schneier

Even if governments backdoor crypto, they still won't be able to spy on terrorists

In a paper published by the International Association for Cryptologic Research, a group of Harvard and MIT cryptographers demonstrate that even if the government were to backdoor encryption and lock up anyone who used non-backdoored systems, people could still hide undetectable, secure, private messages within the messages sent over the compromised systems. Read the rest

Online copyright infringement is up, and water is still wet

During the Napster wars, Bruce Schneier famously quipped, "Making bits harder to copy is like making water less wet." Read the rest

Playing low frequency noise to disrupt hard-drives: denial of service for CCTVs, data-centers, and other computing environments

A group of Princeton and Purdue researchers have demonstrated a successful acoustic attack against mechanical hard-drives where low-frequency noise keyed to the resonant frequency of the drive components is played nearby, causing the drive to vibrate so that the drive can neither be read nor written to. Read the rest

For 40 years, American Conservatives have filed down the definition of "corruption," turning the Framers' spear into a blunt stub

Zephyr Teachout's (previously) 2014 book Corruption in America is an incredibly important, timely book about the way that American policy and politics have been distorted by money, something that's gotten steadily worse as it is supercharged by (and supercharges) wealth inequality. Read the rest

Here's everything that's wrong with America's insecure electronic voting machines, and what to do about it

The University of Pennsylvania's Matt Blaze (previously) is a legendary figure in cryptography and security circles; most recently he convened Defcon's Vote Hacking Village where security experts with no particular knowledge of voting machines repeatedly, fatally hacked surplus voting machines of the sort routinely used in US elections. Read the rest

Kids' smart watches are a security/privacy dumpster-fire

The Norwegian Consumer Council hired a security firm called Mnemonic to audit the security of four popular brands of kids' smart watches and found a ghastly array of security defects: the watches allow remote parties to seize control over them in order to monitor children's movements and see where they've gone, covertly listen in on them, and steal their personal information. The data the watches gather and transmit to offshore servers is copious and sent in the clear. The watches incorporate cameras and the photos children take are also easily plundered by hackers. Read the rest

A service that turns pictures of keys into working keys

Snap a picture of a key and Key Me will turn it into a working metal key: just a reminder that locks probably aren't as secure you imagine. (via Schneier) Read the rest

Leaked NSA docs: Russian military hacked US voting software company, spearphished 122 election officials

An anonymously leaked Top Secret NSA report on Russian state hackers interfering with the US elections has been published by The Intercept, which had the documents independently analyzed by a who's-who of America's leading security experts. Read the rest

That time the TSA started screening all paper products separately

Akal Security Inc is the TSA contractor that screens passengers at Kansas City International Airport under a $108m/5 year contract; earlier this month they began abruptly scanning all paper products in carry on luggage, requiring passengers to pull out their books, papers, even post-it notes for secondary inspection. Read the rest

A Crooked Timber seminar on Walkaway

My latest novel, Walkaway, was published today, and the Crooked Timber block has honored me with a seminar on the book, where luminaries from Henry Farrell to Julia Powles to John Holbo to Astra Taylor to Bruce Schneier weigh in with a series of critical essays that will run in the weeks to come, closing with an essay of my own, in response. Read the rest

Juvenile criminal defense attorneys forced to agree to Taser's terms of service to see the state's evidence

California criminal defense attorney Rick Horowitz had a juvenile client, he was shocked when the prosecutor in the case told him that to see the evidence against his client, he'd have to log in to evidence.com, run by Taser International (now rebranded as Axon). Read the rest

The Internet of Things will host devastating, unstoppable botnets

Bruce Schneier takes to the pages of Technology Review to remind us all that while botnets have been around for a long time, the Internet of Things is supercharging them, thanks to insecurity by design. Read the rest

Wikileaks offers tech giants access to sourcecode for CIA Vault 7 exploits

Wikileaks' seismic Vault 7 release didn't follow the usual Wikileaks procedure: perhaps in response to earlier criticism, the organization redacted many of the files prior to their release, cutting names of CIA operatives and the sourcecode for the cyber-weapons the CIA had developed, which exploit widely used mobile devices, embedded systems, and operating systems. Read the rest

Bruce Schneier's four-year plan for the Trump years

1. Fight the fights (against more government and commercial surveillance; backdoors, government hacking); 2. Prepare for those fights (push companies to delete those logs; remind everyone that security and privacy can peacefully co-exist); 3. Lay the groundword for a better future (figure out non-surveillance internet business models, privacy-respecting law enforcement, and limits on corporate surveillance); 4. Continue to solve the actual problems (cybercrime, cyber-espionage, cyberwar, the Internet of Things, algorithmic decision making, foreign interference in our elections). Read the rest

A madman has been given the keys to the surveillance state

When the USA PATRIOT Act was signed into law on October 26, 2001, it erased many of the vital checks and balances that stood between the American people and their government. As Bush supporters cheered the unprecedented power that their people in Washington now held, the civil liberties world warned them: "Your president has just fashioned a weapon that will be wielded by all who come after him."

Internet-destroying outages were caused by "amateurish" IoT malware

Some of the internet's most popular, well-defended services -- including Twitter -- were knocked offline yesterday by a massive denial-of-service attack that security experts are blaming on botnets made from thousands of hacked embedded systems in Internet of Things devices like home security cameras and video recorders. Read the rest

In a leaked "weaponized information" catalog, Indian cyberarms dealer offers blackest-ever SEO

In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball -- the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online. Read the rest

Previous PageNext page