Friday Squid Blogging: Far Side Cartoon
The Far Side on squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines <a href="h... https://www.schneier.com/blog/archives/2021/02/friday-squid-blogging-far-side-cartoon.html
The Problem with Treating Data as a Commodity
Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.”
From t... https://www.schneier.com/blog/archives/2021/02/the-problem-with-treating-data-as-a-commodity.html
On Chinese-Owned Technology Platforms
I am a co-author on a report published by the Hoover Institution: “Chinese Technology Platforms Operating in the United States.” From a ... https://www.schneier.com/blog/archives/2021/02/on-chinese-owned-technology-platforms.html
#nationalsecuritypolicy #Uncategorized #threatmodels #reports #China
Twelve-Year-Old Vulnerability Found in Windows Defender
Researchers found, and Microsoft has patched, a vulnerability in Windows Defender that has been around for twelve years. There is no evidence that anyone has us... https://www.schneier.com/blog/archives/2021/02/twelve-year-old-vulnerability-found-in-windows-defender.html
#vulnerabilities #Uncategorized #Microsoft #patching #malware #Windows
Dependency Confusion: Another Supply-Chain Vulnerability
Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files. F... https://www.schneier.com/blog/archives/2021/02/dependency-confusion-another-supply-chain-vulnerability.html
GPS Vulnerabilities
Really good op-ed in the New York Times about how vulnerable the GPS system is to interference, spoofing, and jammi... https://www.schneier.com/blog/archives/2021/02/gps-vulnerabilities.html
#nationalsecuritypolicy #infrastructure #Uncategorized #cybersecurity #GPS
Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish
From the Monterey Bay Aquarium.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines <a href="htt... https://www.schneier.com/blog/archives/2021/02/friday-squid-blogging-amazing-video-of-a-black-eyed-squid-trying-to-eat-an-owlfish.html
Router Security
This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarm... https://www.schneier.com/blog/archives/2021/02/router-security.html
#InternetofThings #vulnerabilities #Uncategorized #mitigation #hardware #patching #reports #Linux
WEIS 2021 Call for Papers
The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.... https://www.schneier.com/blog/archives/2021/02/weis-2021-call-for-papers.html
Virginia Data Privacy Law
Virginia is about to get a data privacy law, modeled on California’s law.... https://www.schneier.com/blog/archives/2021/02/virginia-data-privacy-law.html
Browser Tracking Using Favicons
Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page nam... https://www.schneier.com/blog/archives/2021/02/browser-tracking-using-favicons.html
Malicious Barcode Scanner App
Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s be... https://www.schneier.com/blog/archives/2021/02/malicious-barcode-scanner-app.html
US Cyber Command Valentine’s Day Cryptography Puzzles
The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.”
Slashdot <a href="https://idle.sla... https://www.schneier.com/blog/archives/2021/02/us-cyber-command-valentines-day-cryptography-puzzles.html
Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke... https://www.schneier.com/blog/archives/2021/02/deliberately-playing-copyrighted-music-to-avoid-being-live-streamed.html
On Vulnerability-Adjacent Vulnerabilities
At the virtual Engima Conference, Google’s Project Zero’s Maggie Stone gave a talk about z... https://www.schneier.com/blog/archives/2021/02/on-vulnerability-adjacent-vulnerabilities.html
Chinese Supply-Chain Attack on Computer Systems
Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US governm... https://www.schneier.com/blog/archives/2021/02/chinese-supply-chain-attack-on-computer-systems.html
#nationalsecuritypolicy #InternetofThings #Uncategorized #cybersecurity #intelligence #reports
Friday Squid Blogging: Flying Squid
How squid fly.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting gui... https://www.schneier.com/blog/archives/2021/02/friday-squid-blogging-flying-squid.html
Medieval Security Techniques
Sonja Drummer describes (with photographs) two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular patte... https://www.schneier.com/blog/archives/2021/02/medieval-security-techniques.html
Attack against Florida Water Treatment Facility
A water treatment plant in Oldsmar, Florida, was attacked ... https://www.schneier.com/blog/archives/2021/02/attack-against-florida-water-treatment-facility.html
#physicalsecurity #infrastructure #Uncategorized #cybersecurity
Ransomware Profitability
Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.... https://www.schneier.com/blog/archives/2021/02/ransomware-profitability.html
Automated toots from the Schneier on Security RSS feed. This account is not affiliated with Bruce Schneier.