Friday Squid Blogging: Baby Sea Otters Prefer Shrimp to Squid

Schneier on Security - Fri, 12/15/2017 - 23:21
At least, this one does. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security

Tracking People Without GPS

Schneier on Security - Fri, 12/15/2017 - 13:18
Interesting research: The trick in accurately tracking a person with this method is finding out what kind of activity they're performing. Whether they're walking, driving a car, or riding in a train or airplane, it's pretty easy to figure out when you know what you're looking for. The sensors can determine how fast a person is traveling and what kind... Bruce Schneier
Categories: Security

Social Media Postings

Be careful: the more information you post online about yourself, the easier it is for a cyber attacker to target you and create custom attacks against you or your organization.
Categories: Security

Security Planner

Schneier on Security - Thu, 12/14/2017 - 14:01
Security Planner is a custom security advice tool from Citizen Lab. Answer a few questions, and it gives you a few simple things you can do to improve your security. It's not meant to be comprehensive, but instead to give people things they can actually do to immediately improve their security. I don't see it replacing any of the good... Bruce Schneier
Categories: Security

Two-Step Verification

Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
Categories: Security

E-Mail Tracking

Schneier on Security - Wed, 12/13/2017 - 13:14
Good article on the history and practice of e-mail tracking: The tech is pretty simple. Tracking clients embed a line of code in the body of an email­ -- usually in a 1x1 pixel image, so tiny it's invisible, but also in elements like hyperlinks and custom fonts. When a recipient opens the email, the tracking client recognizes that pixel... Bruce Schneier
Categories: Security

Use Caution Opening Email Attachments

A common method cyber criminals use to hack into people's computers is to send them emails with infected attachments. People are tricked into opening these attachments because they appear to come from someone or something they know and trust. Only open email attachments that you were expecting. Not sure about an email? Call the person to confirm they sent it.
Categories: Security

Remote Hack of a Boeing 757

Schneier on Security - Tue, 12/12/2017 - 13:08
Last month, the DHS announced that it was able to remotely hack a Boeing 757: "We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration," said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate. "[Which] means I didn't have anybody... Bruce Schneier
Categories: Security

Never Share Your Passwords

Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
Categories: Security

Surveillance inside the Body

Schneier on Security - Mon, 12/11/2017 - 13:37
The FDA has approved a pill with an embedded sensor that can report when it is swallowed. The pill transmits information to a wearable patch, which in turn transmits information to a smartphone.... Bruce Schneier
Categories: Security

When Away

Leaving your seat? Ctrl--Alt--Delete! Make sure you lock your workstation or laptop while you are away from it. On a Mac? Try Control--Shift--Eject/Power.
Categories: Security

Friday Squid Blogging: Squid Embryos Coming to Life

Schneier on Security - Fri, 12/08/2017 - 14:03
Beautiful video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security

Security Vulnerabilities in Certificate Pinning

Schneier on Security - Fri, 12/08/2017 - 13:15
New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. From the paper: Abstract: Certificate verification is a crucial stage in the establishment of a TLS connection. A common security flaw in TLS implementations is the lack of certificate hostname verification but, in... Bruce Schneier
Categories: Security

Forwarding Emails

When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Categories: Security

Germany Preparing Backdoor Law

Schneier on Security - Wed, 12/06/2017 - 16:06
The German Interior Minister is preparing a bill that allows the government to mandate backdoors in encryption. No details about how likely this is to pass. I am skeptical.... Bruce Schneier
Categories: Security

Matt Blaze on Securing Voting Machines

Schneier on Security - Tue, 12/05/2017 - 13:39
Matt Blaze's House testimony on the security of voting machines is an excellent read. (Details on the entire hearing is here.) I have not watched the video.... Bruce Schneier
Categories: Security

Paper Documents Also Have to Be Protected

Keep in mind that digital data is not the only thing that needs to be protected. Paper documents also need to be protected. When disposing of any confidential documents, make sure they are shredded first or disposed of in bins for shredding. Also, be sure to lock up any sensitive documents before you go home at the end of the day.
Categories: Security

"Crypto" Is Being Redefined as Cryptocurrencies

Schneier on Security - Mon, 12/04/2017 - 16:14
I agree with Lorenzo Franceschi-Bicchierai, "Cryptocurrencies aren't 'crypto'": Lately on the internet, people in the world of Bitcoin and other digital currencies are starting to use the word "crypto" as a catch-all term for the lightly regulated and burgeoning world of digital currencies in general, or for the word "cryptocurrency" -- which probably shouldn't even be called "currency," by the... Bruce Schneier
Categories: Security

Kids and Family Members

If you have children visiting or staying with family members (such as grandparents), make sure the family members know your rules concerning technology that your kids must follow. Just because your kids leave the house does not mean the rules about what they can do online change.
Categories: Security

Friday Squid Blogging: Research into Squid-Eating Beaked Whales

Schneier on Security - Fri, 12/01/2017 - 23:22
Beaked whales, living off the coasts of Ireland, feed on squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security
Syndicate content

eXTReMe Tracker