Fingerprinting Digital Documents

Schneier on Security - Thu, 01/11/2018 - 20:50
In this era of electronic leakers, remember that zero-width spaces and homoglyph substitution can fingerprint individual instances of files.... Bruce Schneier
Categories: Security

Yet Another FBI Proposal for Insecure Communications

Schneier on Security - Thu, 01/11/2018 - 15:05
Deputy Attorney General Rosenstein has given talks where he proposes that tech companies decrease their communications and device security for the benefit of the FBI. In a recent talk, his idea is that tech companies just save a copy of the plaintext: Law enforcement can also partner with private industry to address a problem we call "Going Dark." Technology increasingly... Bruce Schneier
Categories: Security

Susan Landau's New Book: Listening In

Schneier on Security - Wed, 01/10/2018 - 21:42
Susan Landau has written a terrific book on cybersecurity threats and why we need strong crypto. Listening In: Cybersecurity in an Insecure Age. It's based in part on her 2016 Congressional testimony in the Apple/FBI case; it examines how the Digital Revolution has transformed society, and how law enforcement needs to -- and can -- adjust to the new realities.... Bruce Schneier
Categories: Security

Cybersecurity and the 2017 US National Security Strategy

Schneier on Security - Wed, 01/10/2018 - 15:27
Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan.... Bruce Schneier
Categories: Security

Daniel Miessler on My Writings about IoT Security

Schneier on Security - Tue, 01/09/2018 - 23:26
Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything is doom and gloom. I... Bruce Schneier
Categories: Security

NSA Morale

Schneier on Security - Tue, 01/09/2018 - 13:58
The Washington Post is reporting that poor morale at the NSA is causing a significant talent shortage. A November New York Times article said much the same thing. The articles point to many factors: the recent reorganization, low pay, and the various leaks. I have been saying for a while that the Shadow Brokers leaks have been much more damaging... Bruce Schneier
Categories: Security

Tourist Scams

Schneier on Security - Mon, 01/08/2018 - 14:34
A comprehensive list. Most are old and obvious, but there are some clever variants.... Bruce Schneier
Categories: Security

Friday Squid Blogging: How the Optic Lobe Controls Squid Camouflage

Schneier on Security - Sat, 01/06/2018 - 00:42
Experiments on the oval squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security

Spectre and Meltdown Attacks Against Microprocessors

Schneier on Security - Fri, 01/05/2018 - 22:22
The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution -- which of course is not a solution -- is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the microprocessors at the heart of the world's... Bruce Schneier
Categories: Security

New Book Coming in September: "Click Here to Kill Everybody"

Schneier on Security - Fri, 01/05/2018 - 20:45
My next book is still on track for a September 2018 publication. Norton is still the publisher. The title is now Click Here to Kill Everybody: Peril and Promise on a Hyperconnected Planet, which I generally refer to as CH2KE. The table of contents has changed since I last blogged about this, and it now looks like this: Introduction: Everything... Bruce Schneier
Categories: Security

Detecting Adblocker Blockers

Schneier on Security - Fri, 01/05/2018 - 17:00
Interesting research on the prevalence of adblock blockers: "Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis": Abstract: Millions of people use adblockers to remove intrusive and malicious ads as well as protect themselves against tracking and pervasive surveillance. Online publishers consider adblockers a major threat to the ad-powered "free" Web. They have started to retaliate against adblockers by employing anti-adblockers... Bruce Schneier
Categories: Security

Spectre and Meltdown Attacks

Schneier on Security - Thu, 01/04/2018 - 14:28
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud... Bruce Schneier
Categories: Security

Tamper-Detection App for Android

Schneier on Security - Wed, 01/03/2018 - 14:17
Edward Snowden and Nathan Freitas have created an Android app that detects when it's being tampered with. The basic idea is to put the app on a second phone and put the app on or near something important, like your laptop. The app can then text you -- and also record audio and video -- when something happens around it:... Bruce Schneier
Categories: Security

Fake Santa Surveillance Camera

Schneier on Security - Tue, 01/02/2018 - 14:51
Reka makes a "decorative Santa cam," meaning that it's not a real camera. Instead, it just gets children used to being under constant surveillance. Our Santa Cam has a cute Father Christmas and mistletoe design, and a red, flashing LED light which will make the most logical kids suspend their disbelief and start to believe!... Bruce Schneier
Categories: Security

Security Vulnerabilities in Star Wars

Schneier on Security - Mon, 01/01/2018 - 14:23
A fun video describing some of the many Empire security vulnerabilities in the first Star Wars movie. Happy New Year, everyone.... Bruce Schneier
Categories: Security

Friday Squid Blogging: Squid Populations Are Exploding

Schneier on Security - Sat, 12/30/2017 - 00:23
New research: "Global proliferation of cephalopods" Summary: Human activities have substantially changed the world's oceans in recent decades, altering marine food webs, habitats and biogeochemical processes. Cephalopods (squid, cuttlefish and octopuses) have a unique set of biological traits, including rapid growth, short lifespans and strong life-history plasticity, allowing them to adapt quickly to changing environmental conditions. There has been growing... Bruce Schneier
Categories: Security

Profile of Reality Winner

Schneier on Security - Fri, 12/29/2017 - 14:34
New York Magazine published an excellent profile of the single-document leaker Reality Winner.... Bruce Schneier
Categories: Security

The "Extended Random" Feature in the BSAFE Crypto Library

Schneier on Security - Thu, 12/28/2017 - 14:30
Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS.... Bruce Schneier
Categories: Security

Post-Quantum Algorithms

Schneier on Security - Wed, 12/27/2017 - 14:28
NIST has organized a competition for public-key algorithms secure against a quantum computer. It recently published all of its Round 1 submissions. (Details of the NIST efforts are here. A timeline for the new algorithms is here.)... Bruce Schneier
Categories: Security

Acoustical Attacks against Hard Drives

Schneier on Security - Tue, 12/26/2017 - 17:34
Interesting destructive attack: "Acoustic Denial of Service Attacks on HDDs": Abstract: Among storage components, hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their recent technological advances, including, enhanced energy efficacy and significantly-improved areal density. Such advances in HDDs have made them an inevitable part of numerous computing systems, including, personal computers, closed-circuit television... Bruce Schneier
Categories: Security
Syndicate content

eXTReMe Tracker