recentpopularlog in

jerryking : hacking   9

Listening In: cyber security in an insecure age, by Susan Landau
April 8, 2018 | Financial Times | Kadhim Shubber 10 HOURS AG

Review of [Listening In: cyber security in an insecure age, by Susan Landau, Yale University Press, $25]

....so Landau’s latest work leaves the reader wishing for a deeper reckoning with these complex issues.

Landau is a respected expert in cryptography and computer security, with a long career both studying and working in the field. She was an engineer at Sun Microsystems for over a decade and is currently a professor in cyber security at Tufts University. Her clean, knowledgeable writing reflects the depth of her expertise — with just a trace of jargon at times — as she traces the tug of war that has played out between law enforcement and cryptographers in recent decades.....Landau persuasively argues that the increasingly digital and interconnected society and economy we inhabit creates vulnerabilities that we ignore at our peril.......Landau is an advocate for strong computer security, and uses this book to reject calls for “back doors” that would allow law enforcement access to encrypted hardware, like iPhones, or messaging apps, such as WhatsApp. But she also encourages governments to become better at proactive “front door” hacking. In the process, she warns, they should not rush to disclose security weaknesses they discover, which inevitably leaves them open for others to exploit......Yet we have seen that the government’s toolbox can also fall into the wrong hands. In 2016 and 2017, a powerful set of hacking tools built by the NSA were leaked by hackers.
Apple  back_doors  books  book_reviews  cryptography  cyber_security  FBI  hacking  nonfiction  Stuxnet  Tim_Cook  vulnerabilities 
april 2018 by jerryking
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
NOV. 12, 2017 | The New York Times | By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
adversaries  data_breaches  hacking  vulnerabilities  counterintelligence  counterespionage  moles  malware  ransomware  Fedex  Mondelez  Edward_Snowden  security_&_intelligence  Russia  Leon_Panetta  NSA  cyber_security  cyber_warfare  cyberweapons  tools  David_Sanger  SecDef  CIA 
november 2017 by jerryking
Law firms will pay price for failure to hold off hackers | Evernote Web
31 December/1 January 2017 | Financial Times | Brooke Masters.

"This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: You are and will be targets of cyber hacking, because you have information available to would-be criminals," Bharara said in a statement....Other professional services firms should take note. This is not the first time the industry has been hit by hackers who specialise in what is becoming known as "outsider trading"....Accounting firms that provide tax advice on mergers, boutique advisory forms, and consultants who weigh in on synergies and downsizing plans are almost certainly on the criminals' hit list....Professional service firms will not be so lucky. Banks and companies pay extremely high prices for outside advice. They expect professionalism and confidentiality in return. Getting hacked by a bunch of Chinese traders is hardly a strong recommendation of either.
Big_Law  Chinese  confidentiality  cyber_security  cyberattacks  hackers  hacking  law_firms  M&A  malware  mergers_&_acquisitions  Preet_Bharara  professional_service_firms  SEC  security_consciousness  securities_fraud  traders 
january 2017 by jerryking
What Can the Next President Do About Russia? - WSJ
By ROBERT D. KAPLAN
Updated Oct. 16, 2016

Of the two great autocratic powers in Eurasia, Russia is emerging as a greater short-term threat than China. The Chinese hope to gradually dominate the waters off the Asian mainland without getting into a shooting war with the U.S. Yet while Beijing’s aggression is cool, Moscow’s is hot....Russia’s economic situation is much worse than China’s, and so the incentive of its leaders to dial up nationalism is that much greater. But the larger factor, one that Western elites have trouble understanding, cannot be quantified: A deeply embedded sense of historical insecurity makes Russian aggression crude, brazen, bloodthirsty and risk-prone. ....How does the U.S. build leverage on the ground, from the Baltic Sea to the Syrian desert, that puts America in a position where negotiations with Russia can make a strategic difference?....

For without the proper geopolitical context, the secretary of state is a missionary, not a diplomat. ...In the cyber domain the U.S. has not sufficiently drawn red lines. What kind of Russian hacking will result in either a proportionate, or even disproportionate, punitive response? The Obama administration seems to be proceeding ad hoc, as it has done with Russia policy in general. The next administration, along with projecting military force throughout the Russian near abroad, will have to project force in cyberspace, too.
Russia  Vladimir_Putin  Robert_Kaplan  threats  deterrence  nationalism  Baltics  NATO  U.S.foreign_policy  leverage  geopolitics  log_rolling  diplomacy  realism  balance_of_power  realpolitik  cyber_warfare  autocracies  insecurity  hacking  maritime  punitive  retribution  retaliation  South_China_Sea  ad_hoc  red_lines  China  autocrats 
october 2016 by jerryking
Why Putin would be behind the DNC computer hacking - The Globe and Mail
PATRICK MARTIN
The Globe and Mail
Published Saturday, Jul. 30, 2016

U.S. security experts have concluded with near certainty that it was two groups of hackers known in the cyberworld as Fancy Bear and Cozy Bear that penetrated the computer network of the Democratic National Committee several months ago and copied thousands of e-mails and other documents. These hackers, they say, can be traced to two of Russia’s security services: the GRU, run by Russia’s military, and the FSB, the main successor to the notorious KGB.

These operations would not have been conducted without the knowledge of Russian President Vladimir Putin, the one-time head of the FSB.

Such espionage is not totally unexpected, says David Kramer of Washington’s McCain Institute, a security-oriented “do tank” (as opposed to think tank). However, “weaponizing” the operation by releasing many of the documents through the whistle-blower website WikiLeaks, is “unprecedented,” he said.
Russia  U.S.  Donald_Trump  Hillary_Clinton  information_warfare  Vladimir_Putin  Campaign_2016  Patrick_Martin  hacking  data_breaches  cyber_security  hackers  WikiLeaks  security_&_intelligence  FSB  GRU  DNC  espionage 
july 2016 by jerryking
F.B.I. Director Suggests Bill for iPhone Hacking Topped $1.3 Million - The New York Times
APRIL 21, 2016 | NYT | By ERIC LICHTBLAU and KATIE BENNER

The F.B.I. declined to confirm or deny Thursday whether the bureau had in fact paid at least $1.3 million for the hacking, and it declined to elaborate on Mr. Comey’s suggestive remarks.

But that price tag, if confirmed, appears in line with what other companies have offered for identifying iOS vulnerabilities.

Zerodium, a security firm in Washington that collects and then sells such bugs, said last fall that it would pay $1 million for weaknesses in Apple’s iOS 9 operating system. Hackers eventually claimed that bounty. The iPhone used by the San Bernardino gunman ran iOS 9.

“A number of factors go into pricing these bounties,” said Alex Rice, the co-founder of the security start-up HackerOne CTO, who also started Facebook’s bug bounty program. Mr. Rice said that the highest premiums were paid when the buyer didn’t intend to disclose the flaw to a party that could fix it.
bounties  FBI  hacking  encryption  James_Comey  iPhone  cyber_security  Apple  hackers  software_bugs  vulnerabilities  cryptography  exploits 
april 2016 by jerryking
Stop Asking Me for My Email Address - NYTimes.com
January 10, 2014, 6:02 pm 192 Comments
Stop Asking Me for My Email Address
By NICOLE PERLROTH
privacy  cyber_security  hacking  passwords 
january 2014 by jerryking

Copy this bookmark:





to read