Collaborate Disseminate
Susan Landau has an excellent essay on why it’s more important than ever to have backdoor-free encryption on our computer and communications systems. Protecting the privacy of speech is crucial for preserving our democracy. We live at a time when tracking an individual — a journalist, a member of the political opposition, a citizen engaged in peaceful protest — or… Continue reading Securing Communications in a Trump Administration
Vice Motherboard has an interesting article about governments using social-media platforms for propaganda and surveillance, and the companies that are supporting this…. Continue reading Government Propaganda on Social Media
PoisonTap is an impressive hacking tool that can compromise computers via the USB port, even when they are password-protected. What’s interesting is the chain of vulnerabilities the tool exploits. No individual vulnerability is a problem, but together they create a big problem. Kamkar’s trick works by chaining together a long, complex series of seemingly innocuous software security oversights that only… Continue reading Hacking Password-Protected Computers via the USB Port
It’s over. The voting went smoothly. As of the time of writing, there are no serious fraud allegations, nor credible evidence that anyone tampered with voting rolls or voting machines. And most important, the results are not in doubt. While we may breathe a collective sigh of relief about that, we can’t ignore the issue until the next election. The… Continue reading Election Security
Interesting research: "Using Artificial Intelligence to Identify State Secrets," by Renato Rocha Souza, Flavio Codeco Coelho, Rohan Shah, and Matthew Connelly. Abstract: Whether officials can be trusted to protect national security information has become a matter of great public controversy, reigniting a long-standing debate about the scope and nature of official secrecy. The declassification of millions of electronic records has… Continue reading Automatically Identifying Government Secrets
Good long article on the 2015 attack against the US Office of Personnel Management…. Continue reading OPM Attack
Interesting interview: Obama: Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls. Increasingly, I find myself looking to medicine and thinking about viruses, antibodies. Part of the reason why cybersecurity continues to be so hard is because the threat is not a bunch of tanks rolling at you but a whole bunch… Continue reading President Obama Talks About AI Risk, Cybersecurity, and More
Former NSA attorneys John DeLong and Susan Hennessay have written a fascinating article describing a particular incident of oversight failure inside the NSA. Technically, the story hinges on a definitional difference between the NSA and the FISA court meaning of the word "archived." (For the record, I would have defaulted to the NSA’s interpretation, which feels more accurate technically.) But… Continue reading Intelligence Oversight and How It Can Fail
On today’s Internet, too much power is concentrated in too few hands. In the early days of the Internet, individuals were empowered. Now governments and corporations hold the balance of power. If we are to leave a better Internet for the next generations, governments need to rebalance Internet power more towards the individual. This means several things. First, less surveillance…. Continue reading Cybersecurity Issues for the Next Administration
Brian Krebs is a popular reporter on the cybersecurity beat. He regularly exposes cybercriminals and their tactics, and consequently is regularly a target of their ire. Last month, he wrote about an online attack-for-hire service that resulted in the arrest of the two proprietors. In the aftermath, his site was taken down by a massive DDoS attack. In many ways,… Continue reading Security Economics of the Internet of Things