Блог пользователя - schneier

Аватар пользователя schneier
Half a Million IoT Passwords Leaked

It is amazing that this sort of thing can still happen:...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hack...

Аватар пользователя schneier
The Security Value of Inefficiency

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing.Running just at the margins is efficient. A si...

Аватар пользователя schneier
COVID-19 Risks of Flying

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer...

Аватар пользователя schneier
Bank Card "Master Key" Stolen

South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards.The brea...

Аватар пользователя schneier
Another Intel Speculative Execution Vulnerability

Remember Spectre and Meltdown? Back in early 2018, I wrote:Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data....

Аватар пользователя schneier
Zoom's Commitment to User Security Depends on Whether you Pay It or Not

Zoom was doing so well.... And now we have this:Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users wo...

Аватар пользователя schneier
Websites Conducting Port Scans

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors.Looking at the list of ports they are sc...

Аватар пользователя schneier
Bart Gellman on Snowden

Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a coupl...

Аватар пользователя schneier
Attack Against PC Thunderbolt Port

The attack requires physical access to the computer, but it's pretty devastating:On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can b...

Аватар пользователя schneier
Malware in Google Apps

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam.At a remote virtual version of its annual Security Analy...

Аватар пользователя schneier
Fooling NLP Systems Through Word Swapping

MIT researchers have built a system that fools natural-language processing systems by swapping words with synonyms:The software, developed by a team at MIT, looks for the...

Аватар пользователя schneier
Vulnerability Finding Using Machine Learning

Microsoft is training a machine-learning system to find software bugs:At Microsoft, 47,000 developers generate nearly 30 thousand bugs a month. These items get stored acr...

Аватар пользователя schneier
Contact Tracing COVID-19 Infections via Smartphone Apps

Google and Apple have announced a joint project to create a privacy-preserving COVID-19 contact tracing app. (Details, such as we have them, are here.) It's similar to th...

Аватар пользователя schneier
Cybersecurity During COVID-19

Three weeks ago (could it possibly be that long already?), I wrote about the increased risks of working remotely during the COVID-19 pandemic.One, employees are working f...

Аватар пользователя schneier
Privacy vs. Surveillance in the Age of COVID-19

The trade-offs are changing:As countries around the world race to contain the pandemic, many are deploying digital surveillance tools as a means to exert social control, ...

Аватар пользователя schneier
Hacking Voice Assistants with Ultrasonic Waves

I previously wrote about hacking voice assistants with lasers. Turns you can do much the same thing with ultrasonic waves:Voice assistants -- the demo targeted Siri, Goog...

Аватар пользователя schneier
TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes:Passengers will now be allowed to travel with containers of liquid hand saniti...

Аватар пользователя schneier
CIA Dirty Laundry Aired

Joshua Schulte, the CIA employee standing trial for leaking the Wikileaks Vault 7 CIA hacking tools, maintains his innocence. And during the trial, a lot of shoddy securi...

Аватар пользователя schneier
Let's Encrypt Vulnerability

The BBC is reporting a vulnerability in the Let's Encrypt certificate service:In a notification email to its clients, the organisation said: "We recently discovered a bug...

Аватар пользователя schneier
Firefox Enables DNS over HTTPS

This is good news:Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is ...


Subscribe to RSS - Блог пользователя - schneier
Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.