705 posts tagged with Security.
Displaying 1 through 50 of 705. Subscribe:

How the Grinch Stole IoT

How the Grinch Stole IoT — Level 3 Threat Research Labs reports on the Mirai malware, which has spawned numerous botnets, including the one responsible for the distributed denial-of-service attack that took down the popular KrebsOnSecurity blog (previously).
posted by tonycpsu on Oct 18, 2016 - 22 comments

Attacks continued to become more frequent, persistent, and complex

Who is trying to see what it would take to shatter the internet's backbone? "Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services... [T]his is happening. And people should know. " (SLSchneier)
Other Schneier on the blue in the past.
posted by doctornemo on Sep 15, 2016 - 68 comments

iPhone security hack

A truly horrendous zero-day exploit has been revealed which targets the iPhone. Apple has issued an emergency update to correct it and advises all iPhone users to update immediately. The latest OS version, and only safe one, is 9.3.5. (More coverage)
posted by Chocolate Pickle on Aug 25, 2016 - 138 comments

4, or Security

The South Bank Show, 1982, Peter Gabriel documents the recording of his fourth album. [49m] [more inside]
posted by hippybear on Aug 23, 2016 - 18 comments

The Terrifying, Already Forgotten JFK Airport Shooting That Wasn’t

"When the first stampede began, my plane had just landed" - NY Magazine features a personal experience with Sunday's false reports of a shooting at JFK airport in New York City. "Horrifying" video of the police response, which is being investigated.
posted by AFABulous on Aug 16, 2016 - 124 comments

The People's Car Gets PWNed

On the heels of reports of Volkswagen, Audi and Porsche models being outfitted with firmware designed to fool environmental emissions tests, there now comes news that a vulnerability in keyless entry mechanisms of 100 million VWs made within the last 21 years can permit the cars to be unlocked by intruders carrying an Arduino kit.
posted by Smart Dalek on Aug 11, 2016 - 42 comments

How to crack passwords; how to set passwords

Mike pound explains how to crack passwords to Computerphile. And, on the basis of this he suggests how to choose them. (yes he has read XKCD on the matter). Bonus file on how (not) to store passwords.
posted by rongorongo on Jul 21, 2016 - 108 comments

Let's play Global Thermonuclear War: lasting impacts of WarGames

If, after the media dubbed Ronald Reagan's Strategic Defense Initiative (YT video, Wikipedia) as "Star Wars" (transcript) in 1983, you might quesiton his concerns triggered from another movie mere months later. But after watching WarGames, he was informed that "the problem is much worse than you think." WarGames was that accurate thanks in part to input in the script from an engineer named Willis Ware, who had concerns about network security (PDF) for decades before the movie. Reagan's fears lead to the first cybersecurity directive from any U.S. President and the first concerns about the NSA's potential role in "data base oversight" (Google books preview), as well as an attempt to regulate teenagers and teenaged technology (Gbp) that impacts US internet use to this day. And then there was the USSR computer program that nearly triggered WWIII. What a year. [more inside]
posted by filthy light thief on Jul 13, 2016 - 20 comments

So do the bad people, Frank. So do the bad people.

The U.S. Office of the Director of National Intelligence has some travel tips for you, citizen. (SLYT) [more inside]
posted by OverlappingElvis on Jun 29, 2016 - 36 comments

ioerror may have errored

On June 4th it was announced that Jacob Appelbaum(previously) has stepped down from his role as an employee of the TOR foundation while they investigate charges of inappropriate behavior. The TOR project (previously) anonymizes Internet traffic and is seen as a key tool for dissidents and others who wish to avoid surveillance while using the Internet. Appelbaum has been a key contributor and passionate public advocate for TOR. It is not clear what impact his departure will have on the future of the project.
posted by humanfont on Jun 7, 2016 - 139 comments

“With Dropbox Infinite, we’re going deeper: into the kernel—”

Dropbox Wants More Access to Your Computer, and People Are Freaking Out [Motherboard] [Vice] On Tuesday, Dropbox published more details about upcoming changes to the company's desktop client that will allow users to access all of the content in their account as if it is stored on their own machine, no matter how small the hard-disk on their computer. In other words, you can browse through your own file system and have direct access to your cloud storage, without having to go and open a web browser nor worry about filling up your hard-drive. Sounds great, but experts and critics have quickly pointed out that Dropbox Infinite, as the technology is called, may open up your computer to more serious vulnerabilities, because it works in a particularly sensitive part of the operating system.
posted by Fizz on May 26, 2016 - 57 comments

STOP! Using the Internet!

Why a staggering number of Americans have stopped using the Internet the way they used to Nearly one in two Internet users say privacy and security concerns have now stopped them from doing basic things online — such as posting to social networks, expressing opinions in forums or even buying things from websites, according to a new government survey released Friday. This chilling effect, pulled out of a survey of 41,000 U.S. households who use the Internet, show the insecurity of the Web is beginning to have consequences that stretch beyond the direct fall-out of an individual losing personal data in breach. The research suggests some consumers are reaching a tipping point where they feel they can no longer trust using the Internet for everyday activities.
posted by robbyrobs on May 14, 2016 - 74 comments

A People's History of the Cultural Revolution, 1962–1976

A New Look At China's Cultural Revolution - "Historian Frank Dikötter says newly opened archives offer fresh details about the chaos China experienced in the 1960s, when Chairman Mao urged students to take to the streets." [more inside]
posted by kliuless on May 9, 2016 - 19 comments

The Great Firewall of China has blocked The Economist

After leading with a cover story criticizing Xi Jinping (otoh) The Economist has been censored in China; Time too and now Medium. [more inside]
posted by kliuless on Apr 20, 2016 - 24 comments

Gone in Six Characters

Gone in Six Characters: Short URLs Considered Harmful for Cloud Services [abstract] [pdf] [more inside]
posted by Elementary Penguin on Apr 13, 2016 - 35 comments


How an internet mapping glitch turned a random Kansas farm into a digital hell: For the last decade, [Joyce] Taylor and her renters have been visited by all kinds of mysterious trouble. They’ve been accused of being identity thieves, spammers, scammers and fraudsters. They’ve gotten visited by FBI agents, federal marshals, IRS collectors, ambulances searching for suicidal veterans, and police officers searching for runaway children. They’ve found people scrounging around in their barn. The renters have been doxxed, their names and addresses posted on the internet by vigilantes. Once, someone left a broken toilet in the driveway as a strange, indefinite threat. All in all, the residents of the Taylor property have been treated like criminals for a decade. And until I called them this week, they had no idea why.
posted by Cash4Lead on Apr 10, 2016 - 143 comments

Tech and Privacy Experts Erupt Over Leaked Encryption Bill

A draft of a highly anticipated Senate encryption bill was leaked to The Hill late on Thursday night, sparking a swift backlash from technology and privacy groups even before the legislation has been introduced. [more inside]
posted by Bella Donna on Apr 8, 2016 - 108 comments

They have asked us to build a backdoor to the iPhone

Investigations into the San Bernardino attack by the FBI have been potentially impeded by information locked in an iPhone 5c found on one of the perpetrators. A federal court judge has ordered Apple to assist the FBI in defeating any and all security measures built into the device. In a turn similar to Ladar Levison's letter to Lavabit users (previously), Apple has written a letter to end users about the civil rights at stake.
posted by a lungful of dragon on Feb 17, 2016 - 533 comments

Snack Check

Last year Regal Cinema started checking bags and backpacks in their theaters. [more inside]
posted by kittensofthenight on Feb 12, 2016 - 195 comments

Speak up, Stay Safe(r)

Feminist Frequency (the website created by pop culture critic and Gamergate scourge Anita Sarkeesian) has published a guide for protecting yourself against harassment in digital spaces.
posted by selfnoise on Dec 10, 2015 - 13 comments

vers le bas avec Tor!

The French government mulls laws to block Tor and public WiFi. Is this what happens when police ask Santa for presents ("liste au Père Noël", according to Le Monde)?. (via)
posted by doctornemo on Dec 7, 2015 - 30 comments

built on sand

When workers first arrived on the lot that Monday morning, they got a message through a security guard or a colleague or a handwritten sign taped up to the wall: Don’t turn on your computer. Later, someone might pop in and deliver the latest directive fourth-hand: “Unplug your computer from the wall.“ Which plug? The network cable? The power cord? Who knows? Just unplug everything. Says one worker: “It was all the hysteria of not knowing.” --One year later, what it was like to work at Sony when all their internal systems got hacked.
posted by Potomac Avenue on Nov 24, 2015 - 16 comments

Eleanor Saitta calls for secure decentralized collaboration tools

"Given that we still have so far to go, why am I telling people they should stop writing secure messaging tools? Because we have too many other tools we also need." Decentralized collaboration is how programmers work on software projects; it's also a good model for nonprofits, NGOs, and distributed teams of all kinds, especially ones which operate in risky environments or have powerful adversaries, according to this essay by Eleanor Saitta, a security consultant, systems thinker, and activist. She lists a number of system properties such teams need (decentralization, offline-friendliness, end-to-end encryption, etc) and two dozen ideas for needed tools: mind mapping, wiki, map-based storytelling, work assignment and tracking, reference management, and so on. [more inside]
posted by mbrock on Nov 23, 2015 - 21 comments

I started this business because my mom was too lazy to roll dice

Mira is a sixth grade student in NYC. In this century's answer to a lemonade stand, she started a business hand-crafting memorable, nearly unbreakable passwords.
posted by Mchelly on Oct 28, 2015 - 69 comments

Obviously the best thing to do is put a chip in it

Internet of Shit. Laugh now, while you can still buy a toaster that doesn't have Linux on it. The Internet of Things previously: 1, 2
posted by jklaiho on Oct 27, 2015 - 87 comments

In Case You Aren't Paranoid Enough About Social Media & Privacy

"One broader implication of this is that no one should take the NSA seriously when they say they are only collecting “metadata” on whom someone contacts, rather than the content of the communication. Social network metadata is incredibly powerful." How to tell whether a Twitter user is pro-choice or pro-life without reading any of their tweets
posted by COD on Oct 9, 2015 - 47 comments

Why you might want to shred your boarding pass after flying

If you leave your boarding pass in the seat-pocket in front of you after your flight has landed, someone else could upload it to this site, and you might be surprised at how much they could find out about you.
posted by John Cohen on Oct 8, 2015 - 39 comments

CJEU Strikes Down Safe Harbour Data Sharing

Europe's top court, the Court of Justice of the European Union (CJEU), has struck down the 15-year-old Safe Harbour agreement that allowed the free flow of information between the US and EU.
posted by XtinaS on Oct 6, 2015 - 22 comments

On what street did you lose your childlike sense of wonder?

Nihilistic password security questions
posted by gwint on Oct 5, 2015 - 96 comments

Unlockdown Nation

Why are little kids in Japan so independent? - 'If we had a nonviolent society, kids could walk around on their own, unafraid, like they do in Japan'. (via)
posted by kliuless on Oct 3, 2015 - 83 comments

/ -----///----​///----///----///----​///----///----///​----/// -----/

The Tangled History of Barbed Wire by Robert Zaretsky [Boston Globe]
“Like inventors from Joseph Guillotin to Alfred Nobel, whose creations escaped their original purpose and were yoked to evil ends, Joseph Glidden would have been shocked at what became of his. In 1874, the Illinois farmer and New Hampshire native, fastening sharpened metal knots along thick threads of steel, created barbed wire. Thanks to its high resilience and low cost, the rapid installation of the coils and lasting dissuasion of the barbs, the wire transformed the American West. Ranchers could protect their cattle against predators, both wild and human, as they pushed the frontier ever further west. The wire itself came to be called 'devil’s rope.'”
Previously. Previously. Previously.
posted by Fizz on Sep 26, 2015 - 13 comments

Of course I'd like to sit around and chat... but someone's listening in

Fresh from The Intercept (that fearless vanguard of journalism helmed by Glenn Greenwald and Laura Poitras): disturbing documents exposing the unfathomable reach of the United Kingdom's GCHQ in its quest for total awareness of global internet traffic. A hundred billion user actions logged per day. A "Black Hole" database of 1.1 trillion logs. Frightening programs like KARMA POLICE, MEMORY HOLE, and MUTANT BROTH that correlate the kilo-crore corpus -- IP addresses, cookies, forum posts, search histories, emails, and passwords all compiled and cross-referenced into a real-time "diary" that gives penetrating insight into the relationships, beliefs, and desires of every web user on the planet. Internal documents suggest only widespread encryption can threaten the regime -- a movement the UK is determined to subdue (previously). [more inside]
posted by Rhaomi on Sep 26, 2015 - 105 comments

About that password ...

Utility for testing (and cracking) "Is your password secure? We’ve all heard a lot of advice about what sorts of passwords you should never pick – and there are various tools that claim to assess the security of your password online. However, these can only be dubiously accurate. The only way to really test the security of your passwords is to try to break them. FUD and previously [more inside]
posted by key_of_z on Sep 24, 2015 - 23 comments

click click, clickclick click

How the way you type can shatter anonymity—even on Tor [more inside]
posted by the man of twists and turns on Sep 6, 2015 - 64 comments

Love, Hate, Security, and the Writer

"This was also the tour that I was jumped by a disgruntled fan in the ladies room. A rather tall woman, she may have not been over six feet tall, but only seemed that tall after she slammed me up against the wall, and forced me in a corner (people often seem taller when they’re threatening you). She was angry about the new book, angry about Anita having sex with someone that wasn’t Richard, and angry with me for adding new men to her life, and basically not happy with the way my series had turned in book ten, Narcissus in Chains." Laurell K. Hamilton on book tour woes.
posted by Shmuel510 on Aug 28, 2015 - 24 comments

A QA Engineer walks into a B͏̴͡͡Ą̛Ŗ̴

The Big List of Naughty Strings is a Github repository containing a long list of hypothetical user inputs that can potentially wreck havoc on a computer program, including SQL Injection, malformed and evil HTML, stupid Unicode gimmicks, or innocuous phrases that look like profanity.
posted by schmod on Aug 21, 2015 - 27 comments


Following up on their promise last month to release the data they hacked from Ashley Madison (the online infidelity-enablement site) hackers have released a ship-load personal information on ASM users. The hackers claim it is more of an attack on the shady business practices of the corporation than the users. (Though in contrast to other hacks, it looks like ASM managed to do a better job of storing passwords semi-securely). But certainly a lot of people's private issues are now public, including 10,000 folks with government emails, and many writers are warning: "Don't be smug, this is only the beginning. And Wired has some useful advice on checking out if you or a loved one is among the hacked data: Don't.
posted by Potomac Avenue on Aug 19, 2015 - 396 comments

Blackhat 2015 Keynote

End of the Internet Dream? - by Jennifer Granick This field should be in the lead in evolving a race, class, age, and religiously open society, but it hasn’t been. We could conscientiously try to do this better. We could, and in my opinion should, commit to cultivating talent in unconventional places.

Today, the physical design and the business models that fund the communications networks we use have changed in ways that facilitate rather than defeat censorship and control.
posted by CrystalDave on Aug 18, 2015 - 49 comments

Oracle's CSO praises Free Software

Oracle's CSO wrote a (now deleted) blog post arguing against reverse engineering in which she mocked security researchers, compared them to cheating spouses, accused them of wasting her time, discounted bug-bounty programs, refused to credit vulnerability reporters, and promoted her sister's murder-mystery books. The reaction from the security community was unanimously opposed (1, 2, 3, ...) and some are looking on the lighter side by writing Oracle Fan Fiction.
posted by autopilot on Aug 11, 2015 - 50 comments

The Typewriters That Came In From The Cold

In 1983, the US got a tip-off that the Soviets had designed a new breed of hard-to-find bug, capable of relaying information from office equipment. The Moscow Embassy had more than ten tons of gear, all of which was immediately suspect. It had to be fixed, and now. Problem one: how do you replace it all? Problem two: how do you get the old stuff back? Problem three: what on earth were they looking for? What they found surprised them! A tale of bureaucracy, secrecy, narrow corridors and IBM Selectrics that weren't quite what they seemed. (SL NSA PDF)
posted by Devonian on Aug 5, 2015 - 35 comments

Hackers Remotely Control Jeep Cherokee

Security researchers Charlie Miller (@0xcharlie) and Christopher Valasek (@nudehaberdasher) have found an exploit for Chrysler's Uconnect infotainment system allowing for remote control of many vehicle functions including climate control, audio, braking, and under certain conditions, steering. They plan to release details during a talk at next month's DEFCON 23 hacking conference. Chrysler has already issued a patch for the vulnerability, but it requires a manual update.
posted by Small Dollar on Jul 21, 2015 - 133 comments

Adobe Flash (1996-2015? 2016? SOON?)

Have you kept up with your Flash patches (TWO more major vulnerabilities found in the last week), or is is time to disable it in your browsers or just uninstall it completely? (Uninstall in Windows | Uninstall in Mac) A few hours ago, Mozilla started blocking Flash by default in Firefox. Facebook's new chief security officer wants to set a date to kill Flash. And YouTube gave up on it ages ago, so you don't need Flash to see cute videos.
posted by maudlin on Jul 13, 2015 - 134 comments

ida-cracked-files-sostituire agli originali.rar

Italian surveillence software vendor Hacking Team were hacked, with 400GB of data dumped. According to leaked invoices, Hacking Team sold offensive software to countries including South Korea, Sudan, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia, Ethiopia, Egypt, and Luxemburg. There are initial indications that Hacking Team had pretty poor operation security, for example, using the password Ht2015!. [more inside]
posted by These Premises Are Alarmed on Jul 6, 2015 - 44 comments


Mozilla is moving to deprecate support of HTTP:

After a robust discussion on our community mailing list, Mozilla is committing to focus new development efforts on the secure web, and start removing capabilities from the non-secure web. There are two broad elements of this plan:
* Setting a date after which all new features will be available only to secure websites
* Gradually phasing out access to browser features for non-secure websites, especially features that pose risks to users’ security and privacy.

posted by Chrysostom on May 1, 2015 - 84 comments

A new wrinkle in "A Wrinkle in Time"

A previously unknown 3-page passage, cut from "A Wrinkle in Time", has been found by Madeline L'Engle's granddaughter, and published by the Wall Street Journal. It provides strong insight into the political thought regarding conformity and security in the book.
“I’ve come to the conclusion,” Mr. Murry said slowly, "that it’s the greatest evil there is. Suppose your great great grandmother, and all those like her, had worried about security? They’d never have gone across the land in flimsy covered wagons. Our country has been greatest when it has been most insecure. This sick longing for security is a dangerous thing, Meg, as insidious as the strontium 90 from our nuclear explosions . . .”
posted by nubs on Apr 17, 2015 - 35 comments

Dealing with the digital afterlife of a hacker

Dealing with the digital afterlife of a hacker It’s been three months since Michael died, and Beth has only been able to access and understand a sliver of what he left behind in the digital world. Kalat, who has been working closely with Beth to access Michael’s data, says this ought to be a wake up call to everyone who spends a significant amount of their life online—not just hackers.
posted by CrystalDave on Mar 23, 2015 - 27 comments

"https://https..." is not from Department of Redundancy Department

Don't want some random hacker looking over your shoulder when you surf U.S. federal government websites? You may be in luck!

Today the White House announced a proposal — https://https.cio.gov/ — to make all public-facing U.S. government websites use HTTPS across the board within two years. Want to give your two cents on the idea? Forget writing a letter, make a pull request! [more inside]
posted by metaquarry on Mar 17, 2015 - 36 comments

Roads? Where We're Going, We Don't Need Roads.

The Obama administration is investigating allegations that two senior Secret Service agents, including a top member of the president’s protective detail, drove a government car into White House security barricades after drinking at a late-night party last week, an agency official said Wednesday.
House Oversight Committee Chairman Jason Chaffetz told CNN that his initial understanding is that the two agents were "partying in Georgetown" when they responded to an incident at the White House. Mr. Chaffetz added: “It’s never good to be drunk at work, especially if you are in the Secret Service.”
posted by Going To Maine on Mar 11, 2015 - 47 comments

10 of the Safest Major Cities Around the World

For the Safe Cities Index 2015, the Economist Intelligence Unit (EIU) ranked 50 of the world's biggest cities on:

Digital security: Identity theft, online privacy
Health security: Environment, air and water quality
Infrastructure safety: Buildings, roads, bridges
Personal safety: Crime, violence

Lifehacker looks at the results. [more inside]
posted by ellieBOA on Mar 11, 2015 - 35 comments

That last line sounds kind of familiar

Here's what happens when you install the top ten download.com apps.
posted by DoctorFedora on Jan 13, 2015 - 123 comments

Page: 1 2 3 4 5 6 7 8 ... 15