Category: Bruce Schneier

Everyone Wants You To Have Security, But Not from Them 0

Everyone Wants You To Have Security, But Not from Them

In December, Google’s Executive Chairman Eric Schmidt was interviewed at the CATO Institute Surveillance Conference. One of the things he said, after talking about some of the security measures his company has put in place post-Snowden, was: “If you have important information, the safest place to keep it is in Google. And I can assure you that the safest place to not keep it is anywhere else.” The surprised me, because Google collects all of your information to show you more targeted advertising.

"Surreptitiously Weakening Cryptographic Systems" 0

"Surreptitiously Weakening Cryptographic Systems"

New paper: ” Surreptitiously Weakening Cryptographic Systems ,” by Bruce Schneier, Matthew Fredrikson, Tadayoshi Kohno, and Thomas Ristenpart. Abstract : Revelations over the past couple of years highlight the importance of understanding malicious and surreptitious weakening of cryptographic systems.

AT&T Charging Customers to Not Spy on Them 0

AT&T Charging Customers to Not Spy on Them

AT&T is charging a premium for gigabit Internet service without surveillance: The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program “works independently of your browser’s privacy settings regarding cookies, do-not-track and private browsing.” In other words, AT&T is performing deep packet inspection , a controversial practice through which internet service providers, by virtue of their privileged position, monitor all the internet traffic of their subscribers and collect data on the content of those communications. What if customers do not want to be spied on by their internet service providers? AT&T allows gigabit service subscribers to opt out — for a $29 fee per month.

Cell Phones Leak Location Information through Power Usage 0

Cell Phones Leak Location Information through Power Usage

New research on tracking the location of smart phone users by monitoring power consumption: PowerSpy takes advantage of the fact that a phone’s cellular transmissions use more power to reach a given cell tower the farther it travels from that tower, or when obstacles like buildings or mountains block its signal. That correlation between battery use and variables like environmental conditions and cell tower distance is strong enough that momentary power drains like a phone conversation or the use of another power-hungry app can be filtered out, Michalevsky says. One of the machine-learning tricks the researchers used to detect that “noise” is a focus on longer-term trends in the phone’s power use rather than those than last just a few seconds or minutes

NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys 0

NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys

The Intercept has an extraordinary story : the NSA and/or GCHQ hacked into the Dutch SIM card manufacturer Gemalto, stealing the encryption keys for billions of cell phones. People are still trying to figure out exactly what this means, but it seems to mean that the intelligence agencies have access to both voice and data from all phones using those cards. Me in The Register : “We always knew that they would occasionally steal SIM keys