Trusted Third Party
Anthem to data breach victims: Maybe the damages are your own darned fault
Insurance giant Anthem scares off possible data breach victims by asking to examine their personal computers for evidence that their own shoddy security was the problem.
The CIA should help vendors patch the flaws it was exploiting
The CIA should help fix the flaws it has been exploiting because they have been made public by Wikileaks, and it is in the public interest to stop others from using them for criminal purposes.
Trump fence-sitting on encryption backdoors can’t last
Politicians have to address encryption backdoors honestly if they hope to preserve strong encryption.
Turks point to U.S. as source of cyberattacks, but don’t level blame
It’s hard to come up with a smoking gun when attributing events like the hack of Democratic National Committee emails
A shout out to Akamai for candor in IoT botnet attack
Akamai deserves credit for the way it disclosed why it stopped protecting the Krebs on Security Web site last week after defending it for three days from the largest botnet it had ever encountered.
NSA zero days and encryption backdoors need clear disclosure policies
Disclosure of NSA zero days signals a need for clear policies on when to notify affected vendors.
The tide may be turning against encryption in Europe
In the wake of increased terror incidents Europe is starting to look seriously at ways to read encrypted messages that officials there say are instrumental to carrying out attacks.
Obama won’t advocate to crack encryption
President Obama won’t push for legislation that forces encryption vendors to decrypt when ordered to do so by a court, Reuters is reporting.
WhatsApp: The FBI’s worst nightmare
WhatsApp is encrypting all communications it supports, end-to-end, with no known way for anyone to decrypt it unless they are the authorized usesr of the endpoints involved, something that can’t be undone even under court orders...
If you care about your encrypted data, get rid of your iPhone 5c
Owners of iPhone 5c who care about securing their content should think about upgrading to a less vulnerable phone without the same weakness.
Despite rhetoric, DoJ, NSA still seek backdoors
Department of Justice and NSA chiefs say they don’t want backdoors to decrypt private communications, but there’s no way to do that without backdoors.
Can $1M in damages be accurate in a website defacement?
Corporate security pros should note that journalist Matthew Keys was convicted this week of changing a headline on the LA Times website, a case that may help define what can be included when a toting up damages caused by hackers.
Former NSA chief undercuts FBI’s desire for encryption backdoors
The former head of the NSA the U.S. is better served by strong encryption that it would be by encryption schemes with backdoors that allow law enforcement to decrypt the content of communications, according to reports.
U.S.-China agreement on cyber espionage is a first step at best
Presidents Obama and Xi agree that the U.S. and China won’t steal corporate secrets from each other, but the wording is so full of loopholes that CISOs shouldn’t take too much comfort in the pact for quite a while.
Volkswagen has a technology problem: It fixes things by hiding them
Volkswagen is in the headlines for hiding emissions problems with its cars from inspections, but it’s also hidden problems with its anti-theft systems rather than recall the affected cars and fix them.
Mandating backdoors for encrypted communications is a bad idea
Given the dangers of backdoors into encrypted communications, the FBI or any agency seeking to require encryption backdoors and legal authority to use them needs to put forward specific plans for public discussion.
Partners Health Care breach: Here comes the flood
The breach of patient information at Partners Health Care could be the start of a predicted flood of such attacks against healthcare providers.
RSA to feature talk by hacker whose ‘funny’ tweet got him yanked from a plane
One World Labs Founder Chris Roberts spent hours detained by the FBI after he tweeted about “playing with” communications systems aboard the plane he was on.
What in the world is Bruce Schneier talking about?
Bruce Schneier autographed a copy of his new book with a cryptic message that with some thought can be figured out by non-cryptographers.
