that host them. These providers have concerns that are much broader than the targets of censorship efforts, so they have the choice of either standing up to the censors or capitulating in order to maximize their … Read More “Russian Censorship of Telegram” »
apple, cybersecurity, ios, iphone, operatingsystems, Security technology, securityengineering
iOS 12, the next release of Apple’s iPhone operating system, may include features to prevent someone from unlocking your phone without your permission: The feature essentially forces users to unlock the iPhone with the passcode when connecting it to a USB accessory everytime the phone has not been unlocked for one hour. That includes the … Read More “New iPhone OS May Include Device-Unlocking Security” »
botnets, essays, fbi, internet, malware, nationalsecuritypolicy, networksecurity, russia, Security technology
On May 25, the FBI asked us all to reboot our routers. The story behind this request is one of sophisticated malware and unsophisticated home-network security, and it’s a harbinger of the sorts of pervasive threats  from nation-states, criminals and hackers  that we should expect in coming years. VPNFilter is a sophisticated piece … Read More “Router Vulnerability and the VPNFilter Botnet” »