At Chaos Communication Congress, election security expert J. Alex Halderman describes the United States’ rough yet vital road toward securing its many vulnerable voting systems.
As veterans with cybersecurity experience struggle to find civilian jobs, employers are struggling to fill cybersecurity jobs. There’s a big opportunity here. Here’s what needs to change.
New exemptions to the controversial copyright law cover hacks of both software and hardware controlled by code. But they stop short of giving security researchers a free pass.
Amid global struggles to balance travelers’ privacy with strong border protections, a New Zealand Customs Service representative explains recent updates to its device search policies.
Tech firms would like one privacy law to cover all U.S. communications—as long as it’s not as strict as the GDPR and also supersedes any pesky state regulations like the CCPA.
It’s not just Be’ersheba’s interdisciplinary approach. Israel’s unique politics, geography, and economics have played major roles in its transformation into a cybersecurity power player.
“A CERT is like FEMA for cyber,” one expert says. Post-WannaCry, Israel is following the Netherlands, England, and Norway in creating a health care CERT.
Biometric locks have the same function—albeit more secure and convenient—to a consumer as a PIN or passcode. But they don’t have the same legal protections under the 5th Amendment. Here’s why.
As advanced surveillance technologies become more and more accessible, companies and individuals will more readily use it to track others, developer Emily Crose argues.
To address cyberrisks, former Pennsylvania governor and DHS secretary Tom Ridge says the relationship between the private and public sectors needs to move from punitive to collaborative.
Critics push for the Trump administration to deliver on its promise of a national cybersecurity policy—one that has more legal weight than words like “should” and “may.”
Some privacy advocates say it calls for a resurrected debate over FISA practices. But Nunes himself is a steadfast surveillance supporter of the existing process.
In order to reduce damage, security teams need to change their approach to vulnerability assessment, Bryson Bort writes. This starts with recognizing that nobody is safe from a cybersecurity threat.
Georgia Senate Bill 315 includes vague language reflective of the CFAA antihacking law that experts and advocates fear would be used to unfairly punish security researchers.
Researchers say the nation-state developers behind the Android spyware campaign Dark Caracal took a page from developers of legitimate software, relying on recycled components.
The new EU law, which comes with stiff penalties, is set to enforce consumer privacy standards exceeding those of the United States in several key ways.
As some lawmakers push for the extension of FISA Section 702, an expiring law that allows programs like Prism and Upstream, others push for new privacy protections.
Privacy and online-rights advocates say Spain’s recent heavy-handed Internet control is unprecedented for a Western democracy—and it could return with this week’s snap election.
Petr Svenda, who disclosed a key vulnerability in popular identification chips, says it’s hard for researchers to ensure that devices are secure when just seeing their specs requires an NDA.
The USA Liberty Act, designed to revamp and reauthorize FISA Section 702, would still allow the FBI and other agencies to query the NSA database of U.S. communications sans warrant.
“There’s just not enough cybertalent, not enough people with the level of expertise needed,” one expert says. Filling critical roles will mean recruiting and training outside the box.
After President Trump fires James Comey, a leading U.S. backer of encryption backdoor mandates, officials in Europe and Australia renew arguments for the “technically infeasible.”
During a fireside chat in Las Vegas, Reps. Will Hurd of Texas and Jim Langevin of Rhode Island plead for proactive hacker-lawmaker collaboration and voice concerns about election security.
The social-networking giant’s chief security officer sounds off on why and how political campaigns should work together to fight attacks on their critical infrastructure and information.
A recent Intelligence Squared podcast event set up to debate whether companies have the right to shield customer data from government agencies dives headlong into talk about encryption.
The release of computer vulnerability exploits collected and stockpiled by U.S. intelligence agencies highlights internal security and cultural structures that aren’t likely to change. Here’s why.
The 3-section order, which builds largely on initiatives the Obama administration set in motion, outlines federal guidance to “create more cohesion and consolidation between agencies.”
The notorious Internet entrepreneur’s previewed service is poised to enable storage of encrypted media and Bitcoin payments. But how can Dotcom launch a relevant service when his assets are frozen, and he's under indictment?
As regulation of Internet-connected devices inches forward, public officials and security experts disagree on how best to keep consumers safe without stifling industry innovation.
Attributing cyberattacks to specific people or organizations is far from an exact science. And a misattribution today runs a high risk of increasing military tensions.
James Wirtz, dean of international graduate studies at the Naval Postgraduate School, revisits his pre-election comments on Russia’s effective information cyberwarfare tactics.
Granick, the director of civil liberties at Stanford Law School and recent author of “American Spies,” sounds off on the nature, effectiveness, and justness of U.S. surveillance today.
After a presidential election marked by hacks and leaks and claims of “bleak” urban streets, those of the nation’s capital were filled—quite literally—with anger and worry. And hope.
The ways private companies and government agencies use information created by and attached to all forms of digital communication are far-reaching and, in some cases, vital.
Questions regarding the veracity and transparency of evidence lie at the center of the debate over whether to trust government accusations of culpability for cyberattacks and computer hacking.
Responding to a court order, Yahoo reportedly made custom software to scan billions of emails for terrorist ties. Beyond constitutionality, the legality of compulsory tool development remains an open question.
Empower the individual. Keep private information private. Make the complex simple. And detect an intruder in milliseconds. McAfee and hacker Eijah say these ideas are driving their new business.
“No. 1: Fire or massively retrain every employee in the U.S. government responsible for implementing cybersecurity,” advises the software entrepreneur, a former presidential candidate.
Properly protected vote databases are tough to hack, security experts say. But in places lacking up-to-date software, proper IT training, or a paper trail, hackers have an advantage.
The former DHS secretary tells The Parallax that as people raise their consciousness about security, nations urgently need to form agreements about cyberwarfare limits.
From a plea for an “NIH for cyber” to a plan for “software supply chain transparency,” Black Hat and DefCon insiders say it’s time for the U.S. government to ensure software safety.
Cold War historian James J. Wirtz, dean of international graduate studies at the Naval Postgraduate School, tells The Parallax that Russian officials are great at seeing the big picture.
Did the Republican nominee for U.S. president just encourage hackers in Russia to break into his opponent’s private email server? Here’s how several experts interpreted his comments.
While companies set up programs for hackers to report vulnerabilities, independent marketplaces buy and sell hacks to popular software programs with no oversight or accountability.
Itzhak “Zuk” Avraham, founder of Zimperium, has been confident that his Israeli colleagues at Cellebrite would successfully help the FBI unlock the iPhone 5C of Syed Farook. Here’s why.
To any software engineer with an imagination, the resulting possibilities are horrifying. A favorable precedent would let the government turn us into unwilling surveillance assistants.
In the 30 years since President Reagan signed the Computer Fraud and Abuse Act into law, it’s been the subject of heated controversy and undergone many alterations. What’s next?
Apple is citing the First Amendment in its programming dispute with the FBI over an iPhone used by a government employee accused of terrorism. Here’s why.
In its case against Apple, the federal agency claims that it’s trying to unlock just one phone. Far more is at stake, domestically and internationally, experts and activists say.
The USA Freedom Act may have hampered the agency’s program for bulk collection of U.S. phone records, but “there are a lot of unknowns” about how it might be interpreted or sidestepped.
The documentary, of two filmmakers who traveled to Tibet before the 2008 Olympics, shows how China uses technology to control information and people far beyond its borders.
In the wake of the terrorist attacks in France, U.S. government agencies, including the CIA, are reiterating their arguments for security standard backdoors into communications data.
As the technological capabilities of unmanned aerial vehicles proliferate, privacy groups are pushing for laws to require police to obtain warrants to use them.
While several tech titans require warrants to give police and prosecutors access to customers’ older stored communications, countless Internet companies with fewer legal resources likely are complying with agency-issued subpoenas.
Illinois ruling addresses several of privacy advocates’ issues with law enforcement agencies’ use of secretive “stingray” tracking technology to collect cell phone data.
The political establishment and the tech industry aren’t clashing for the first or last time over the government’s proper role in safeguarding privacy and cybersecurity.
Some security and policy experts see the agreement as a potential model for new treaties—or, at the very least, a sign of progress. Others see a whole lot of problems.
Some legal experts embrace the idea of targeted police hacking as an alternative to potentially government-mandated encryption backdoors. Others call it a terrible idea.
