These are the things I've written that are tagged "security"

GrayKey: The little box that unlocks iPhones

21 March 2018

Thomas Reed, for MalwareBytes: Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking […]

How Defective Guns Became the Only Product That Can’t Be Recalled

28 February 2018

An enraging story from Michael Smith and Polly Mosendz, for Bloomberg: Taurus sold almost a million handguns that can potentially fire without anyone pulling the trigger. The government won’t fix the problem. The NRA is silent. Gun manufacturers have long held an unassailable position in American business and politics. They need to be reminded that […]

KDE Bug Executes Arbitrary Code Based on Name of Thumb Drive

13 February 2018

This is one of the dumbest and most dangerous bugs I’ve ever heard of. From the KDE security list: When a vfat thumbdrive which contains “ or $() in its volume label is plugged and mounted trough the device notifier, it’s interpreted as a shell command, leaving a possibility of arbitrary commands execution. an example […]

Schneier on Security: Our Newfound Fear of Risk

03 September 2013

Bruce Schneier: We’re afraid of risk. It’s a normal part of life, but we’re increasingly unwilling to accept it at any level. So we turn to technology to protect us. The problem is that technological security measures aren’t free. They cost money, of course, but they cost other things as well. They often don’t provide […]

Stop Watching Us

11 June 2013

The revelations about the National Security Agency’s surveillance apparatus, if true, represent a stunning abuse of our basic rights. We demand the U.S. Congress reveal the full extent of the NSA’s spying programs. Sign the letter to congress, follow them on Twitter.

Does Airport Security Really Make Us Safer?

22 December 2011

Vanity Fair says no: As you stand in endless lines this holiday season, here’s a comforting thought: all those security measures accomplish nothing, at enormous cost. That’s the conclusion of Charles C. Mann, who put the T.S.A. to the test with the help of one of America’s top security experts. Experts like Bruce Schneier have […]

TextSecure

20 December 2011

Sounds good: TextSecure is a replacement for the standard text messaging application, allowing you to send and receive text messages as normal. Why isn’t this built-in to Android? or iOS for that matter? or everything?

The Pitfalls of Facebook’s “Social Authentication”

27 January 2011

Dan Wineman shoves a hot poker up the ass of Facebook’s “social authentication”: Captchas don’t verify identity. “Social authentication” challenges based on public information — especially information that the service itself provides, for free, to anyone who asks — don’t do that either. The problem with “social authentication” is that second word, there. Facebook’s calling […]

A Waste of Money and Time

29 November 2010

Security professional Bruce Schneier on what really makes plane travel safer, and the difference between theater and reality: Of course not. Airport security is the last line of defense, and it’s not a very good one. What works is investigation and intelligence: security that works regardless of the terrorist tactic or target. Yes, the target […]

BlackSheep, the Firesheep countermeasure tool

08 November 2010

Like the thing it acts against, it is a Firefox plugin. Were Firesheep a serious malicious tool, the race between BlackSheep countermeasures and Firesheep countercountermeasures would be endless, and Firesheep would always “win”. You can’t develop countermeasures until an attack has been successful. This was and is the message of Firesheep to begin with: The […]

Hello There

My name is Phil Nelson and I make beautiful things for a troubled world. I'm a designer / developer / writer / director / editor / narrator at Occipital.

Stuff I Make

More To See and Read

Browse the Archives

Hey. What're you doing all the way down here? You get lost? Just looking around? Cool. I like you.