Security technology
A CNN reporter foundsome sensitive — but, technically, not classified — documents about Super Bowl security in the front pocket of an airplane seat. Powered by WPeMatico
Security technology, squid
Pretty, but contains no actual squid ingredients. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
academicpapers, antivirus, certificates, forgery, malware, Security technology, signatures, stuxnet
Stuxnet famously used legitimate digital certificates to sign its malware. A research paper from last year found that the practice is much more common than previously thought. Now, researchers have presented proof that digitally signed malware is much more common than previously believed. What’s more, it predated Stuxnet, with the first known instance occurring in … Read More “Signed Malware” »
atms, malware, physicalsecurity, Security technology, tamperdetection, theft
Brian Krebs is reporting sophisticated jackpotting attacks against US ATMs. The attacker gains physical access to the ATM, plants malware using specialized electronics, and then later returns and forces the machine to dispense all the cash it has inside. The Secret Service alert explains that the attackers typically use an endoscope — a slender, flexible … Read More “Jackpotting Attacks Against US ATMs” »
internet, israel, secrecy, Security technology
According to this story (non-paywall English version here), Israeli scientists released some information to the public they shouldn’t have. Defense establishment officials are now trying to erase any trace of the secret information from the web, but they have run into difficulties because the information was copied and is found on a number of platforms. … Read More “Israeli Scientists Accidentally Reveal Classified Information” »
courts, edwardsnowden, essays, lawenforcement, loopholes, nationalsecuritypolicy, nsa, privacy, Security technology, surveillance
For over a decade, civil libertarians have been fighting government mass surveillance of innocent Americans over the Internet. We’ve just lost an important battle. On January 18, President Trump signed the renewal of Section 702, domestic mass surveillance became effectively a permanent part of US law. Section 702 was initially passed in 2008, as an … Read More “After Section 702 Reauthorization” »
fear, movieplotthreats, Security technology, terrorism, transportation
Local residents are opposing adding an elevator to a subway station because terrorists might use it to detonate a bomb. No, really. There’s no actual threat analysis, only fear: “The idea that people can then ride in on the subway with a bomb or whatever and come straight up in an elevator is awful to … Read More “Subway Elevators and Movie-Plot Threats” »
datacollection, geolocation, military, secrecy, Security technology
In November, the company Strava released an anonymous data-visualization map showing all the fitness activity by everyone using the app. Over this weekend, someone realized that it could be used to locate secret military bases: just look for repeated fitness activity in the middle of nowhere. News article. Powered by WPeMatico
academicpapers, costbenefitanalysis, cybercrime, economicsofsecurity, Security technology, symantec
It’s really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I’ve seen at trying to put a number on this. The results are, well, all over the map: “Estimating the Global Cost of Cyber Risk: Methodology and Examples“: Abstract: … Read More “Estimating the Cost of Internet Insecurity” »
academicpapers, Security technology, squid
The mating and death characteristics of some squid are fascinating. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico