How DNA Databases Violate Everyone’s Privacy

Posted on By infossl
academicpapers, databases, dna, privacy, Security technology

If you’re an American of European descent, there’s a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public. Research paper: “Identity inference of genomic data using long-range familial searches.” Abstract: Consumer genomics databases have reached … Read More “How DNA Databases Violate Everyone’s Privacy” »

Security in a World of Physically Capable Computers

Posted on By infossl
Security technology

It’s no secret that computers are insecure. Stories like the recent Facebook hack, the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they’re just the newsworthy tip of a very large iceberg. The risks are about to get … Read More “Security in a World of Physically Capable Computers” »

Another Bloomberg Story about Supply-Chain Hardware Attacks from China

Posted on By infossl
china, hacking, hardware, implants, Security technology, surveillance

Bloomberg has another story about hardware surveillance implants in equipment made in China. This implant is different from the one Bloomberg reported on last week. That story has been denied by pretty much everyone else, but Bloomberg is sticking by its story and its sources. (I linked to other commentary and analysis here.) Again, I … Read More “Another Bloomberg Story about Supply-Chain Hardware Attacks from China” »

Security Vulnerabilities in US Weapons Systems

Posted on By infossl
control, cybersecurity, departmentofdefense, encryption, nationalsecuritypolicy, operationalsecurity, passwords, reports, Security technology, vulnerabilities, weapons

The US Government Accounting Office just published a new report: “Weapons Systems Cyber Security: DOD Just Beginning to Grapple with Scale of Vulnerabilities” (summary here). The upshot won’t be a surprise to any of my regular readers: they’re vulnerable. From the summary: Automation and connectivity are fundamental enablers of DOD’s modern military capabilities. However, they … Read More “Security Vulnerabilities in US Weapons Systems” »

Access Now Is Looking for a Chief Security Officer

Posted on By infossl
privacy, risks, Security technology, securitypolicies

The international digital human rights organization Access Now (I am on the board) is looking to hire a Chief Security Officer. I believe that, somewhere, there is a highly qualified security person who has had enough of corporate life and wants instead of make a difference in the world. If that’s you, please consider applying. … Read More “Access Now Is Looking for a Chief Security Officer” »

The US National Cyber Strategy

Posted on By infossl
cybersecurity, defense, nationalsecuritypolicy, Security technology, securitypolicies

Last month, the White House released the “National Cyber Strategy of the United States of America. I generally don’t have much to say about these sorts of documents. They’re filled with broad generalities. Who can argue with: Defend the homeland by protecting networks, systems, functions, and data; Promote American prosperity by nurturing a secure, thriving … Read More “The US National Cyber Strategy” »

Detecting Credit Card Skimmers

Posted on By infossl
academicpapers, creditcards, lawenforcement, Security technology, skimmers

Interesting research paper: “Fear the Reaper: Characterization and Fast Detection of Card Skimmers“: Abstract: Payment card fraud results in billions of dollars in losses annually. Adversaries increasingly acquire card data using skimmers, which are attached to legitimate payment devices including point of sale terminals, gas pumps, and ATMs. Detecting such devices can be difficult, and … Read More “Detecting Credit Card Skimmers” »