Schneier on Security

LIGATT Security certainly hopes to scare people....

I've gotten to the front of the security line and handed the TSA officer my ID and ticket. TSA Officer: (Looks at my ticket. Looks at my ID. Looks at me. Smiles.) Me: (Smiles back.) TSA Officer: (Looks at my ID. Looks at me. Smiles.) Me: (Tips hat. Smiles back.) TSA Officer: A beloved name from the blogosphere. Me: And...

Interesting research: "What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors," by Jon Howell and Stuart Schechter. Abstract: Sensors such as cameras and microphones collect privacy-sensitive data streams without the user's explicit action. Conventional sensor access policies either hassle users to grant applications access to sensors or grant with no approval...

Pretty....

This is an interesting piece of research evaluating different user interface designs by which applications disclose to users what sort of authority they need to install themselves. Given all the recent concerns about third-party access to user data on social networking sites (particularly Facebook), this is particularly timely research. We have provided evidence of a growing trend among application platforms...

"Experimental Security Analysis of a Modern Automobile," by a whole mess of authors: Abstract: Modern automobiles are no longer mere mechanical devices; they are pervasively monitored and controlled by dozens of digital computers coordinated via internal vehicular networks. While this transformation has driven major advancements in efficiency and safety, it has also introduced a range of new potential risks. In...

Interesting research. Main results: [...] We analyzed the results from over a quarter of a million people who ran our tests in the last few months, and found that we can detect browsing histories for over 76% of them. All major browsers allow their users' history to be detected, but it seems that users of the more modern browsers such...

Dolphine and sea lions: A Navy seal - actually a sea lion - took less than a minute to find a fake mine under a pier near San Francisco's AT&T Park. A dolphin quickly located a terrorist lurking in the black water before another sea lion, using a device carried in its mouth, cuffed the pretend saboteur's ankle so authorities...

A recently declassified history through 1964....

This doesn't seem like the best idea: Authorities in the southern Indian state of Andhra Pradesh are planning to set up an outsourcing unit in a jail. The unit will employ 200 educated convicts who will handle back office operations like data entry, and process and transmit information. It's not necessarily a bad idea, as long as misuable information isn't...

Sounds like fearmongering to me. How real is the threat? Many of the world's most dangerous pathogens already are transmitted by arthropods, the animal phylum that includes mosquitoes. But so far the United States has not been exposed to a large-scale spread of vector-borne diseases like Rift Valley, chikungunya fever or Japanese encephalitis. But terrorists with a cursory knowledge of...

The British High Court ruled that a software vendor's EULA -- which denied all liability for poor software -- was not reasonable. I wrote about software liabilities back in 2003....