Schneier on Security

Another Attack Against Driverless Cars

Schneier on Security - Wed, 07/31/2019 - 7:46am
In this piece of research, attackers successfully attack a driverless car system -- Renault Captur's "Level 0" autopilot (Level 0 systems advise human drivers but do not directly operate cars) -- by following them with drones that project images of fake road signs in 100ms bursts. The time is too short for human perception, but long enough to fool the... Bruce Schneier
Categories: Schneier on Security

ACLU on the GCHQ Backdoor Proposal

Schneier on Security - Tue, 07/30/2019 - 7:19am
Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable -- by me, as well. Now Jon Callas of the ACLU explains why.... Bruce Schneier
Categories: Schneier on Security

Wanted: Cybersecurity Imagery

Schneier on Security - Mon, 07/29/2019 - 7:15am
Eli Sugarman of the Hewlettt Foundation laments about the sorry state of cybersecurity imagery: The state of cybersecurity imagery is, in a word, abysmal. A simple Google Image search for the term proves the point: It's all white men in hoodies hovering menacingly over keyboards, green "Matrix"-style 1s and 0s, glowing locks and server racks, or some random combination of... Bruce Schneier
Categories: Schneier on Security

Friday Squid Blogging: Humbolt Squid in Mexico is Getting Smaller

Schneier on Security - Fri, 07/26/2019 - 5:42pm
The Humbolt squid are getting smaller: Rawley and the other researchers found a flurry of factors that drove the jumbo squid's demise. The Gulf of California historically cycled between warm-water El Niño conditions and cool-water La Niña phases. The warm El Niño waters were inhospitable to jumbo squid­more specifically to the squid's prey­but subsequent La Niñas would allow squid populations... Bruce Schneier
Categories: Schneier on Security

Insider Logic Bombs

Schneier on Security - Fri, 07/26/2019 - 7:05am
Add to the "not very smart criminals" file: According to court documents, Tinley provided software services for Siemens' Monroeville, PA offices for nearly ten years. Among the work he was asked to perform was the creation of spreadsheets that the company was using to manage equipment orders. The spreadsheets included custom scripts that would update the content of the file... Bruce Schneier
Categories: Schneier on Security

Attorney General William Barr on Encryption Policy

Schneier on Security - Wed, 07/24/2019 - 7:43am
Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Speaking at Fordham University in New York, he admitted that adding backdoors decreases security but that it is worth it. Some hold this view dogmatically, claiming that it is technologically impossible to provide lawful access without weakening security against unlawful... Bruce Schneier
Categories: Schneier on Security

Software Developers and Security

Schneier on Security - Wed, 07/24/2019 - 7:17am
According to a survey: "68% of the security professionals surveyed believe it's a programmer's job to write secure code, but they also think less than half of developers can spot security holes." And that's a problem. Nearly half of security pros surveyed, 49%, said they struggle to get developers to make remediation of vulnerabilities a priority. Worse still, 68% of... Bruce Schneier
Categories: Schneier on Security

Pages