The Current State Of Smart Locks

I’ve been following the smart lock market with great interest. There are some odd ideas, common mistakes, and a lot of hyperbole, but also intrepid engineering, smart marketing and a level playing field. For the first time in decades there is serious public interest in locks and it’s pinging the historian in me hard. I’m

Your password manager’s password

Cyber criminals have started targeting the password managers that protect an individual’s most sensitive credentials by using a keylogger to steal the master password in certain cases, according to research from data-protection company IBM Trusteer. The research found that a configuration file, which attackers use to tailor the Citadel trojan for specific campaigns, had been

Qubes

Four years ago the Warsaw-based firm, Invisible Things Lab, started developing its own operating system known as Qubes. The free open source OS lets users set up a collection of virtual machines on their PC, with a simple central interface to manage each quarantined system. Careful users can keep their personal online activities isolated in one

What Is the Dark Web?

The Dark Web is a collection of thousands of websites that use anonymity tools like Tor and I2P to hide their IP address. While it’s most famously been used for black market drug sales and even child pornography, the Dark Web also enables anonymous whistleblowing and protects users from surveillance and censorship.

Whatsapp

Only six out of 39 messaging applications have the features needed to guarantee the security of communications sent over the Internet, according to an analysis by the Electronic Frontier Foundation. Let’s hope this modification improves Whatsapp’s shitty score!!! Whatsapp has announced that it’s implementing end-to-end encryption, an upgrade to its privacy protections that makes it

Tor – another nail in the coffin?

The Tor project has urged calm after new research found 81 percent of users could be identified using Cisco’s NetFlow tool. A research effort led by professor Sambuddah Chakravarty from the Indraprastha Institute of Information Technology in Delhi found that well-resourced attackers such as a nation-state could effectively reveal Tor users’ identity with a false-positive

EMET 5.1

Microsoft has issued a new version of its Enhanced Mitigation Toolkit (EMET) to address a variety of compatibility issues in the system-hardening environment. Version 5.1 fixed compatibility and Export Address Table Filtering Plus (EAF+) issues with security updates for 64-bit Internet Explorer version 11, Adobe Reader, Adobe Flash, and Mozilla Firefox on Windows 7 and

Can I Use 2FA Overseas?

I want my email and the rest of my digital life to be secure, so I like the idea of two-factor authentication. The problem is I travel a lot. When I am in Europe or the US, I don’t use my Australian phone because I don’t want to pay for roaming, and because I may

Son of Stuxnet

The Digital Hunt for Duqu – a US-Israeli Spy Virus Bencsáth was a teacher, not a malware hunter, and had never done such forensic work before. At the CrySyS Lab, where he was one of four advisers working with a handful of grad students, he did academic research for the European Union and occasional hands-on consulting

Spies are now trolls

One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction. It’s time to tell a chunk of that story, complete with the relevant documents.

Tor – is it still secure?

Three weeks ago, a security researcher uncovered a Tor exit node that added malware to uncompressed Windows executables passing through it. Officials with the privacy service promptly shut down the Russia-based node, but according to new research, the group behind the node had likely been infecting files for more than a year by that time,

Spy Planes

A secret US spy program used fake mobile phone towers attached to aeroplanes to scan citizens’ mobile phones and collect their data, the Wall Street Journal reports. What the hell. The scheme, carried out by the Technical Operations Group of the US Marshals, uses devices known as “dirtboxes” to mimic powerful cell tower signs. These

Windows Phone security

Microsoft’s Windows Phone emerged only partially scathed from this year’s Mobile Pwn2Own hacking competition after a contestant failed to fully pierce its defenses. The Windows Phone attack came during day two of the mobile hacking contest. During day one, an iPhone 5S, Samsung Galaxy S5, LG Nexus 5, and Amazon Fire Phone were all fully

How are you encrypting your email?

Some ISPs are removing their customers’ email encryption in a practice that threatens their privacy of communications, claims digital civil liberties group the Electronic Frontier Foundation. Incidents in the US and Thailand over recent months have seen service providers intercepting their customers’ data to strip a security flag (called STARTTLS) from email traffic, the group

BadUSB

First, the good news: that unpatchable security flaw in USB devices first brought to light over the summer affects only about half of the things you plug into your USB port. The bad news is it’s nearly impossible to sort out the secure gadgets from the insecure ones without ripping open every last thumb drive.