Tagged: schneier on security

RFID-Shielded, Ultra-Strong Duffel Bags 0

RFID-Shielded, Ultra-Strong Duffel Bags

They’re for carrying cash through dangerous territory: SDR Traveller caters to people who, for one reason or another, need to haul huge amounts of cash money through dangerous territory. The bags are made from a super strong, super light synthetic material designed for yacht sails, are RFID-shielded, and are rated by how much cash in US$100 bills each can carry….

Paris Terrorists Use Double ROT-13 Encryption 0

Paris Terrorists Use Double ROT-13 Encryption

That is, no encryption at all. The Intercept has the story: “Yet news emerging from Paris — as well as evidence from a Belgian ISIS raid in January — suggests that the ISIS terror networks involved were communicating in the clear, and that the data on their smartphones was not encrypted.

Ads Surreptitiously Using Sound to Communicate Across Devices 0

Ads Surreptitiously Using Sound to Communicate Across Devices

This is creepy and disturbing: Privacy advocates are warning federal authorities of a new threat that uses inaudible, high-frequency sounds to surreptitiously track a person’s online behavior across a range of devices, including phones, TVs, tablets, and computers. The ultrasonic pitches are embedded into TV commercials or are played when a user encounters an ad displayed in a computer browser. While the sound can’t be heard by the human ear, nearby tablets and smartphones can detect it.



I have avoided writing about the Cybersecurity Information Sharing Act (CISA), largely because the details kept changing. (For those not following closely, similar bills were passed by both the House and the Senate. They’re now being combined into a single bill which will be voted on again, and then almost certainly signed into law by President Obama.) Now that it’s pretty solid, I find that I don’t have to write anything, because Danny Weitzner did such a good job , writing about how the bill encourages companies to share personal information with the government, allows them to take some offensive measures against attackers (or innocents, if they get it wrong), waives privacy protections, and gives companies immunity from prosecution