Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Feed Schneier: New Book: Carry On (schneier.com)

I have a new book. It's Carry On: Sound Advice from Schneier on Security, and it's my second collection of essays. This book covers my writings from March 2008 to June 2013. (My first collection of essays, Schneier on Security, covered my writings from April 2002 to February 2008.) There's nothing in this book that hasn't been published before, and...

Feed Schneier: Telepathwords: A New Password Strength Estimator (schneier.com)

Telepathwords is a pretty clever research project that tries to evaluate password strength. It's different from normal strength meters, and I think better. Telepathwords tries to predict the next character of your passwords by using knowledge of: common passwords, such as those made public as a result of security breaches common phrases, such as those that appear frequently on web...

Feed Schneier: Heartwave Biometric (schneier.com)

Here's a new biometric I know nothing about: The wristband relies on authenticating identity by matching the overall shape of the user's heartwave (captured via an electrocardiogram sensor). Unlike other biotech authentication methods -- like fingerprint scanning and iris-/facial-recognition tech -- the system doesn't require the user to authenticate every time they want to unlock something. Because it's a wearable...

Feed Schneier: The Problem with EULAs (schneier.com)

Some apps are being distributed with secret Bitcoin-mining software embedded in them. Coins found are sent back to the app owners, of course. And to make it legal, it's part of the end-user license agreement (EULA): COMPUTER CALCULATIONS, SECURITY: as part of downloading a Mutual Public, your computer may do mathematical calculations for our affiliated networks to confirm transactions and...

Feed Schneier: Evading Airport Security (schneier.com)

The news is reporting about Evan Booth, who builds weaponry out of items you can buy after airport security. It's clever stuff. It's not new, though. People have been explaining how to evade airport security for years. Back in 2006, I -- and others -- explained how to print your own boarding pass and evade the photo-ID check, a trick...

Feed Schneier: Keeping Track of All the Snowden Documents (schneier.com)

As more and more media outlets from all over the world continue to report on the Snowden documents, it's harder and harder to keep track of what has been released. The EFF, ACLU, and Cryptome are all trying. None of them is complete, I believe. Please post additions in the comments, and I will do my best to feed the...

Feed Schneier: The TQP Patent (schneier.com)

One of the things I do is expert witness work in patent litigations. Often, it's defending companies against patent trolls. One of the patents I have worked on for several defendants is owned by a company called TQP Development. The patent owner claims that it covers SSL and RC4, which is does not. The patent owner claims that the patent...

Feed Schneier: How Antivirus Companies Handle State-Sponsored Malware (schneier.com)

Since we learned that the NSA has surreptitiously weakened Internet security so it could more easily eavesdrop, we've been wondering if it's done anything to antivirus products. Given that it engages in offensive cyberattacks -- and launches cyberweapons like Stuxnet and Flame -- it's reasonable to assume that it's asked antivirus companies to ignore its malware. (We know that antivirus...

Feed Schneier: More on Stuxnet (schneier.com)

Ralph Langer has written the definitive analysis of Stuxnet: short, popular version, and long, technical version. Stuxnet is not really one weapon, but two. The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium. But...

Feed Schneier: The FBI Might Do More Domestic Surveillance than the NSA (schneier.com)

This is a long article about the FBI's Data Intercept Technology Unit (DITU), which is basically its own internal NSA. It carries out its own signals intelligence operations and is trying to collect huge amounts of email and Internet data from U.S. companies -- an operation that the NSA once conducted, was reprimanded for, and says it abandoned. [...] The...

Slashdot Top Deals

The cost of feathers has risen, even down is up!

Working...