A group of Princeton and Purdue researchers have demonstrated a successful acoustic attack against mechanical hard-drives where low-frequency noise keyed to the resonant frequency of the drive components is played nearby, causing the drive to vibrate so that the drive can neither be read nor written to.
Read the rest
Zephyr Teachout's (previously) 2014 book Corruption in America is an incredibly important, timely book about the way that American policy and politics have been distorted by money, something that's gotten steadily worse as it is supercharged by (and supercharges) wealth inequality.
Read the rest
The University of Pennsylvania's Matt Blaze (previously) is a legendary figure in cryptography and security circles; most recently he convened Defcon's Vote Hacking Village where security experts with no particular knowledge of voting machines repeatedly, fatally hacked surplus voting machines of the sort routinely used in US elections.
Read the rest
The Norwegian Consumer Council hired a security firm called Mnemonic to audit the security of four popular brands of kids' smart watches and found a ghastly array of security defects: the watches allow remote parties to seize control over them in order to monitor children's movements and see where they've gone, covertly listen in on them, and steal their personal information. The data the watches gather and transmit to offshore servers is copious and sent in the clear. The watches incorporate cameras and the photos children take are also easily plundered by hackers. Read the rest
Snap a picture of a key and Key Me will turn it into a working metal key: just a reminder that locks probably aren't as secure you imagine. (via Schneier) Read the rest
An anonymously leaked Top Secret NSA report on Russian state hackers interfering with the US elections has been published by The Intercept, which had the documents independently analyzed by a who's-who of America's leading security experts. Read the rest
Akal Security Inc is the TSA contractor that screens passengers at Kansas City International Airport under a $108m/5 year contract; earlier this month they began abruptly scanning all paper products in carry on luggage, requiring passengers to pull out their books, papers, even post-it notes for secondary inspection. Read the rest
My latest novel, Walkaway, was published today, and the Crooked Timber block has honored me with a seminar on the book, where luminaries from Henry Farrell to Julia Powles to John Holbo to Astra Taylor to Bruce Schneier weigh in with a series of critical essays that will run in the weeks to come, closing with an essay of my own, in response. Read the rest
California criminal defense attorney Rick Horowitz had a juvenile client, he was shocked when the prosecutor in the case told him that to see the evidence against his client, he'd have to log in to evidence.com, run by Taser International (now rebranded as Axon). Read the rest
Bruce Schneier takes to the pages of Technology Review to remind us all that while botnets have been around for a long time, the Internet of Things is supercharging them, thanks to insecurity by design. Read the rest
Wikileaks' seismic Vault 7 release didn't follow the usual Wikileaks procedure: perhaps in response to earlier criticism, the organization redacted many of the files prior to their release, cutting names of CIA operatives and the sourcecode for the cyber-weapons the CIA had developed, which exploit widely used mobile devices, embedded systems, and operating systems. Read the rest
1. Fight the fights (against more government and commercial surveillance; backdoors, government hacking); 2. Prepare for those fights (push companies to delete those logs; remind everyone that security and privacy can peacefully co-exist); 3. Lay the groundword for a better future (figure out non-surveillance internet business models, privacy-respecting law enforcement, and limits on corporate surveillance); 4. Continue to solve the actual problems (cybercrime, cyber-espionage, cyberwar, the Internet of Things, algorithmic decision making, foreign interference in our elections). Read the rest
When the USA PATRIOT Act was signed into law on October 26, 2001, it erased many of the vital checks and balances that stood between the American people and their government. As Bush supporters cheered the unprecedented power that their people in Washington now held, the civil liberties world warned them: "Your president has just fashioned a weapon that will be wielded by all who come after him."
Some of the internet's most popular, well-defended services -- including Twitter -- were knocked offline yesterday by a massive denial-of-service attack that security experts are blaming on botnets made from thousands of hacked embedded systems in Internet of Things devices like home security cameras and video recorders. Read the rest
In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball -- the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online. Read the rest