Category : Schneier on Security

Security / Schneier on Security - 1 day ago

Reforming CDA 230

There's a serious debate on reforming Section 230 of the Communications Decency Act. I am in the process of figuring out what I believe, and this is more a place to put resources and listen to people's comments. The EFF has written extensively on wh...

Security / Schneier on Security - 5 days ago

Andy Ellis on Risk Assessment

Andy Ellis, the CSO of Akamai, gave a great talk about the psychology of risk at the Business of Software conference this year. I've written about this before. One quote of mine: "The problem is our brains are intuitively suited to the sorts of ri...

Security / Schneier on Security - 6 days ago

Election Machine Insecurity Story

Interesting story of a flawed computer voting machine and a paper ballot available for recount. All ended well, but only because of that paper backup. Vote totals in a Northampton County judge's race showed one candidate, Abe Kassis, a Democrat, had...

Security / Schneier on Security - 1 week ago

RSA-240 Factored

This just in: We are pleased to announce the factorization of RSA-240, from RSA's challenge list, and the computation of a discrete logarithm of the same size (795 bits): RSA-240 = 1246203667817187840658350446081065904348203746516788057548187888832...

Security / Schneier on Security - 1 week ago

The Story of Tiversa

The New Yorker has published the long and interesting story of the cybersecurity firm Tiversa. Watching "60 Minutes," Boback saw a remarkable new business angle. Here was a multibillion-dollar industry with a near-existential problem and no clear so...

Security / Schneier on Security - 2 weeks ago

The NSA Warns of TLS Inspection

The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows enterprises to decrypt traffic, inspect the decrypt...