Category: Schneier on Security

New research: “Pterosaurs ate soft-bodied cephalopods (Coleiodea).” News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here….   Advertise on…

Read more →

From a FOIA request, over a hundred old NSA security awareness posters. Here are the BBC’s favorites. Here are Motherboard’s favorites. I have a related personal story. Back in 1993, during the first Crypto Wars, I and a handful of…

Read more →

The Department of Interior is grounding all non-emergency drones due to security concerns: The order comes amid a spate of warnings and bans at multiple government agencies, including the Department of Defense, about possible vulnerabilities in Chinese-made drone systems that…

Read more →

To comply with California’s new data privacy law, companies that collect information on consumers and users are forced to be more transparent about it. Sometimes the results are creepy. Here’s an article about Ralphs, a California supermarket chain owned by…

Read more →

Sometimes it’s hard to tell the corporate surveillance operations from the government ones: Google reportedly has a database called Sensorvault in which it stores location data for millions of devices going back almost a decade. The article is about geofence…

Read more →

Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban may…

Read more →

This year: King County voters will be able to use their name and birthdate to log in to a Web portal through the Internet browser on their phones, says Bryan Finney, the CEO of Democracy Live, the Seattle-based voting company…

Read more →

Following on from last week’s post, here’s more information on sequencing the DNA of the giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read…

Read more →

Motherboard obtained and published the technical report on the hack of Jeff Bezos’s phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. …investigators set up a secure lab to examine the phone and its…

Read more →

This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one…

Read more →

It’s a list of easy-to-guess passwords for IoT devices on the Internet as recently as last October and November. Useful for anyone putting together a bot network: A hacker has published this week a massive list of Telnet credentials for…

Read more →

Glenn Greenwald has been charged with cybercrimes in Brazil, stemming from publishing information and documents that were embarrassing to the government. The charges are that he actively helped the people who actually did the hacking: Citing intercepted messages between Mr.…

Read more →

SIM hijacking — or SIM swapping — is an attack where a fraudster contacts your cell phone provider and convinces them to switch your account to a phone that they control. Since your smartphone often serves as a security measure…

Read more →

The New York Times has a long story about Clearview AI, a small company that scrapes identified photos of people from pretty much everywhere, and then uses unstated magical AI technology to identify people in other photos. His tiny company,…

Read more →

This is fantastic work: In total, the researchers identified approximately 2.7 billion DNA base pairs, which is around 90 percent the size of the human genome. There’s nothing particularly special about that size, especially considering that the axolotl genome is…

Read more →

Story of how Tiffany & Company moved all of its inventory from one store to another. Short summary: careful auditing and a lot of police….   Advertise on IT Security News. Read the complete article: Securing Tiffany’s Move

Read more →

Yesterday’s Microsoft Windows patches included a fix for a critical vulnerability in the system’s crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using…

Read more →

This is a current list of where and when I am scheduled to speak: I’m speaking at Indiana University Bloomington on January 30, 2020. I’ll be at RSA Conference 2020 in San Francisco. On Wednesday, February 26, at 2:50 PM,…

Read more →

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give…

Read more →

Presidential-campaign season is officially, officially, upon us now, which means it’s time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: Artificial personas are coming, and they’re poised…

Read more →

A Croatian recipe. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here….   Advertise on IT Security News. Read the complete…

Read more →

Special Services Group, a company that sells surveillance tools to the FBI, DEA, ICE, and other US government agencies, has had its secret sales brochure published. Motherboard received the brochure as part of a FOIA request to the Irvine Police…

Read more →

BusKill is designed to wipe your laptop (Linux only) if it is snatched from you in a public place: The idea is to connect the BusKill cable to your Linux laptop on one end, and to your belt, on the…

Read more →

Here’s a physical-world example of why master keys are a bad idea. It’s a video of two postal thieves using a master key to open apartment building mailboxes. Changing the master key for physical mailboxes is a logistical nightmare, which…

Read more →

Fantastic video: Scientists had used a specialized camera system developed by Widder called the Medusa, which uses red light undetectable to deep sea creatures and has allowed scientists to discover species and observe elusive ones. The probe was outfitted with…

Read more →

A malicious Chrome extension surreptitiously steals Ethereum keys and passwords: According to Denley, the extension is dangerous to users in two ways. First, any funds (ETH coins and ERC0-based tokens) managed directly inside the extension are at risk. Denley says…

Read more →

No one knows who they belong to. (Well, of course someone knows. And my guess is that it’s likely that we will know soon.)…   Advertise on IT Security News. Read the complete article: Mysterious Drones Are Flying over Colorado

Read more →

No one knows who they belong to. (Well, of course someone knows. And my guess is that it’s likely that we will know soon.)…   Advertise on IT Security News. Read the complete article: Mysterious Drones are Flying over Colorado

Read more →