They’re not much, but they do exist. Powered by WPeMatico
Someone just registered their company name as ; DROP TABLE “COMPANIES”;– LTD. Reddit thread. Obligatory xkcd comic. Powered by WPeMatico
In The Better Angels of Our Nature, Steven Pinker convincingly makes the point that by pretty much every measure you can think of, violence has declined on our planet over the long term. More generally, “the world continues to improve in just about every way.” He’s right, but there are two important caveats. One, he … Read More “Are We Becoming More Moral Faster Than We're Becoming More Dangerous?” »
There’s a concept from computer security known as a class break. It’s a particular security vulnerability that breaks not just one system, but an entire class of systems. Examples might be a vulnerability in a particular operating system that allows an attacker to take remote control of every computer that runs on that system’s software. … Read More “Class Breaks” »
A modern photocopier is basically a computer with a scanner and printer attached. This computer has a hard drive, and scans of images are regularly stored on that drive. This means that when a photocopier is thrown away, that hard drive is filled with pages that the machine copied over its lifetime. As you might … Read More “Photocopier Security” »
BBC.com reports that squid are proliferating around the North Sea, and speculates that they will become an increasingly common British dinner. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Nice article on the 2011 DigiNotar attack and how it changed security practices in the CA industry. Powered by WPeMatico
Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal’s new anti-censorship feature uses a trick called “domain fronting,” Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can … Read More “How Signal Is Evading Censorship” »
Former TSA Administrator Kip Hawley wrote an op-ed pointing out the security vulnerabilities in the TSA’s PreCheck program: The first vulnerability in the system is its enrollment process, which seeks to verify an applicant’s identity. We know verification is a challenge: A 2011 Government Accountability Office report on TSA’s system for checking airport workers’ identities … Read More “Security Risks of TSA PreCheck” »
Merry Squidmas. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico