The Ambassador

The Ambassador is both warrior and diplomat. He listens to the words of those who deserve influence and guides those in his care as he guides himself. He acts not selfishly but for the betterment of all.

The Security of al Qaeda Encryption Software

The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures. NPR picked up the story a week later. Former NSA Chief Council Stewart Baker uses this as evidence that Snowden has harmed America. Glenn Greenwald calls this "CIA talking points" and shows that al Qaeda...


QUANTUM Technology Sold by Cyberweapons Arms Manufacturers

Last October, I broke the story about the NSA's top secret program to inject packets into the Internet backbone: QUANTUM. Specifically, I wrote about how QUANTUMINSERT injects packets into existing Internet connections to redirect a user to an NSA web server codenamed FOXACID to infect the user's computer. Since then, we've learned a lot more about how QUANTUM works, and...


NSA/GCHQ/CSEC Infecting Innocent Computers Worldwide

There's a new story on the c't magazin website about a 5-Eyes program to infect computers around the world for use as launching pads for attacks. These are not target computers; these are innocent third parties. The article actually talks about several government programs. HACIENDA is a GCHQ program to port-scan entire countries, looking for vulnerable computers to attack. According...


Friday Squid Blogging: Te Papa Museum Gets a Second Colossal Squid

That's two more than I have. They're hoping it's a male. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....


Reverse-Engineering NSA Malware

Interesting articles reverse-engineering DEITYBOUNCE and BULLDOZER....


New Snowden Interview in Wired

There's a new article on Edward Snowden in Wired. It's written by longtime NSA watcher James Bamford, who interviewed Snowden in Moscow. There's lots of interesting stuff in the article, but I want to highlight two new revelations. One is that the NSA was responsible for a 2012 Internet blackout in Syria: One day an intelligence officer told him that...


Security as Interface Guarantees

This is a smart and interesting blog post: I prefer to think of security as a class of interface guarantee. In particular, security guarantees are a kind of correctness guarantee. At every interface of every kind ­ user interface, programming language syntax and semantics, in-process APIs, kernel APIs, RPC and network protocols, ceremonies ­-- explicit and implicit design guarantees (promises,...


Automatic Scanning for Highly Stressed Individuals

This borders on ridiculous: Chinese scientists are developing a mini-camera to scan crowds for highly stressed individuals, offering law-enforcement officers a potential tool to spot would-be suicide bombers. [...] "They all looked and behaved as ordinary people but their level of mental stress must have been extremely high before they launched their attacks. Our technology can detect such people, so...


Irrational Fear of Risks Against Our Children

There's a horrible story of a South Carolina mother arrested for letting her 9-year-old daughter play alone at a park while she was at work. The article linked to another article about a woman convicted of "contributing to the delinquency of a minor" for leaving her 4-year-old son in the car for a few minutes. That article contains some excellent...


Friday Squid Blogging: Squid Proteins and the Brain-Computer Interface

There's a protein in squid that might be useful in getting biological circuits to talk to computer circuits. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....