Device Code Phishing
February 19 2025This isn’t new, but it’s increasingly popular:
The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide
Read more
This isn’t new, but it’s increasingly popular:
The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide
Read more
Ben Rothke relates a story about me working with a medical device firm back when I was with BT. I don’t remember the story at all, or who the...
Read moreThe EFF has released its Atlas of Surveillance, which documents police surveillance technology across the US.
Read moreThe Vanderbilt University Medical Center has a pediatric care dog named “Squid.” Blog moderation policy.
Read moreThis is a current list of where and when I am scheduled to speak: I’m speaking at Boskone 62 in Boston, Massachusetts, USA, which runs from February 14-16, 2025. My...
Read moreDonald Trump and Elon Musk’s chaotic approach to reform is upending government operations. Critical functions have been halted, tens of thousands of federal staffers are being encouraged to...
Read moreIn the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act...
Read moreHere’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software...
Read moreReally good—and detailed—survey of Trusted Execution Environments (TEEs.)
Read moreHere’s an easy system for two humans to remotely authenticate to each other, so they can be sure that neither are digital impersonations.
To mitigate that risk, I have...
Read more
Recent Comments