Если вам есть, что сказать сообществу профессионалов ИБ и ИТ – заведите здесь свой блог

Блог пользователя - schneier

Аватар пользователя schneier
14.09.2020
Interesting Attack on the EMV Smartcard Payment Standard

It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the required ...

Аватар пользователя schneier
10.09.2020
The Third Edition of Ross Anderson’s Security Engineering

Ross Anderson’s fantastic textbook, Security Engineering, will have a third edition. The book won’t be published until December, but Ross has been making drafts of the ch...

Аватар пользователя schneier
02.09.2020
Insider Attack on the Carnegie Library

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught.It's a perennial problem: trus...

Аватар пользователя schneier
24.08.2020
DiceKeys

DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and the...

Аватар пользователя schneier
20.08.2020
Copying a Key by Listening to It in Action

Researchers are using recordings of keys being used in locks to create copies.Once they have a key-insertion audio file, SpiKey's inference software gets to work filterin...

Аватар пользователя schneier
10.08.2020
Smart Lock Vulnerability

Yet another Internet-connected door lock is insecure:Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and ve...

Аватар пользователя schneier
03.08.2020
BlackBerry Phone Cracked

Australia is reporting that a BlackBerry device has been cracked after five years:An encrypted BlackBerry device that was cracked five years after it was first seized by ...

Аватар пользователя schneier
27.07.2020
Images in Eye Reflections

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye, and using that information to establish a location.Reminds me of the image enhancemen...

Аватар пользователя schneier
20.07.2020
On the Twitter Hack

Twitter was hacked this week. Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in cre...

Аватар пользователя schneier
14.07.2020
Enigma Machine for Sale

A four-rotor Enigma machine -- with rotors -- is up for auction.

Аватар пользователя schneier
08.07.2020
Half a Million IoT Passwords Leaked

It is amazing that this sort of thing can still happen:...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hack...

Аватар пользователя schneier
02.07.2020
The Security Value of Inefficiency

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing.Running just at the margins is efficient. A si...

Аватар пользователя schneier
24.06.2020
COVID-19 Risks of Flying

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer...

Аватар пользователя schneier
17.06.2020
Bank Card "Master Key" Stolen

South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards.The brea...

Аватар пользователя schneier
11.06.2020
Another Intel Speculative Execution Vulnerability

Remember Spectre and Meltdown? Back in early 2018, I wrote:Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data....

Аватар пользователя schneier
04.06.2020
Zoom's Commitment to User Security Depends on Whether you Pay It or Not

Zoom was doing so well.... And now we have this:Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users wo...

Аватар пользователя schneier
27.05.2020
Websites Conducting Port Scans

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors.Looking at the list of ports they are sc...

Аватар пользователя schneier
20.05.2020
Bart Gellman on Snowden

Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a coupl...

Аватар пользователя schneier
12.05.2020
Attack Against PC Thunderbolt Port

The attack requires physical access to the computer, but it's pretty devastating:On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can b...

Аватар пользователя schneier
05.05.2020
Malware in Google Apps

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam.At a remote virtual version of its annual Security Analy...

Страницы

Subscribe to RSS - Блог пользователя - schneier
Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.