Collaborate Disseminate
The White House has released a new version of the Vulnerabilities Equities Process (VEP). This is the inter-agency process by which the US government decides whether to inform the software vendor of a vulnerability it finds, or keep it secret and use it to eavesdrop on or attack other systems. You can read the new policy or the fact sheet,… Continue reading New White House Announcement on the Vulnerability Equities Process
Testimony and Statement for the Record of Bruce Schneier Fellow and Lecturer, Belfer Center for Science and International Affairs, Harvard Kennedy School Fellow, Berkman Center for Internet and Society at Harvard Law School Hearing on "Securing Consumers’ Credit Data in the Age of Digital Commerce" Before the Subcommittee on Digital Commerce and Consumer Protection Committee on Energy and Commerce United… Continue reading Me on the Equifax Breach
Last week, I testified before the House Energy and Commerce committee on the Equifax hack. You can watch the video here. And you can read my written testimony below. Testimony and Statement for the Record of Bruce Schneier Fellow and Lecturer, Belfer C… Continue reading Me on the Equifax Breach
Last week, I testified before the House Energy and Commerce committee on the Equifax hack. You can watch the video here. And you can read my written testimony below. Testimony and Statement for the Record of Bruce Schneier Fellow and Lecturer, Belfer C… Continue reading Me on the Equifax Breach
Earlier this month, Deputy Attorney General Rod Rosenstein gave a speech warning that a world with encryption is a world without law — or something like that. The EFF’s Kurt Opsahl takes it apart pretty thoroughly. Last week, FBI Director Christopher Wray said much the same thing. This is an idea that will not die…. Continue reading FBI Increases Its Anti-Encryption Rhetoric
Hacking back is a terrible idea that just will not die. Josephine Wolff takes apart the new hacking back bill that was introduced in the House recently….
The post Hacking Back appeared first on Security Boulevard.
Continue reading Hacking Back
Hacking back is a terrible idea that just will not die. Josephine Wolff takes apart the new hacking back bill that was introduced in the House recently…. Continue reading Hacking Back
In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn’t regulate the IoT market. It doesn’t single out any industries for particular attention, or force any companies to do anything. It doesn’t even modify the liability laws for embedded… Continue reading IoT Cybersecurity: What’s Plan B?
In the wake of the Equifax break, I’ve heard calls to replace Social Security numbers. Steve Bellovin explains why this is hard…. Continue reading Replacing Social Security Numbers
New rules give the DHS permission to collect "social media handles, aliases, associated identifiable information, and search results" as part of people’s immigration file. The Federal Register has the details, which seems to also include US citizens that communicate with immigrants. This is part of the general trend to scrutinize people coming into the US more, but it’s hard to… Continue reading Department of Homeland Security to Collect Social Media of Immigrants and Citizens