Programmers Who Don’t Understand Security Are Poor at Security

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going to do a very good ...

Critical Flaw in Swiss Internet Voting System

Researchers have found a critical flaw in the Swiss Internet voting system. I was going to write an essay about how this demonstrates that Internet voting is a stupid idea and should ...

On the Security of Password Managers

There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager ...

Security Flaws in Children’s Smart Watches

A year ago, the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also ...

Security Vulnerabilities in Cell Phone Systems

Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged their feet when it comes to ...

Consumer Reports Reviews Wireless Home-Security Cameras

Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it's reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn't ...

New iPhone OS May Include Device-Unlocking Security

iOS 12, the next release of Apple's iPhone operating system, may include features to prevent someone from unlocking your phone without your permission: The feature essentially forces users to unlock the iPhone ...

Ray Ozzie’s Encryption Backdoor

Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. It's a weird article. It paints Ozzie's proposal as something ...

Securing Elections

Elections serve two purposes. The first, and obvious, purpose is to accurately choose the winner. But the second is equally important: to convince the loser. To the extent that an election system ...

Artificial Intelligence and the Attack/Defense Balance

Artificial intelligence technologies have the potential to upend the longstanding advantage that attack has over defense on the Internet. This has to do with the relative strengths and weaknesses of people and ...
Loading...