securityawareness – SSL and internet security news

New Research: “Privacy Threats in Intimate Relationships”

June 5, 2020 infossl

academicpapers, cybersecurity, privacy, Security technology, securityawareness

I just published a new paper with Karen Levy of Cornell: “Privacy Threats in Intimate Relationships.” Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships. Many common assumptions about privacy are upended in the context of these … Read More “New Research: “Privacy Threats in Intimate Relationships”” »

Work-from-Home Security Advice

March 19, 2020 infossl

covid19, epidemiology, infrastructure, Security technology, securityawareness, vpn, vulnerabilities

SANS has made freely available its “Work-from-Home Awareness Kit.” When I think about how COVID-19’s security measures are affecting organizational networks, I see several interrelated problems: One, employees are working from their home networks and sometimes from their home computers. These systems are more likely to be out of date, unpatched, and unprotected. They are … Read More “Work-from-Home Security Advice” »

NSA Security Awareness Posters

January 31, 2020 infossl

foia, nsa, Security technology, securityawareness, securityeducation

From a FOIA request, over a hundred old NSA security awareness posters. Here are the BBC’s favorites. Here are Motherboard’s favorites. I have a related personal story. Back in 1993, during the first Crypto Wars, I and a handful of other academic cryptographers visited the NSA for some meeting or another. These sorts of security … Read More “NSA Security Awareness Posters” »

Lessons Learned Trying to Secure Congressional Campaigns

June 5, 2019 infossl

computersecurity, riskassessment, risks, Security technology, securityawareness, securityeducation, socialmedia, twofactorauthentication, usability, voting

Really interesting first-hand experience from Maciej Cegłowski. Powered by WPeMatico

Bad Consumer Security Advice

December 4, 2018 infossl

Security technology, securityawareness, securityeducation

There are lots of articles about there telling people how to better secure their computers and online accounts. While I agree with some of it, this article contains some particularly bad advice: 1. Never, ever, ever use public (unsecured) Wi-Fi such as the Wi-Fi in a café, hotel or airport. To remain anonymous and secure … Read More “Bad Consumer Security Advice” »

The Habituation of Security Warnings

June 6, 2018 infossl

academicpapers, psychologyofsecurity, Security technology, securityawareness

We all know that it happens: when we see a security warning too often — and without effect — we start tuning it out. A new paper uses fMRI, eye tracking, and field studies to prove it. EDITED TO ADD (6/6): This blog post summarizes the findings. Powered by WPeMatico

The US Is Unprepared for Election-Related Hacking in 2018

May 8, 2018 infossl

cyberattack, cybersecurity, nationalsecuritypolicy, Security technology, securityawareness, voting

This survey and report is not surprising: The survey of nearly forty Republican and Democratic campaign operatives, administered through November and December 2017, revealed that American political campaign staff — primarily working at the state and congressional levels — are not only unprepared for possible cyber attacks, but remain generally unconcerned about the threat. The … Read More “The US Is Unprepared for Election-Related Hacking in 2018” »

Security Vulnerabilities in Star Wars

January 1, 2018 infossl

humor, Security technology, securityawareness, video, vulnerabilities

A fun video describing some of the many Federation security vulnerabilities in the first Star Wars movie. Happy New Year, everyone. Powered by WPeMatico

Security Planner

December 14, 2017 infossl

citizenlab, Security technology, securityawareness, securityeducation

Security Planner is a custom security advice tool from Citizen Lab. Answer a few questions, and it gives you a few simple things you can do to improve your security. It’s not meant to be comprehensive, but instead to give people things they can actually do to immediately improve their security. I don’t see it … Read More “Security Planner” »

Motherboard Digital Security Guide

November 16, 2017 infossl

hacking, privacy, Security technology, securityawareness, securityeducation

This digital security guide by Motherboard is very good. I put alongside EFF’s “Surveillance Self-Defense” and John Scott-Railton’s “Digital Security Low Hanging Fruit.” There’s also “Digital Security and Privacy for Human Rights Defenders.” There are too many of these…. Powered by WPeMatico