Блог пользователя - schneier

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide — tha...

At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using ...

No one who reads this blog regularly will be surprised:A former employee of prominent home security company ADT has admitted that he hacked into the surveillance feeds of...

Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process:Key PointsSUNSPOT is StellarParticle’s malw...

Smart commentary:…I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile gates I...

From an interview with an Amazon Web Services security engineer:So when you use AWS, part of what you’re paying for is security.Right; it’s part of what we sell. Let’s sa...

Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack in i...

Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian FSB back in August. The details display some impressive traffic analysis. Navalny go...

Persuasion is as old as our species. Both democracy and the market economy depend on it. Politicians persuade citizens to vote for them, or to support different policy po...

This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP.Here’s how it works: ODoH wraps a layer of encryption around the DNS...

I can’t believe that check washing is still a thing:“Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes with checks...

Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the ...

Blockchain voting is a spectacularly dumb idea for a whole bunch of reasons. I have generally quoted Matt Blaze:Why is blockchain voting a dumb idea? Glad you asked.For s...

Over at Lawfare: “2020 Is An Election Security Success Story (So Far).”What’s more, the voting itself was remarkably smooth. It was only a few months ago that professiona...

Accuracy isn’t great, but that it can be done at all is impressive.Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to ...

Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names.We’ve long known that redacting is hard in the m...

Researchers are tricking autopilots by inserting split-second images into roadside billboards.Researchers at Israel’s Ben Gurion University of the Negev … previously reve...

One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal sea...

Interesting usability study: “More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication“:Abstract: Risk-based Authenticati...

Really interesting conversation with someone who negotiates with ransomware gangs:For now, it seems that paying ransomware, while obviously risky and empowering/encouragi...