TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the containers may have to be screened separately when going through security…. Continue reading TSA Admits Liquid Ban Is Security Theater

Software Vulnerabilities in the Boeing 787

Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities: At the Black Hat security conference today in Las Vegas, Santamarta, a researcher for security firm IOActive, plans to present his findings, including the details of multiple serious security flaws in the code for a component of the 787 known as a Crew Information Service/Maintenance System. The CIS/MS… Continue reading Software Vulnerabilities in the Boeing 787

Excellent Analysis of the Boeing 737 Max Software Problems

This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker. But the fields are closely related and there are a lot of lessons for IoT security — and the security of complex socio-technical systems in general — in here. EDITED… Continue reading Excellent Analysis of the Boeing 737 Max Software Problems

The Latest in Creepy Spyware

The Nest home alarm system shipped with a secret microphone, which — according to the company — was only an accidental secret: On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The on-device microphone was never intended to be a secret and should have been listed in the tech specs," the spokesperson said. "That was… Continue reading The Latest in Creepy Spyware

Can Everybody Read the US Terrorist Watch List?

After years of claiming that the Terrorist Screening Database is kept secret within the government, we have now learned that the DHS shares it "with more than 1,400 private entities, including hospitals and universities…." Critics say that the watchlist is wildly overbroad and mismanaged, and that large numbers of people wrongly included on the list suffer routine difficulties and indignities… Continue reading Can Everybody Read the US Terrorist Watch List?