Блог пользователя - schneier

Blockchain voting is a spectacularly dumb idea for a whole bunch of reasons. I have generally quoted Matt Blaze:Why is blockchain voting a dumb idea? Glad you asked.For s...

Over at Lawfare: “2020 Is An Election Security Success Story (So Far).”What’s more, the voting itself was remarkably smooth. It was only a few months ago that professiona...

Accuracy isn’t great, but that it can be done at all is impressive.Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to ...

Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names.We’ve long known that redacting is hard in the m...

Researchers are tricking autopilots by inserting split-second images into roadside billboards.Researchers at Israel’s Ben Gurion University of the Negev … previously reve...

One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal sea...

Interesting usability study: “More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication“:Abstract: Risk-based Authenticati...

Really interesting conversation with someone who negotiates with ransomware gangs:For now, it seems that paying ransomware, while obviously risky and empowering/encouragi...

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city.I think this is the first documented ca...

It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the required ...

Ross Anderson’s fantastic textbook, Security Engineering, will have a third edition. The book won’t be published until December, but Ross has been making drafts of the ch...

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught.It's a perennial problem: trus...

DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and the...

Researchers are using recordings of keys being used in locks to create copies.Once they have a key-insertion audio file, SpiKey's inference software gets to work filterin...

Yet another Internet-connected door lock is insecure:Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and ve...

Australia is reporting that a BlackBerry device has been cracked after five years:An encrypted BlackBerry device that was cracked five years after it was first seized by ...

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye, and using that information to establish a location.Reminds me of the image enhancemen...

Twitter was hacked this week. Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in cre...

A four-rotor Enigma machine -- with rotors -- is up for auction.

It is amazing that this sort of thing can still happen:...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hack...