New paper: “Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys“:
Abstract: Incident Response (IR) allows victim firms to detect, contain, and recover from security...
Read more
Snowden Ten Years Later
June 6 2023In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as...
Read moreThe Software-Defined Car
June 5 2023Developers are starting to talk about the software-defined car.
For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module...
Read more
Friday Squid Blogging: Squid Chromolithographs
June 3 2023Beautiful illustrations. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. EDITED TO...
Read moreOpen-Source LLMs
June 2 2023In February, Meta released its large language model: LLaMA. Unlike OpenAI and its ChatGPT, Meta didn’t just give the world a chat window to play with. Instead, it released...
Read moreOn the Catastrophic Risk of AI
June 1 2023Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety:
Mitigating the risk of extinction from AI should be a global...
Read more
Chinese Hacking of US Critical Infrastructure
May 31 2023Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks...
Read moreBrute-Forcing a Fingerprint Reader
May 30 2023It’s neither hard nor expensive:
Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using...
Read more
Friday Squid Blogging: Online Cephalopod Course
May 27 2023Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security...
Read more
Recent Comments