The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

The point of sales (POS) breaches at Hilton, and Starwood before that, suggest that a group of hackers is specifically targeting hotels, probably because most travelers have above average income. It should also make us brace for a likely wave of further POS breaches in many other businesses during the holiday shopping season. It really […]


The Ashley Madison hack is putting many at risk, but there are several things we can learn from it.


India recently announced that all ISPs in the country will be required to block a list of over 800 websites. They claim all of these were for pornography or child pornography, but it turns out that was not the case for all of them. In the face of a massive backlash, the telecom ministry first […]

· ·

The Hola peer to peer VPN service suffered a number of very damaging security revelations today including exploit vulnerabilities, exposed administrative tools, & broken architecture impacting 45 million active users of the service.

· · · · ·

What Hand Sanitizer Can Teach Us About Cybersecurity – Lessons learned while trying to stay healthy while walking around the RSA security conference.

· · · · · ·

Google warns of unauthorized TLS certificates trusted by almost all OSes Ars Technica “In the latest security lapse involving the Internet’s widely used encryption system, Google said unauthorized digital certificates have been issued for several of its domains and warned misissued credentials may be impersonating other unnamed sites as well.”

· · reports that ISPs in the Netherlands will no longer be required to retain data for law enforcement. Since 2009, national laws have required keeping records on the activities of all users for a period of one year. In 2014 the EU determined that such mass storage was a violation of fundamental privacy rights. This court […]


SuperFish bloatware on Lenovo exposes users to trivial man in the middle attacks by anyone.




Snipers at the Watering Hole

New targeted web based attacks are like a poacher with a sniper rifle at a watering hole. Anonymity is the key to security against this.

· · · · · · ·

“HONG KONG — The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ […]

· ·

<< Latest posts

Older posts >>