USB Firmware Design Flaws Require Behavioral Changes, Patches Won’t Help
Nov 3,
2014
USB thumb drives have made people nervous for some time. We worry about hostile data lurking in their VFAT file systems. Data loss prevention (or DLP) struggles to keep sensitive data from leaking out of organizations on the convenient tiny devices. But now we’ve learned over the past few months that USB devices pose even […]
Is There Really Such a Thing as Security Through Obscurity?
Oct 31,
2014
DARPA, the U.S. Defense Advanced Research Projects Agency, has issued an interesting Broad Agency Announcement for the SafeWare program (details here) seeking a “highly efficient and widely applicable program obfuscation method with mathematically proven security properties.” What’s going on? DARPA wants to create programs that people can run without figuring out how the programs work. […]
Do You Need Two-Step Authentication? Do You Store Pictures in the Cloud?
Oct 23,
2014
Honest. I heard there were some pictures of some celebrities leaked on the Internet. I didn’t seek them out, so it is hearsay, of course. My wife mightn’t have been too happy if I’d sought out those photos. The photos were allegedly taken from an Internet photo site. I have heard that the thieves guessed […]
Is Cyber Security a Priority for our Critical Infrastructure?
Oct 7,
2014
In a recent study, two-thirds of the citizens of a large city reported being mugged, but only a quarter said that stopping muggings was a top priority. OK, not really, but close. SC Magazine reported a similar situation in an article by Daneille Walker on July 11 of this year. They reported on a study […]
Eavesdropping On Mobile Phones And Why We Need To Keep On Our Toes
Oct 6,
2014
Most of us in North America, Europe and much of the rest of the world trust in the confidentiality of our conversations on our mobile phones. There are still places, though, where that’s not the case. In those areas mobile phones aren’t encrypted. When we use a phone in those areas we don’t bother to […]