Блог пользователя - schneier

Аватар пользователя schneier
12.02.2021
Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide — tha...

Аватар пользователя schneier
04.02.2021
Another SolarWinds Orion Hack

At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using ...

Аватар пользователя schneier
25.01.2021
Insider Attack on Home Surveillance Systems

No one who reads this blog regularly will be surprised:A former employee of prominent home security company ADT has admitted that he hacked into the surveillance feeds of...

Аватар пользователя schneier
19.01.2021
Injecting a Backdoor into SolarWinds Orion

Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process:Key PointsSUNSPOT is StellarParticle’s malw...

Аватар пользователя schneier
13.01.2021
On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security

Smart commentary:…I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile gates I...

Аватар пользователя schneier
04.01.2021
Amazon Has Trucks Filled with Hard Drives and an Armed Guard

From an interview with an Amazon Web Services security engineer:So when you use AWS, part of what you’re paying for is security.Right; it’s part of what we sell. Let’s sa...

Аватар пользователя schneier
28.12.2020
Russia’s SolarWinds Attack

Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack in i...

Аватар пользователя schneier
23.12.2020
Investigating the Navalny Poisoning

Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian FSB back in August. The details display some impressive traffic analysis. Navalny go...

Аватар пользователя schneier
14.12.2020
Should There Be Limits on Persuasive Technologies?

Persuasion is as old as our species. Both democracy and the market economy depend on it. Politicians persuade citizens to vote for them, or to support different policy po...

Аватар пользователя schneier
09.12.2020
Oblivious DNS-over-HTTPS

This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP.Here’s how it works: ODoH wraps a layer of encryption around the DNS...

Аватар пользователя schneier
30.11.2020
Check Washing

I can’t believe that check washing is still a thing:“Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes with checks...

Аватар пользователя schneier
23.11.2020
More on the Security of the 2020 US Election

Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the ...

Аватар пользователя schneier
16.11.2020
On Blockchain Voting

Blockchain voting is a spectacularly dumb idea for a whole bunch of reasons. I have generally quoted Matt Blaze:Why is blockchain voting a dumb idea? Glad you asked.For s...

Аватар пользователя schneier
10.11.2020
2020 Was a Secure Election

Over at Lawfare: “2020 Is An Election Security Success Story (So Far).”What’s more, the voting itself was remarkably smooth. It was only a few months ago that professiona...

Аватар пользователя schneier
04.11.2020
Determining What Video Conference Participants Are Typing from Watching Shoulder Movements

Accuracy isn’t great, but that it can be done at all is impressive.Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to ...

Аватар пользователя schneier
27.10.2020
Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition

Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names.We’ve long known that redacting is hard in the m...

Аватар пользователя schneier
19.10.2020
Split-Second Phantom Images Fool Autopilots

Researchers are tricking autopilots by inserting split-second images into roadside billboards.Researchers at Israel’s Ben Gurion University of the Negev … previously reve...

Аватар пользователя schneier
13.10.2020
Google Responds to Warrants for “About” Searches

One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal sea...

Аватар пользователя schneier
05.10.2020
On Risk-Based Authentication

Interesting usability study: “More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication“:Abstract: Risk-based Authenticati...

Аватар пользователя schneier
30.09.2020
Negotiating with Ransomware Gangs

Really interesting conversation with someone who negotiates with ransomware gangs:For now, it seems that paying ransomware, while obviously risky and empowering/encouragi...

Страницы

Subscribe to RSS - Блог пользователя - schneier
Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.