Collaborate Disseminate
Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company… Continue reading Securing the International IoT Supply Chain
Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of th… Continue reading Securing the International IoT Supply Chain
Zoom was doing so well…. And now we have this: Corporate clients will get access to Zoom’s end-to-end encryption service now being developed, but Yuan said free users won’t enjoy that level of privacy, which makes it impossible for third parties to d… Continue reading Zoom’s Commitment to User Security Depends on Whether you Pay It or Not
Zoom was doing so well…. And now we have this: Corporate clients will get access to Zoom’s end-to-end encryption service now being developed, but Yuan said free users won’t enjoy that level of privacy, which makes it impossible for third parties to decipher communications. "Free users for sure we don’t want to give that because we also want to work… Continue reading Zoom’s Commitment to User Security Depends on Whether you Pay It or Not
The world is racing to contain the new COVID-19 virus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and other… Continue reading Security of Health Information
The world is racing to contain the new COVID-19 virus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and other public-health agencies are gathering information to learn how and where the virus is spreading. To do so, they are… Continue reading Security of Health Information
This is crazy (and dangerous). West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain — presumably because they have no idea what the security issues with voting actually are…. Continue reading West Virginia Using Internet Voting
The international digital human rights organization Access Now (I am on the board) is looking to hire a Chief Security Officer. I believe that, somewhere, there is a highly qualified security person who has had enough of corporate life and wants instead to make a difference in the world. If that’s you, please consider applying…. Continue reading Access Now Is Looking for a Chief Security Officer
Last month, the White House released the "National Cyber Strategy of the United States of America. I generally don’t have much to say about these sorts of documents. They’re filled with broad generalities. Who can argue with: Defend the homeland by protecting networks, systems, functions, and data; Promote American prosperity by nurturing a secure, thriving digital economy and fostering strong… Continue reading The US National Cyber Strategy
Troy Hunt makes some good points, with good examples…. Continue reading Public Shaming of Companies for Bad Security