Блог пользователя - schneier

Аватар пользователя schneier
Documented Death from a Ransomware Attack

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city.I think this is the first documented ca...

Аватар пользователя schneier
Interesting Attack on the EMV Smartcard Payment Standard

It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the required ...

Аватар пользователя schneier
The Third Edition of Ross Anderson’s Security Engineering

Ross Anderson’s fantastic textbook, Security Engineering, will have a third edition. The book won’t be published until December, but Ross has been making drafts of the ch...

Аватар пользователя schneier
Insider Attack on the Carnegie Library

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught.It's a perennial problem: trus...

Аватар пользователя schneier

DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and the...

Аватар пользователя schneier
Copying a Key by Listening to It in Action

Researchers are using recordings of keys being used in locks to create copies.Once they have a key-insertion audio file, SpiKey's inference software gets to work filterin...

Аватар пользователя schneier
Smart Lock Vulnerability

Yet another Internet-connected door lock is insecure:Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and ve...

Аватар пользователя schneier
BlackBerry Phone Cracked

Australia is reporting that a BlackBerry device has been cracked after five years:An encrypted BlackBerry device that was cracked five years after it was first seized by ...

Аватар пользователя schneier
Images in Eye Reflections

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye, and using that information to establish a location.Reminds me of the image enhancemen...

Аватар пользователя schneier
On the Twitter Hack

Twitter was hacked this week. Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in cre...

Аватар пользователя schneier
Enigma Machine for Sale

A four-rotor Enigma machine -- with rotors -- is up for auction.

Аватар пользователя schneier
Half a Million IoT Passwords Leaked

It is amazing that this sort of thing can still happen:...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hack...

Аватар пользователя schneier
The Security Value of Inefficiency

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing.Running just at the margins is efficient. A si...

Аватар пользователя schneier
COVID-19 Risks of Flying

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer...

Аватар пользователя schneier
Bank Card "Master Key" Stolen

South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards.The brea...

Аватар пользователя schneier
Another Intel Speculative Execution Vulnerability

Remember Spectre and Meltdown? Back in early 2018, I wrote:Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data....

Аватар пользователя schneier
Zoom's Commitment to User Security Depends on Whether you Pay It or Not

Zoom was doing so well.... And now we have this:Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users wo...

Аватар пользователя schneier
Websites Conducting Port Scans

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors.Looking at the list of ports they are sc...

Аватар пользователя schneier
Bart Gellman on Snowden

Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a coupl...

Аватар пользователя schneier
Attack Against PC Thunderbolt Port

The attack requires physical access to the computer, but it's pretty devastating:On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can b...


Subscribe to RSS - Блог пользователя - schneier
Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.