Bad biometrics: Samsung’s new S10 phone
When biometrics work properly, they can provide you with an easy to use security solution with a reasonable level of…
Time to end the cloud-o-phobia
Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye…
Security risks from domain typo squatters
One of the ways that hackers get users to click on malicious links or believe false emails is to use…
Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000
If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into…
The war we try to ignore
As information security professionals, our goal is to protect information against attacks on confidentiality, integrity and availability. Today, I want…
Even with security flaws, you should be using a password manager
Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious…
Things to worry about in 2019
In this post, I wanted to take a break from telling you what *I* think the things that should keep…
Something’s not quite right…
Apparently, I am a man ahead of my time. While I have always sensed that there is something not quite…
What does your password say about you?
Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and…
E.U. software bug bounties for open source software 👍
Here is a great example of how international cooperation can make the Internet more secure for us all… the European…