Listen to the Audio on SoundCloud.com Bruce Schneier was at the first ever RSA Conference in 1991, and he was the first ‘exhibitor’ in 1994 when he asked Jim Bidzos, Creator of the RSA Conference, if he could sell copies…
Category: Schneier on Security
In Memoriam: Ross Anderson, 1956-2024
Last week I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version. This article has been indexed from Schneier on Security Read the original article: In Memoriam: Ross…
US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack
US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack that From the executive summary: The Board finds that this intrusion was preventable and should never have…
Friday Squid Blogging: SqUID Bots
They’re AI warehouse robots. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. This article has been indexed from Schneier on…
Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed
It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol: On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from…
Surveillance by the New Microsoft Outlook App
The ProtonMail people are accusing Microsoft’s new Outlook for Windows app of conducting extensive surveillance on its users. It shares data with advertisers, a lot of data: The window informs users that Microsoft and those 801 third parties use their…
Class-Action Lawsuit against Google’s Incognito Mode
The lawsuit has been settled: Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part…
xz Utils Backdoor
The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat…
Declassified NSA Newsletters
Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “Tales of the Krypt,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are…
Magic Security Dust
Adam Shostack is selling magic security dust. It’s about time someone is commercializing this essential technology. This article has been indexed from Schneier on Security Read the original article: Magic Security Dust