Archive for the ‘Security’ Category

Secure Your Android Phone


(ZDNet) – Steven J. Vaughan-Nichols:

Malware makers, phishers, they really are all out to get you. Here’s how to stop them in their tracks. …

zdnet secure android-phone

Android locked


Just Add Blockchain


(FTB stderr) – Marcus Ranum:

Back when I was doing road-shows to raise money for the start-up that didn’t happen, several of the venture capitalists we met with said things like, “right now, we’re investing in blockchain.” As far as I am concerned, they could just have easily said “quantum.”

Over here, it seems to be “tactical” is another cool word to add to anything, to make it sound better than it is. Do you want a tactical quantum blockchain, as used by special forces operators?

Briefly: blockchain is an open ledger. That’s it. It’s an open ledger that is maintained with successive checksums to make alteration obvious to anyone who cares to check. When those VCs were saying they were investing in blockchain, they were saying that they were investing in tamper-resistant data – hey, that is a good idea, but it gets filed under “duh.” …

stderr 2018/02/05 blockchain

Blockchain formation

The Thick Gets Plottier


(FTB stderr) – Marcus Ranum:

The Russia election interference inquiry appears now to me to be more or less a complete charade, intended to get the various Trumpistas to lie to the FBI – and that’s about it. Because, it becomes increasingly apparent that Obama knew, the FBI knew, the CIA knew, and the NSA knew that the Russians were interfering or seeking to interfere with the 2016 elections. At the time, since the government’s attribution was terrible (I do not accept “we are the FBI, trust us, the CIA told us stuff” as attribution) I was withholding judgement; now that it’s all safely too late a whole bunch of other stuff is starting to bubble to the surface. …

stderr 2018/01/30 plottier


Meltdown and Spectre


(xkcd) – Randall Munroe:

The Meltdown and Spectre exploits use ‘speculative execution?’ What’s that?” …

xkcd 1938

Randall Munroe: xkcd 1938: Meltdown and Spectre

It’s Worse Than You Think: Tracking Apps


(FTB stderr) – Marcus Ranum:

There is a vast infrastructure of sneaky, nasty, deceptive code that is deployed by marketers to infect your browser so they can track everything you are doing. This reduces your ability to trust your browser tremendously, since you (naturally!) have no idea what it’s doing: it is not your browser. And, there is a similar vast infrastructure of evil running on your smartphone, sucking your battery life, tracking your location, monitoring the sounds around you, and eating your bandwidth and performance to transmit all that to dozens of companies: it is not your smartphone.

You’re just paying for it. …

stderr 2017/11/30 tracking-apps

Big-Brother mobile Phones

German Hardware Giant’s Ultra-Secure IoT


(Economist) –

Bosch is to position itself as a trusted custodian of data. “Orwell’s 1984 is kindergarten compared to the IoT-world. When it comes, and people re-evaluate privacy, Bosch will be prepared,” says Peter Schnaebele, its head of smart homes. …

economist 21731196


Intel’s Hidden In-Chip Operating System


(ZDNet) – Steven J. Vaughan-Nichols:

Buried deep inside your computer’s Intel chip is the MINIX operating system and a software stack, which includes networking and a web server. It’s slow, hard to get at, and insecure as insecure can be. …

zdnet intels-hidden

Big Brother bug

Reaper Botnet Set to Be Worse Than Mirai


(ZDNet) – Zack Whittaker:

Reaper is on track to become one of the largest botnets recorded in recent years — and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year’s Mirai cyberattack. …

zdnet reaper-botnet-worse


Wire Server Code Now 100% Open Source


(Medium::Wire) – Earlier this year, we started open sourcing Wire server code under the AGPL license. Today, the code necessary to run Wire servers is available to everyone for review. …

wireapp 88e24164309c

Wire messenger

Hacker-Proof Wireless Security


(Non Sequitur) – Wiley Miller:

Klick klick klika klik-klik ding” …

Non Sequitur 2017-08-06

Wiley Miller: Non Sequitur 2017-08-06: Hacker-Proof Wireless Security