CanSecWest, the last tech conference standing in the face of the coronavirus
What if someone threw a hacker conference, and nobody showed up?As I boarded a United flight at SFO on March 17, the first day of San Francisco’... Read More...
Opinion
How to securely share log-in credentials
Emailing or texting username-password combos is like assuming your attacker is lazy. Bad assumption. But we still need to share them sometimes. Here’s how to do it a bit more securely.
Behind the chip on your credit card
Ever wondered how that cool-looking chip on your bank card works? The EMV chip is actually a powerful computer that helps cryptographically process payments. Here’s how.
Female CISO: How (and why) to invest in cybersecurity
EVRY’s Monica Verma charts her path from curious kid to hacker to CISO. Improving cybersecurity, she writes, means treating it as an investment rather than a brake on innovation.
Hutchins’ plea deal raises as many questions as it answers
Earlier this week, Marcus Hutchins, the man who helped stop the WannaCry global ransomware attack, admitted in court to developing the Kronos banking malware as... Read More...
6 cybersecurity trends we’re thankful for
You might think of cybersecurity professionals as tech’s collective “watchers on the wall”—the guardians who let you know when doom is coming. With that perspec... Read More...
To fill cybersecurity positions, recruit veterans
As veterans with cybersecurity experience struggle to find civilian jobs, employers are struggling to fill cybersecurity jobs. There’s a big opportunity here. Here’s what needs to change.
7 simple reasons to vote
In a column for The Parallax, Gary McGraw outlines why his band wrote a song that passionately encourages every eligible voter to fill out and submit a ballot.
A civilian’s guide to military jargon for cybersecurity
Consumers have long adopted military terms to describe their many civilian challenges. They can also use military tactics to tackle those challenges. Here is a sampling of each.
Who foots the bill for medical IoT security?
For implanted medical devices, where a faulty update could harm or even kill a patient, a doctor’s office visit is in order. With no billing code, hospitals have been eating the costs.
There are no IOUs with the Internet of Things
Vulnerable devices on your network can lead to intrusions of your most sensitive data, and IOT patches are rare. While manufacturers need accountability, we need to make better security choices.
Get a new phone? Consider your Fifth Amendment rights
Biometric locks have the same function—albeit more secure and convenient—to a consumer as a PIN or passcode. But they don’t have the same legal protections under the 5th Amendment. Here’s why.
Looking beyond the surveillance state
As advanced surveillance technologies become more and more accessible, companies and individuals will more readily use it to track others, developer Emily Crose argues.
Why GDPR is good for security and the economy
Most people think that the General Data Protection Regulation is about privacy, but it’s really about security. Shifting this thinking will drive investment that benefits everyone.
Looking for cyberthreat talent in all the wrong places
To address the great talent dearth in good cyberthreat analysts, hiring managers need to move the focus of their searches from technical skills to less teachable soft skills, Simone Petrella writes.
Beware the dangers of bias in AI
While others fear sentient robots eradicating humanity, there’s a much more urgent and imminent concern about how algorithmic and data bias can threaten society, Emily Crose argues.
How to protect what your car knows about you
Connected car data could be worth $750 billion by 2030. That’s great, if you’re a car company. But if you’re a consumer, you’ll want to be able to weigh the benefits against the risks.
Uber, self-driving cars, and the high cost of connectivity
The next self-driving car death easily could result from a hack. If companies investing in the technology aren’t prioritizing cybersecurity, they aren’t prioritizing safety—or their business.
Adrián Lamo: Touched by greatness, mired in tragedy
Adrián Lamo followed his conscience turning in Chelsea Manning and paid a terrible personal cost. Jonathan Hirshon remembers the humanity of the “homeless hacker,” a longtime friend.
Want to stop data breaches? Make companies accountable
The punishment for allowing a breach is usually a light slap on the wrist, if anything. And in the case of credit-reporting agencies, the standard punishment can even turn into profit. It's time to hold companies accountable for breaches.
MakerNet’s dream: Balance data privacy, monetization
Is there a viable platform model that monetizes data and also meets data autonomy standards? Columnist Nathan Parker writes about the approach he’s taking with MakerNet.
Internet freedom bard John Perry Barlow missed a big threat
Barlow, the recently departed Grateful Dead lyricist and EFF co-founder, motivated Internet usage protections from abuses of government—but not corporations.
How to guard your data like it’s an Olympic sport
Heading to the Winter Olympics in South Korea or another major public event? Don’t let yourself get so carried away with excitement that you forget that the bad guys are just waiting for you to slip up.
How to reduce ‘collateral damage’ from blockbuster cyberattacks
In order to reduce damage, security teams need to change their approach to vulnerability assessment, Bryson Bort writes. This starts with recognizing that nobody is safe from a cybersecurity threat.
To stay safer on Android, stick with Google Play
Yale Privacy Lab fellows are advising people to use a third-party Android app store over Google Play. Here’s why their advice is incredibly bad for the average consumer.
Why losing Net neutrality wouldn’t hurt your privacy or security
Dismantling FCC Open Internet rules might allow ISPs to mess with privacy and security. But doing so today simply wouldn’t be practical or even profitable, Rob Graham argues.
Forget Pai. Net neutrality’s privacy benefits are already neutralized
Eliminating Net neutrality laws would likely make online privacy more expensive, attorney Ryan E. Long argues. But CALE requirements have already handicapped them.
Kronos malware indictment highlights the risk of trust
Good security relies on trust, which doesn’t scale well. So writes Internet pioneer Paul Vixie, as he reflects on the indictment of the man who stopped WannaCry on charges related to Kronos.
Debate over data security conflates tech and legal issues
A recent Intelligence Squared podcast event set up to debate whether companies have the right to shield customer data from government agencies dives headlong into talk about encryption.
The DIGIT Act, paved with good intentions, needs a firm hand
As proposed, the act sounds like it could protect consumers while allowing businesses to thrive. But it risks becoming an IoT industry rubber stamp.
Effective cybersecurity starts with seeing yourself as a target
Our vital systems and seemingly frivolous daily communications are in need of technological scrutiny. And yet we often fail to see ourselves as targets and take action.
How to transition from consumer to small-business computer security
Is there a difference between computer security in your home versus in a small business? Absolutely, says the founder of Townsquared. But it’s not as big as you might think.
Don’t underestimate what Kim Dotcom could pull off with Megaupload 2.0
The notorious Internet entrepreneur’s previewed service is poised to enable storage of encrypted media and Bitcoin payments. But how can Dotcom launch a relevant service when his assets are frozen, and he's under indictment?
Remembering cybersecurity pioneer Becky Bace
My dear friend Becky Bace is no longer with us, but her work—and many of the relationships and projects she incubated and encouraged—live on.
False hack attributions carry dangerous risks
Attributing cyberattacks to specific people or organizations is far from an exact science. And a misattribution today runs a high risk of increasing military tensions.
How to tackle corporate cluelessness about data security
During World War II, the U.S. Office of War Information launched a “Loose Lips Sink Ships” campaign to reduce the chance that someone might inadvertently give u... Read More...
Trump, Putin, and the dangers of fake news
Information “starvation” under closed regimes prevents informed decision making. A flood of disinformation has similarly harmful effects, Garry Kasparov argues. And the antidote isn’t easy to swallow.
Tech’s power to promote good or evil depends on who controls it
Tools developed to create, acquire, and distribute data can also be used to gain influence, monitor, and persecute. These uses are two sides of the same coin.
Massive Yahoo breach highlights why to hit ‘delete’
Far beyond Yahoo's services, it’s time to delete your archived email, private messages, contacts, files, photos—anything you can’t afford to find its way into a hacker’s hands and beyond.
Why Yahoo should have fought FISA like Apple fought the FBI
Responding to a court order, Yahoo reportedly made custom software to scan billions of emails for terrorist ties. Beyond constitutionality, the legality of compulsory tool development remains an open question.
Why we need to ditch DRM
The anticopying technology, despite being ineffective and potentially dangerous, is covered by the Digital Millennium Copyright Act. This makes breaking it—even for good reasons—illegal.
Hidden dangers in debate between personalization and privacy
Data mining is increasingly effective and relevant to brands. But to customers and marketers alike, there are real dangers to consider.
Homing in on the future of identity
Some thoughts on recent developments in authentication and how we can stay secure online.
How an FBI win against Apple could hurt my company
To any software engineer with an imagination, the resulting possibilities are horrifying. A favorable precedent would let the government turn us into unwilling surveillance assistants.
What happens if the FBI wins its iPhone fight?
In its case against Apple, the federal agency claims that it’s trying to unlock just one phone. Far more is at stake, domestically and internationally, experts and activists say.
What it’s like to play chess master Garry Kasparov
Even in assured defeat, competing in chess against the longstanding top player in the world is a privilege. It is also an experience in learning the value of adaptability.
Law enforcement’s encryption scare tactics aren’t swaying techies
With customers worldwide who would be negatively impacted by weakened encryption, Silicon Valley has an obvious interest in uniting together against a very dumb idea.
‘State of Control’ explores harrowing consequences of surveillance
The documentary, of two filmmakers who traveled to Tibet before the 2008 Olympics, shows how China uses technology to control information and people far beyond its borders.
Regarding CISA, D.C.’s from Mars, Silicon Valley’s still from California
The political establishment and the tech industry aren’t clashing for the first or last time over the government’s proper role in safeguarding privacy and cybersecurity.
U.S.-China cyberdeal: Another useless photo op
Although September’s agreement may prohibit China from cyberespionage for commercial gain, it’s still open season for everything else.
No more articles