Having a job in America means being subjected to continuous, intimate surveillance

It started with companies sneaking their own certificates into the devices you used so they could spy on you private communications, even those with HTTPS-based encryption. Read the rest

At least twice, Sean Spicer has accidentally tweeted the password to his official White House spokesman Twitter account

Day six! It's also a pretty shitty password. Let's hope he's got 2-factor auth turned on! Also, Trump's still using his insecure personal Android device. Read the rest

What we can learn from 2016: the year of the security breach

Ryan McGeehan, who specializes in helping companies recover from data-breaches, reflects on the worst year of data breaches (so far) and has some sound practical advice on how to reduce your risk and mitigate your losses: some easy wins are to get your staff to use password managers and two-factor authentication for their home computers (since everyone is expected to work in their off-hours, most home computers are an easy way to get into otherwise well-defended networks); and stress-test your network for breach recovery. Read the rest