Tag: Schneier on Security

“Encryption Backdoors and the Fourth Amendment”

Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any…

Read more →

Another Supply Chain Vulnerability

ProPublica is reporting: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation…

Read more →

New Mobile Phone Forensics Tool

The Chinese have a new tool called Massistant. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop…

Read more →

Security Vulnerabilities in ICEBlock

The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come…

Read more →

Hacking Trains

Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as…

Read more →

Report from the Cambridge Cybercrime Conference

The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here. This article has been indexed from Schneier on Security Read the original article: Report from the Cambridge Cybercrime Conference

Read more →

Squid Dominated the Oceans in the Late Cretaceous

New research: One reason the early years of squids has been such a mystery is because squids’ lack of hard shells made their fossils hard to come by. Undeterred, the team instead focused on finding ancient squid beaks—hard mouthparts with…

Read more →

Tradecraft in the Information Age

Long article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance. This article has been indexed from Schneier on Security Read the original article: Tradecraft in the Information Age

Read more →

Using Signal Groups for Activism

Good tutorial by Micah Lee. It includes some nonobvious use cases. This article has been indexed from Schneier on Security Read the original article: Using Signal Groups for Activism

Read more →

Yet Another Strava Privacy Leak

This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards. in 2018, it was secret US military bases.) This is ridiculous. Why do people continue to make their data public?…

Read more →