Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Schneier: Easily Cracking a Master Combination Lock->

From feed by bsfeed
Impressive. Kamkar told Ars his Master Lock exploit started with a well-known vulnerability that allows Master Lock combinations to be cracked in 100 or fewer tries. He then physically broke open a combination lock and noticed the resistance he observed was caused by two lock parts that touched in a way that revealed important clues about the combination. (He likened...
Link to Original Source

Schneier: Detecting QUANTUMINSERT->

From feed by bsfeed
Fox-IT has a blog post (and has published Snort rules) on how to detect man-on-the-side Internet attacks like the NSA's QUANTUMINSERT. From a Wired article: But hidden within another document leaked by Snowden was a slide that provided a few hints about detecting Quantum Insert attacks, which prompted the Fox-IT researchers to test a method that ultimately proved to be...
Link to Original Source

Schneier: Measuring the Expertise of Burglars->

From feed by bsfeed
New research paper: "New methods for examining expertise in burglars in natural and simulated environments: preliminary findings": Expertise literature in mainstream cognitive psychology is rarely applied to criminal behaviour. Yet, if closely scrutinised, examples of the characteristics of expertise can be identified in many studies examining the cognitive processes of offenders, especially regarding residential burglary. We evaluated two new methodologies...
Link to Original Source

Schneier: Protecting Against Google Phishing in Chrome->

From feed by bsfeed
Google has a new Chrome extension called "Password Alert": To help keep your account safe, today we're launching Password Alert, a free, open-source Chrome extension that protects your Google and Google Apps for Work Accounts. Once you've installed it, Password Alert will show you a warning if you type your Google password into a site that isn't a Google sign-in...
Link to Original Source

Schneier: Shaking Someone Down for His Password->

From feed by bsfeed
A drug dealer claims that the police leaned him over an 18th floor balcony and threatened to kill him if he didn't give up his password. One of the policemen involved corroborates this story. This is what's known as "rubber-hose cryptanalysis," well-described in this xkcd cartoon....
Link to Original Source

Schneier: Nice Essay on Security Snake Oil->

From feed by bsfeed
This is good: Just as "data" is being sold as "intelligence", a lot of security technologies are being sold as "security solutions" rather than what they for the most part are, namely very narrow focused appliances that as a best case can be part of your broader security effort. Too many of these appliances do unfortunately not easily integrate with...
Link to Original Source

Schneier: The Further Democratization of Stingray->

From feed by bsfeed
Stingray is the code name for an IMSI-catcher, which is basically a fake cell phone tower sold by Harris Corporation to various law enforcement agencies. (It's actually just one of a series of devices with fish names -- Amberjack is another -- but it's the name used in the media.) What is basically does is trick nearby cell phones into...
Link to Original Source

Schneier: Friday Squid Blogging: The Unique Reproductive Habits of the Vampire Squid->

From feed by bsfeed
Interesting: While most female squid and octopuses have just one reproductive cycle before they die, vampire squid go through dozens of egg-making cycles in their lifetimes, scientists have found. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....
Link to Original Source

Dynamically binding, you realize the magic. Statically binding, you see only the hierarchy.

Working...