Bruce Schneier | |||||||||||||||
Schneier on SecurityA blog covering security and security technology. Me at TEDOkay, it's not TED. It's one of the independent regional TED events: TEDxPSU. My talk was "Reconceptualizing Security," a condensation of the hour-long talk into 18 minutes. Posted on October 29, 2010 at 2:31 PM • 2 Comments The Militarization of the InternetGood blog post. Posted on October 29, 2010 at 6:48 AM • 15 Comments New Orleans Scrapping Surveillance CamerasThey're not worth it: In seven years, New Orleans' crime camera program has yielded six indictments: three for crimes caught on video and three for bribes and kickbacks a vendor is accused of paying a former city official to sell the cameras to City Hall. Posted on October 28, 2010 at 6:09 AM • 27 Comments FBI Bugging Embassies in 1940Old -- but recently released -- document discussing the bugging of the Russian embassy in 1940. The document also mentions bugging the embassies of France, Germany, Italy, and Japan. Posted on October 27, 2010 at 3:24 PM • 25 Comments FiresheepFiresheep is a new Firefox plugin that makes it easy for you to hijack other people's social network connections. Basically, Facebook authenticates clients with cookies. If someone is using a public WiFi connection, the cookies are sniffable. Firesheep uses wincap to capture and display the authentication information for accounts it sees, allowing you to hijack the connection. Slides from the Toorcon talk. Protect yourself by forcing the authentication to happen over TLS. Or stop logging in to Facebook from public networks. EDITED TO ADD (10/27): TO protect against this attack, you have to encrypt the entire session -- not just the initial authentication. Posted on October 27, 2010 at 7:53 AM • 58 Comments Seymour Hersh on CyberwarExcellent article from The New Yorker. Posted on October 26, 2010 at 6:40 AM • 43 Comments Declassified NSA DocumentsIt's a long list. These items are not online; they're at the National Archives and Records Administration in College Park, MD. You can either ask for copies by mail under FOIA (at a 75 cents per page) or come in in person. There, you can read and scan them for free, or photocopy them for about 20 cents a page. Posted on October 25, 2010 at 6:21 AM • 43 Comments Friday Squid Blogging: Steganography in the Longfin Inshore SquidWhile the notion that a few animals produce polarization signals and use them in communication is not new, Mäthger and Hanlon’s findings present the first anatomical evidence for a “hidden communication channel” that can remain masked by typical camouflage patterns. Their results suggest that it might be possible for squid to send concealed polarized signals to one another while staying camouflaged to fish or mammalian predators, most of which do not have polarization vision. Posted on October 22, 2010 at 4:31 PM • 12 Comments Video Interview with Me from RSA EuropeI was interviewed last week at RSA Europe. Posted on October 22, 2010 at 2:29 PM • 0 Comments FaceTime for Mac Security HoleOnce a user has logged into FaceTime, anyone with access to the machine can change the user's Apple ID password without knowing the old password. Of course, it's just as easy to change it back, if the victim notices. Posted on October 22, 2010 at 5:45 AM • 15 Comments Electronic Car Lock Denial-of-Service AttackInspector Richard Haycock told local newspapers that the possible use of the car lock jammers would help explain a recent spate of thefts from vehicles that have occurred without leaving any signs of forced entry. I thought car door locks weren't much of a deterrent to a professional car thief. EDITED TO ADD (10/22): The thieves are not stealing cars, they're stealing things left inside the cars. Posted on October 21, 2010 at 2:07 PM • 47 Comments Workshop on the Economics of Information SecurityI am the program chair for WEIS 2011, which is to be held next June in Washington, DC. Submissions are due at the end of February. Please forward and repost the call for papers. Posted on October 20, 2010 at 7:11 PM • 7 Comments
Powered by Movable Type. Photo at top by Geoffrey Stone.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT. |
|