Tagged: bruce schneier

SS7 Vulnerabilities 0

SS7 Vulnerabilities

There are security vulnerability in the phone-call routing protocol called SS7. The flaws discovered by the German researchers are actually functions built into SS7 for other purposes — such as keeping calls connected as users speed down highways, switching from cell tower to cell tower — that hackers can repurpose for surveillance because of the lax security on the network. Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption.

ISIS Cyberattacks 0

ISIS Cyberattacks

Citizen Lab has a new report on a probable ISIS-launched cyberattack: This report describes a malware attack with circumstantial links to the Islamic State in Iraq and Syria.

The Limits of Police Subterfuge 0

The Limits of Police Subterfuge

“The next time you call for assistance because the Internet service in your home is not working, the ‘technician’ who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and — ­when he shows up at your door, impersonating a technician­ — let him in.

Fake Cell Towers Found in Norway 0

Fake Cell Towers Found in Norway

In yet another example of what happens when you build an insecure communications infrastructure, fake cell phone towers have been found in Oslo. No one knows who has been using them to eavesdrop. This is happening in the US , too.

Over 700 Million People Taking Steps to Avoid NSA Surveillance 0

Over 700 Million People Taking Steps to Avoid NSA Surveillance

There’s a new international survey on Internet security and trust, of “23,376 Internet users in 24 countries,” including “Australia, Brazil, Canada, China, Egypt, France, Germany, Great Britain, Hong Kong, India, Indonesia, Italy, Japan, Kenya, Mexico, Nigeria, Pakistan, Poland, South Africa, South Korea, Sweden, Tunisia, Turkey and the United States.” Amongst the findings , 60% of Internet users have heard of Edward Snowden, and 39% of those “have taken steps to protect their online privacy and security as a result of his revelations.” The press is mostly spinning this as evidence that Snowden has not had an effect: ” merely 39% ,” ” only 39% ,” and so on. (Note that these articles are completely misunderstanding the data

Not Enough CISOs to Go Around 0

Not Enough CISOs to Go Around

This article is reporting that the demand for Chief Information Security Officers far exceeds supply: Sony and every other company that realizes the need for a strong, senior-level security officer are scrambling to find talent, said Kris Lovejoy, general manager of IBM’s security service and former IBM chief security officer. CISOs are “almost impossible to find these days,” she said. “It’s a bit like musical chairs; there’s a finite number of CISOs and they tend to go from job to job in similar industries.” I’m not surprised, really