Collaborate Disseminate
Apple is bowing to pressure from the Chinese government and storing encryption keys in China. While I would prefer it if it would take a stand against China, I really can’t blame it for putting its business model ahead of its desires for customer privacy. Two more articles…. Continue reading Apple to Store Encryption Keys in China
On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessor… Continue reading The Effects of the Spectre and Meltdown Vulnerabilities
On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors’ manufacturers, and patched — at least to the extent possible. This news isn’t really any different from the usual endless stream of security vulnerabilities and patches,… Continue reading The Effects of the Spectre and Meltdown Vulnerabilities
Deputy Attorney General Rosenstein has given talks where he proposes that tech companies decrease their communications and device security for the benefit of the FBI. In a recent talk, his idea is that tech companies just save a copy of the plaintext: Law enforcement can also partner with private industry to address a problem we call "Going Dark." Technology increasingly… Continue reading Yet Another FBI Proposal for Insecure Communications
Deputy Attorney General Rosenstein has given talks where he proposes that tech companies decrease their communications and device security for the benefit of the FBI. In a recent talk, his idea is that tech companies just save a copy of the plaintext: … Continue reading Yet Another FBI Proposal for Insecure Communications
The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution — which of course is not a solution — is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the microprocessors at the heart of the world’s… Continue reading Spectre and Meltdown Attacks Against Microprocessors
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers wher… Continue reading Spectre and Meltdown Attacks
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud… Continue reading Spectre and Meltdown Attacks
Amazon has a cloud for US classified data. The physical and computer requirements for handling classified information are considerable, both in terms of technology and procedure. I am surprised that a company with no experience dealing with classified data was able to do it…. Continue reading Amazon Creates Classified US Cloud
The large accountancy firm Deloitte was hacked, losing client e-mails and files. The hackers had access inside the company’s networks for months. Deloitte is doing its best to downplay the severity of this hack, but Bran Krebs reports that the hack "involves the compromise of all administrator accounts at the company as well as Deloitte’s entire internal email system." So… Continue reading Deloitte Hacked