schneier

Security researchers reveal defects that allow wireless hijacking of giant construction cranes, scrapers and excavators

Using software-defined radios, researchers from Trend Micro were able to reverse-engineer the commands used to control massive industrial machines, including cranes, excavators and scrapers; most of these commands were unencrypted, but even the encrypted systems were vulnerable to "replay attacks" that allowed the researchers to bypass the encryption. Read the rest “Security researchers reveal defects that allow wireless hijacking of giant construction cranes, scrapers and excavators”

Letterlocking: the long-lost art of using paper-folding to foil snoops

"Letterlocking" is a term coined by MIT Libraries conservator Jana Dambrogio after she discovered a trove of letters while spelunking in the conservation lab of the Vatican Secret Archives; the letters had been ingeniously folded and sealed so that they couldn't be opened and re-closed without revealing that they had been read. Some even contained "booby traps" to catch the unwary. Read the rest “Letterlocking: the long-lost art of using paper-folding to foil snoops”

Using information security to explain why disinformation makes autocracies stronger and democracies weaker

The same disinformation campaigns that epitomize the divisions in US society -- beliefs in voter fraud, vaccine conspiracies, and racist conspiracies about migrants, George Soros and Black Lives Matter, to name a few -- are a source of strength for autocracies like Russia, where the lack of a consensus on which groups and views are real and which are manufactured by the state strengthens the hand of Putin and his clutch of oligarchs. Read the rest “Using information security to explain why disinformation makes autocracies stronger and democracies weaker”

"The End of Trust" - EFF/McSweeney's collaboration on privacy and surveillance - is in stores and free to download now!

The End of Trust (previously) is a special issue of McSweeney's, produced in collaboration with the Electronic Frontier Foundation, on the themes of technology, privacy and surveillance: it's in stores today, and free to download under a Creative Commons license. Read the rest “"The End of Trust" - EFF/McSweeney's collaboration on privacy and surveillance - is in stores and free to download now!”

If you're an American of European descent, your stupid cousins have probably put you in vast commercial genomic databases

Remember when they caught the Golden State Killer by comparing DNA crime-scene evidence to big commercial genomic databases (like those maintained by Ancestry.com, 23 and Me, etc) to find his family members and then track him down? Read the rest “If you're an American of European descent, your stupid cousins have probably put you in vast commercial genomic databases”

EFF and McSweeney's collaborated on a publication: "The End of Trust"

The End of Trust will be McSweeney's issue 54, the first-ever all-nonfiction issue of McSweeney's, with more than 30 contributions on "surveillance in the digital age." Read the rest “EFF and McSweeney's collaborated on a publication: "The End of Trust"”

Schneier's "Click Here To Kill Everybody pervasive connected devices mean we REALLY can't afford shitty internet policy

Bruce Schneier (previously) has spent literal decades as part of the vanguard of the movement to get policy makers to take internet security seriously: to actually try to make devices and services secure, and to resist the temptation to blow holes in their security in order to spy on "bad guys." In Click Here to Kill Everybody: Security and Survival in a Hyper-connected World, Schneier makes a desperate, impassioned plea for sensible action, painting a picture of a world balanced on the point of no return.

70+ internet pioneers to the EU: you are transforming the internet into a "tool for automated surveillance and control" SHARE THIS!

In one week, an EU committee will vote on a pair of extreme copyright proposals that will ban linking to news articles without permission, and force internet platforms to spy on all the pictures, text, video, audio and code their users post, sending it to AIs designed to catch copyright infringement and automatically censor anything that might violate copyright. Read the rest “70+ internet pioneers to the EU: you are transforming the internet into a "tool for automated surveillance and control" SHARE THIS!”

Even if governments backdoor crypto, they still won't be able to spy on terrorists

In a paper published by the International Association for Cryptologic Research, a group of Harvard and MIT cryptographers demonstrate that even if the government were to backdoor encryption and lock up anyone who used non-backdoored systems, people could still hide undetectable, secure, private messages within the messages sent over the compromised systems. Read the rest “Even if governments backdoor crypto, they still won't be able to spy on terrorists”

Online copyright infringement is up, and water is still wet

During the Napster wars, Bruce Schneier famously quipped, "Making bits harder to copy is like making water less wet." Read the rest “Online copyright infringement is up, and water is still wet”

Playing low frequency noise to disrupt hard-drives: denial of service for CCTVs, data-centers, and other computing environments

A group of Princeton and Purdue researchers have demonstrated a successful acoustic attack against mechanical hard-drives where low-frequency noise keyed to the resonant frequency of the drive components is played nearby, causing the drive to vibrate so that the drive can neither be read nor written to. Read the rest “Playing low frequency noise to disrupt hard-drives: denial of service for CCTVs, data-centers, and other computing environments”

For 40 years, American Conservatives have filed down the definition of "corruption," turning the Framers' spear into a blunt stub

Zephyr Teachout's (previously) 2014 book Corruption in America is an incredibly important, timely book about the way that American policy and politics have been distorted by money, something that's gotten steadily worse as it is supercharged by (and supercharges) wealth inequality. Read the rest “For 40 years, American Conservatives have filed down the definition of "corruption," turning the Framers' spear into a blunt stub”

Here's everything that's wrong with America's insecure electronic voting machines, and what to do about it

The University of Pennsylvania's Matt Blaze (previously) is a legendary figure in cryptography and security circles; most recently he convened Defcon's Vote Hacking Village where security experts with no particular knowledge of voting machines repeatedly, fatally hacked surplus voting machines of the sort routinely used in US elections. Read the rest “Here's everything that's wrong with America's insecure electronic voting machines, and what to do about it”

Kids' smart watches are a security/privacy dumpster-fire

The Norwegian Consumer Council hired a security firm called Mnemonic to audit the security of four popular brands of kids' smart watches and found a ghastly array of security defects: the watches allow remote parties to seize control over them in order to monitor children's movements and see where they've gone, covertly listen in on them, and steal their personal information. The data the watches gather and transmit to offshore servers is copious and sent in the clear. The watches incorporate cameras and the photos children take are also easily plundered by hackers. Read the rest “Kids' smart watches are a security/privacy dumpster-fire”

A service that turns pictures of keys into working keys

Snap a picture of a key and Key Me will turn it into a working metal key: just a reminder that locks probably aren't as secure you imagine. (via Schneier) Read the rest “A service that turns pictures of keys into working keys”

Leaked NSA docs: Russian military hacked US voting software company, spearphished 122 election officials

An anonymously leaked Top Secret NSA report on Russian state hackers interfering with the US elections has been published by The Intercept, which had the documents independently analyzed by a who's-who of America's leading security experts. Read the rest “Leaked NSA docs: Russian military hacked US voting software company, spearphished 122 election officials”

That time the TSA started screening all paper products separately

Akal Security Inc is the TSA contractor that screens passengers at Kansas City International Airport under a $108m/5 year contract; earlier this month they began abruptly scanning all paper products in carry on luggage, requiring passengers to pull out their books, papers, even post-it notes for secondary inspection. Read the rest “That time the TSA started screening all paper products separately”

Next page

:)