Watched while on tinder

Seriously Tinder, cleartext in 2018?

When I think about security and privacy, I often focus on sophisticated attacks and exotic exploits, or on user error and social engineering. A recent report about the security design of Tinder reminds me that we need to also keep an eye out for someone just leaving the door unlocked ... Read More
The Looming End of Network Neutrality and How to Protect Yourself

The Looming End of Network Neutrality and How to Protect Yourself

Let’s get this out right up front. I am a strong advocate for network neutrality. ISPs like Comcast say that these regulations strangle innovation, and that all the concerns about how they might abuse their position are just paranoia. First a quick review. Network Neutrality is the principle that ISPs ... Read More
IMG 1402

Fighting cybercrime vs. protecting citizens

| | musings
David Shedd, former director of the Defense Intelligence Agency, recently published an OpEd on the damage that unrestricted focus on catching criminals can do to our general cyber security. It is great to see people with that kind of background speaking on on this critical issue. “Americans want their cyber ... Read More
Password sticky 123456

Do you use any of the worst passwords of 2016?

| | Password, passwords, secuity, stupidity
It is time to talk about passwords again. They are like the seatbelts of the security world. There are many more exciting security tools but few are as important to keeping you safe from the risks you encounter day to day. Splash Data recently released their list of the most ... Read More
Blu phone

Your Android phone may be passing your texts to China

| | android, backdoors, china, surveillance
Security firm Kryptowire discovered that at least hundreds of thousands of Android phones in the US are configured to automatically send all text messages, call logs, location information, contact lists and more to servers in China every 72 hours. This is all invisible to the end user. In the US, ... Read More
DDoS from IoT Devices

How was the Internet of Things able to take down the Internet with a DDoS?

| | Attack, ddos, dns, Hacking, iot
On October 21st, a large number of websites, including some of the biggest names, were knocked off the Internet by a massive distributed denial-of-service (DDoS) attack. A DDoS attack occurs when thousands to millions of devices send traffic to a target, completely overloading its servers or Internet connection. The recent ... Read More
D Link Logo Blue strap edited

So many reasons to never buy a D-Link router

If you care at all about security and privacy, a recent security analysis of the D-Link DWR-932 B LTE router will make your head explode. Researcher Pierre Kim found an amazing set of security vulnerabilities that should embarrass a first year developer. First, by default you and SSH and Telnet ... Read More
Bear fancy pattern

Macs are not safe from Bears

| | APT, Mac, Malware, secuity, targeting
Mac users have long had an unwarranted level of confidence about their immunity to malware and hackers. Palo Alto Networks’ recently discovered some Mac malware in the wild, which I hope will make us Mac users pay more attention to security. The malware, which targets mostly the aerospace industry, appears ... Read More