Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×

Feed Schneier: China's "Great Cannon"->

Interesting research: "An Analysis of China's 'Great Cannon.'" Abstract: On March 16th, 2015, the Chinese censorship apparatus employed a new tool, the "Great Cannon", to engineer a denial-of-service attack on GreatFire.org, an organization dedicated to resisting China's censorship. We present a technical analysis of the attack and what it reveals about the Great Cannon's working, underscoring that in essence it...
Link to Original Source

Feed Schneier: "The Declining Half-Life of Secrets"->

Several times I've mentioned Peter Swire's concept of "the declining half-life of secrets." He's finally written it up: The nature of secrets is changing. Secrets that would once have survived the 25 or 50 year test of time are more and more prone to leaks. The declining half-life of secrets has implications for the intelligence community and other secretive agencies,...
Link to Original Source

Feed Schneier: Using Samsung's Internet-Enabled Refrigerator for Man-in-the-Middle Attacks->

This is interesting research:: Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim's fridge from next door, or on the road outside and you can potentially steal their Google credentials. The...
Link to Original Source

Feed Schneier: Mickens on Security->

James Mickens, for your amusement. A somewhat random sample: My point is that security people need to get their priorities straight. The "threat model" section of a security paper resembles the script for a telenovela that was written by a paranoid schizophrenic: there are elaborate narratives and grand conspiracy theories, and there are heroes and villains with fantastic (yet oddly...
Link to Original Source

Feed Schneier: German BfV - NSA Cooperation->

The German newspaper Zeit is reporting the BfV, Germany's national intelligence agency, (probably) illegally traded data about Germans to the NSA in exchange for access to XKeyscore. From Ars Technica: Unlike Germany's foreign intelligence service, the Bundesnachrichtendienst (BND), the domestic-oriented BfV does not employ bulk surveillance of the kind also deployed on a vast scale by the NSA and GCHQ....
Link to Original Source

Feed Schneier: Iranian Phishing->

CitizenLab is reporting on Iranian hacking attempts against activists, which include a real-time man-in-the-middle attack against Google's two-factor authentication. This report describes an elaborate phishing campaign against targets in Iran's diaspora, and at least one Western activist. The ongoing attacks attempt to circumvent the extra protections conferred by two-factor authentication in Gmail, and rely heavily on phone-call based phishing and...
Link to Original Source

Feed Schneier: Defending All the Targets Is Impossible->

In the wake of the recent averted mass shooting on the French railroads, officials are realizing that there are just too many potential targets to defend. The sheer number of militant suspects combined with a widening field of potential targets have presented European officials with what they concede is a nearly insurmountable surveillance task. The scale of the challenge, security...
Link to Original Source

Feed Schneier: Regularities in Android Lock Patterns->

Interesting: Marte Løge, a 2015 graduate of the Norwegian University of Science and Technology, recently collected and analyzed almost 4,000 ALPs as part of her master's thesis. She found that a large percentage of them -- 44 percent -- started in the top left-most node of the screen. A full 77 percent of them started in one of the four...
Link to Original Source

Feed Schneier: Movie Plot Threat: Terrorists Attacking US Prisons->

Kansas Senator Pat Roberts wins an award for his movie-plot threat: terrorists attacking the maximum-security federal prison at Ft. Leavenworth: In an Aug. 14 letter to Defense Secretary Ashton B. Carter, Roberts stressed that Kansas in general -- and Leavenworth, in particular -- are not ideal for a domestic detention facility. "Fort Leavenworth is neither the ideal nor right location...
Link to Original Source

Whom computers would destroy, they must first drive mad.

Working...