Collaborate Disseminate
Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the available evidence so far shou… Continue reading On Cybersecurity Insurance
Stuart Schechter writes about the security risks of using a password manager. It’s a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords on my computer — not… Continue reading Risks of Password Managers
Really interesting first-hand experience from Maciej CegÅ‚owski…. Continue reading Lessons Learned Trying to Secure Congressional Campaigns
This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker. But the fields are closely related and there are a lot of lessons for IoT security — and the security of complex socio-technical systems in general — in here. EDITED… Continue reading Excellent Analysis of the Boeing 737 Max Software Problems
According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to da… Continue reading Report: Concerted Global Cyber Attack Could Disrupt Global Economy
Good essay on the security risks — to democratic discourse — of chatbots…. Continue reading Security Risks of Chatbots
The international digital human rights organization Access Now (I am on the board) is looking to hire a Chief Security Officer. I believe that, somewhere, there is a highly qualified security person who has had enough of corporate life and wants instead to make a difference in the world. If that’s you, please consider applying…. Continue reading Access Now Is Looking for a Chief Security Officer
This is well-worth reading (non-paywalled version). Here’s the opening: Cryptocurrencies, although a seemingly interesting idea, are simply not fit for purpose. They do not work as currencies, they are grossly inefficient, and they are not meaningfully distributed in terms of trust. Risks involving cryptocurrencies occur in four major areas: technical risks to participants, economic risks to participants, systemic risks to… Continue reading Nicholas Weaver on Cryptocurrencies
This summer, my family and I visited a few Arizona ghost towns, and the experience made me wonder what it might have been like to travel across the Old West with all your possessions in tow. What would it feel like to ride through m… Continue reading Survey: Only Four Percent of U.S. Adults are Concerned about Cybersecurity during Summer Vacation
A good warning, delivered in classic Dan Geer style….
The post Dan Geer on the Dangers of Computer-Only Systems appeared first on Security Boulevard.
Continue reading Dan Geer on the Dangers of Computer-Only Systems