I like this essay because it nicely illustrates the security mindset....

It was written in 1971, but this still seems like a cool book: For an elementary illustration of tactics, take parts of your face as the point of reference; your eyes, your ears, and your nose. First the eyes: if you have organized a vast, mass-based people's organization, you can parade it visibly before the enemy and openly show your...

Need some pre-industrial security for your USB drive? How about a wax seal? Neat, but I recommend combining it with encryption for even more security!...

According to a report from the DHS Office of Inspector General: Federal investigators "identified vulnerabilities in the screening process" at domestic airports using so-called "full body scanners," according to a classified internal Department of Homeland Security report. EPIC obtained an unclassified version of the report in a FOIA response. Here's the summary....

To New Zealand: United States Secretary of Homeland Security Janet Napolitano has warned the New Zealand Government about the latest terrorist threat known as "body bombers." [...] "Do we have specific credible evidence of a [body bomb] threat today? I would not say that we do, however, the importance is that we all lean forward." Why the headline of this...

Why do otherwise rational people think it's a good idea to profile people at airports? Recently, neuroscientist and best-selling author Sam Harris related a story of an elderly couple being given the twice-over by the TSA, pointed out how these two were obviously not a threat, and recommended that the TSA focus on the actual threat: "Muslims, or anyone who...

Kraken: The Curious, Exciting, and Slightly Disturbing Science of Squid. And a review. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

MobileScope looks like a great tool for monitoring and controlling what information third parties get from your smart phone apps: We built MobileScope as a proof-of-concept tool that automates much of what we were doing manually; monitoring mobile devices for surprising traffic and highlighting potentially privacy-revealing flows [...] Unlike PCs, we have little control over the underlying privacy and security...

Funny....

All RuggedCom equipment comes with a built-in backdoor: The backdoor, which cannot be disabled, is found in all versions of the Rugged Operating System made by RuggedCom, according to independent researcher Justin W. Clarke, who works in the energy sector. The login credentials for the backdoor include a static username, "factory," that was assigned by the vendor and can't be...