Items tagged with: schneier

● [Old]● #Schneier ☞ Sony's DRM Rootkit: The Real Story
● NEWS ● #schneier #Privacy #Surveillance ☞ Newly Declassified Study Demonstrates Uselessness of #NSA 's Phone Metadata Program
Bruce #Schneier makes the case for "public interest technologists" https://boingboing.net/2019/10/10/public-interest-at-scale.html "advising lawmakers and policymakers, and by pursuing public interest goals in our technical work."
Bruce Schneier makes the case for "public interest technologists"
"If possible, don't use #Microsoft #Windows . Buy a Macintosh or use Linux. Don't use Microsoft Internet Explorer, period."
- Bruce #Schneier (does he use #gnu #linux already?)

DARPA Is Developing an Open-Source Voting System

Courtesy of #Schneier:
...a new $10 million contract the Defense Department's Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking.

The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with experience in designing secure and verifiable systems. The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA. The voting system will also be designed to create fully verifiable and transparent results so that voters don't have to blindly
... Show more...

Dropgangs, or the future of #darknet markets

Really interesting article on methods for anonymising and compartmentalising (illegal) sales operations, to resist law enforcement identification of any participant. Details of #tradecraft, tech, reputation, distribution, payment systems, dead drops and all sorts of fascinating stuff.
The Internet is full of commercial activity and it should come at no surprise that even illegal commercial activity is widespread as well. In this article we would like to describe the current developments - from where we came, where we are now, and where it might be going - when it comes to technologies used for digital black market activity.
Via #Schneier / #Cryptogram.

... Show more...
#Facebook hired three of their top privacy critics. #Schneier says he knows them and they're good; hopefully they're not being hired to get locked into an NDA.
♲ Bruce Schneier ():
TSB Bank Disaster
This seems like an absolute disaster: The very short version is that a UK bank, TSB, which had been merged into and then many years later was spun out of Lloyds Bank, was bought by the Spanish bank Banco Sabadell in 2015. Lloyds had continued to run the TSB systems and was to transfer them over to Sabadell over the...- - - - - -

#security #banking #tsb #schneier

Bruce #Schneier Facts


#InfoSec #security #funny

Obscure E-Mail Vulnerability

This vulnerability is a result of an interaction between two different ways of handling e-mail addresses. Gmail ignores dots in addresses, so bruce.schneier@gmail.com is the same as bruceschneier@gmail.com is the same as b.r.u.c.e.schneier@gmail.com. (Note: I do not own any of those email addresses -- if they're even valid.) Netflix doesn't ignore dots, so those are all unique e-mail addresses and can each be used to register an account. This difference can be exploited.

I was almost fooled into perpetually paying for Eve's Netflix access, and only paused because I didn't recognize the declined card. More generally, the phishing scam here is:

- Hammer the Netflix signup form until you find a gmail.com address which is "already registered". Let's say you find the victim jameshfisher.
- Create a Netflix account with address james.hfisher.
- Sign up for free trial with a thr
... Show more...
Later posts Earlier posts