A Cybersecurity Merit Badge
October 21 2025Scouting America (formerly known as Boy Scouts) has a new badge in cybersecurity. There’s an image in the article; it looks good. I want one.
Read moreApple’s New Memory Integrity Enforcement
September 23 2025Apple has introduced a new hardware/software security feature in the iPhone 17: “Memory Integrity Enforcement,” targeting the memory safety vulnerabilities that spyware products like Pegasus tend to use...
Read moreI’m Spending the Year at the Munk School
August 23 2025This academic year, I am taking a sabbatical from the Kennedy School and Harvard University. (It’s not a real sabbatical—I’m just an adjunct—but it’s the same idea.) I will...
Read moreAI Applications in Cybersecurity
August 14 2025There is a really great series of online events highlighting cool uses of AI in cybersecurity, titled Prompt||GTFO. Videos from the first three events are online. And here’s where...
Read moreWhite House Bans WhatsApp
June 26 2025Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk to users due...
Read moreGoogle’s Advanced Protection Now on Android
May 14 2025Google has extended its Advanced Protection features to Android devices. It’s not for everybody, but something to be considered by high-risk users. Wired article, behind a paywall.
Read moreAndroid Improves Its Security
April 23 2025Android phones will soon reboot themselves after sitting idle for three days. iPhones have had this feature for a while; it’s nice to see Google add it to their...
Read moreCVE Program Almost Unfunded
April 16 2025Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled, as the US Department of Homeland Security failed to renew the...
Read moreArguing Against CALEA
April 8 2025At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated...
Read moreRational Astrologies and Security
April 2 2025John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“:
There is another non-security way that designers can spend their security budget:...
Read more
Recent Comments