Schneier on Security

FEBRUARY 27, 2020

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT.

Internet 263

Internet Internet IoT Manufacturing 263

Tech Republic Security

MAY 16, 2024

Can a VPN slow down your internet? Find out how VPNs can impact your internet speed with our article.

VPN 163

VPN Internet Internet 163

Schneier on Security

JUNE 22, 2020

Another article did a more detailed analysis, and concludes that the Etsy review was the linchpin. There are many other forums on the Internet to discuss that. Note to commenters: political commentary on the protesters or protests will be deleted.

Internet 268

Internet Internet Mobile Accountability 268

Schneier on Security

NOVEMBER 16, 2020

But now I have this excellent paper from MIT researchers: “Going from Bad to Worse: From Internet Voting to Blockchain Voting” Sunoo Park, Michael Specter, Neha Narula, and Ronald L. It can make ballot secrecy difficult or impossible. I’ve also quoted this XKCD cartoon.

Computers and Electronics 363

Computers and Electronics Internet Internet Risk 363

Schneier on Security

MAY 24, 2019

Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn't say how.

Encryption 279

Encryption Internet Internet 279

Schneier on Security

MARCH 22, 2019

GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article.

Internet 256

Internet Internet Encryption 256

Schneier on Security

AUGUST 6, 2019

Interesting article on people using banks of smartphones to commit ad fraud for profit. No one knows how prevalent ad fraud is on the Internet. I believe it is surprisingly high -- here's an article that places losses between $6.5

Banking 239

Banking Internet Internet 239

Malwarebytes

JUNE 3, 2022

Welcome to Internet Safety Month, a once-a-year event in which you, the public, are told that anywhere between three and 30 different best practices will simplify your approach to staying safe online. This year, then, for Internet Safety Month, we’re packaging our advice a little differently. Learn from the experiences of others.

Internet 133

Internet Internet Scams Passwords 133

Schneier on Security

DECEMBER 2, 2021

The article goes on to talk about how common these sorts of attacks are. Human-based adjudication systems are not useless pre-Internet human baggage, they’re vital. The hacker then exchanged the token for $31 million worth of tokens on the Ethereum and Polygon blockchains.

Internet 363

Internet Internet Hacking Software 363

Krebs on Security

FEBRUARY 4, 2020

A Pennsylvania man who operated one of the Internet’s longest-running online attack-for-hire or “booter” services was sentenced to five years probation today. Attorney Adam Alexander.

Internet 324

Internet Internet Government Accountability 324

Schneier on Security

OCTOBER 1, 2022

Another news article. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.” And this, right here, was the one thing I worried about. It didn’t matter how clever and resourceful I was. If my handlers were incompetent, I was dead.

Internet 325

Internet Internet 325

Krebs on Security

MARCH 27, 2025

When Cloudflare responded by blocking the sites with a phishing warning, the real Internet address of these sites was exposed as belonging to a known “bulletproof hosting” network called Stark Industries Solutions Ltd. “All cases related to state treason [and] terrorism are classified, so there are barely any details.”

Phishing 185

Phishing Government Engineering Internet 185

Schneier on Security

JANUARY 27, 2020

This year : King County voters will be able to use their name and birthdate to log in to a Web portal through the Internet browser on their phones, says Bryan Finney, the CEO of Democracy Live, the Seattle-based voting company providing the technology. A centralized printout of a received Internet message is not voter verifiable.

Internet 273

Internet Internet Technology Authentication 273

Schneier on Security

APRIL 18, 2019

The hackers' victims include telecoms, internet service providers, and domain registrars responsible for implementing the domain name system. Another news article. In the process, they went so far as to compromise multiple country-code top-level domains -- the suffixes like.co.uk Cisco's Craig Williams confirmed that Armenia's.am

DNS 279

DNS Internet Internet Risk 279

Schneier on Security

MAY 21, 2019

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all of this automatic.

Technology 244

Technology Surveillance Internet Internet 244

Daniel Miessler

FEBRUARY 2, 2022

Like, holy s**t, we could very well be in the BBS days of a new type of internet. All this stuff going on—putting aside the hype—could end up being a new substrate for everything, just like the internet in the 90’s. Image from a Coindesk article by Annie Zhang. And some hacker types definitely get it.

InfoSec 352

InfoSec Internet Internet Cryptocurrency 352

Security Affairs

NOVEMBER 10, 2024

” reads the article published by the Wall Street Journal. “Do internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and around the globe.”

Hacking 129

Hacking Internet Internet Government 129

Schneier on Security

NOVEMBER 13, 2020

Your data is no longer in a bazillion places on the Internet, controlled by you-have-no-idea-who. A few news articles. Data generated by your things — your computer, your phone, your IoT whatever — is written to your pod. You authorize granular access to that pod to whoever you want for whatever reason you want.

Insurance 357

Insurance IoT Healthcare Technology 357

Schneier on Security

DECEMBER 4, 2018

There are lots of articles about there telling people how to better secure their computers and online accounts. While I agree with some of it, this article contains some particularly bad advice: 1. And while you're at it, do it for your mobile phone provider and your Internet service provider. Do it for the IRS and the USPS.

Accountability 277

Accountability Passwords VPN Mobile 277

Schneier on Security

APRIL 7, 2022

The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet. Four more news articles. ” And note that only the command-and-control mechanism was disrupted. Those devices are still vulnerable. Slashdot post.

Manufacturing 276

Manufacturing Firewall Malware Internet 276

Joseph Steinberg

JANUARY 20, 2022

I will discuss in a future article what roadmaps should contain in order to be most likely to yield successful Zero Trust adoption efforts. In actuality, wildfire is not even a good example, because ransomware can actually spread orders of magnitude faster than wildfire!). This post is sponsored by VMware.

Cybersecurity 363

Cybersecurity Artificial Intelligence Ransomware Social Engineering 363

Schneier on Security

AUGUST 11, 2020

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "more than 500 mobile applications." Just one of the many Internet companies spying on our every move for profit. Through that SDK, the company collects location data from users, which it then sells.

Mobile 241

Mobile Government Internet Internet 241

Schneier on Security

SEPTEMBER 11, 2018

This is really interesting research: " BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid ": Abstract : We demonstrate that an Internet of Things (IoT) botnet of high wattage devices-such as air conditioners and heaters-gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid.

IoT 272

IoT Hacking Marketing Engineering 272

Schneier on Security

JANUARY 21, 2022

News article : It’s not clear whether the security flaws were intentional or not, but the report speculated that proper encryption might interfere with some of China’s ubiquitous online surveillance tools, especially systems that allow local authorities to snoop on phones using public wireless networks or internet cafes.

Surveillance 363

Surveillance Encryption Wireless Government 363

Schneier on Security

APRIL 25, 2024

In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. This article might be written very differently in an academic publication, for example, and publishing it here entailed pitching an editor, revising multiple drafts for style and focus, and so on.

Engineering 360

Engineering Internet Internet Artificial Intelligence 360

Schneier on Security

MAY 2, 2024

Another news article. And they’re not going to make one for the UK and another for the rest of Europe, either. They’ll remove the default passwords and sell those devices everywhere.

Passwords 338

Passwords IoT Manufacturing Telecommunications 338

Schneier on Security

JANUARY 22, 2019

as well as the continuing adoption of the industrial internet of things (IIoT) , that industries began to acknowledge the pressing need for security. News article. It wasn't until the arrival of Industry 4.0,

Hacking 223

Hacking Wireless Internet Internet 223

Schneier on Security

JULY 26, 2022

It’s common to trade security off for usability, and the results of that are all over Apple’s operating systems—and everywhere else on the Internet. News article. What Apple has done here is really interesting. What they’re doing with Lockdown Mode is the reverse: they’re trading usability for security.

Spyware 296

Spyware Mobile Internet Internet 296

The Last Watchdog

NOVEMBER 3, 2021

Related article: The road to a Pulitzer. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. Last Watchdog’s mission is to foster useful understanding about emerging cybersecurity and privacy exposures. But there’s a lot more to get done.

Cybersecurity 278

Cybersecurity Data breaches Mobile Internet 278

Malwarebytes

DECEMBER 31, 2024

The Internet of Things is the now-accepted term to describe countless home products that connect to the internet so that they can be controlled and monitored from a mobile app or from a web browser on your computer. In February, a Swiss newspaper article included an anecdote about a Distributed Denial-of-Service attack, or DDoS attack.

Internet 72

Internet Internet Mobile DDOS 72

Zero Day

NOVEMBER 25, 2024

The internet has plenty to say about Jaguar's recent colorful rebrand. This article breaks down what happened and shares five hacks to crush your next product launch.

Internet 86

Internet Internet Hacking 86

The Last Watchdog

MAY 21, 2020

When it was first introduced, device fingerprinting – or online fingerprinting in general – was meant to create a safer, more responsible internet. The idea was that by fingerprinting devices used to connect to the internet we could achieve better accountability. However, online fingerprinting is also being used to track users.

Advertising 290

Advertising Internet Internet Accountability 290

Identity IQ

OCTOBER 23, 2023

Tips to Help Avoid Internet Fraud IdentityIQ Today, where the internet plays a crucial role in our daily lives, it is essential to be vigilant and proactive in helping protect yourself from internet fraud. Continue reading to learn how help to protect yourself from the dangers of internet fraud.

Internet 105

Internet Internet Identity Theft Scams 105

Schneier on Security

FEBRUARY 13, 2021

There’s lots of detail in the article, and I recommend that you read it through. It sounds ridiculous on its face, but the Internet itself was a solution to a similar problem: a reliable network built out of unreliable parts. This is a follow on, with a lot more detail, to a story Bloomberg reported on in fall 2018.

Surveillance 363

Surveillance Internet Internet Government 363

Schneier on Security

SEPTEMBER 26, 2019

News articles talk about " spy trains ," and the possibility that the train cars might surreptitiously monitor their passengers' faces, movements, conversations or phone calls. If there's any lesson from all of this, it's that everybody spies using the Internet. But another part involves fears about national security. Our allies do it.

Surveillance 258

Surveillance Wireless Government Internet 258

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. ” A review of the email’s message headers indicated it had indeed been sent by the FBI, and from the agency’s own Internet address.

Internet 363

Internet Internet Hacking Accountability 363

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT 326

IoT Software Manufacturing Internet 326