Advanced persistent cybersecurity
Saturday, July 08, 2017
Burner laptops for DEF CON
Hacker summer camp (Defcon, Blackhat, BSidesLV) is upon us, so I thought I'd write up some quick notes about bringing a "burner&quo...
Saturday, July 01, 2017
Yet more reasons to disagree with experts on nPetya
In WW II, they looked at planes returning from bombing missions that were shot full of holes. Their natural conclusion was to add more arm...
Thursday, June 29, 2017
NonPetya: no evidence it was a "smokescreen"
Many well-regarded experts claim that the not-Petya ransomware wasn't "ransomware" at all, but a "wiper" whose goal ...
Saturday, June 24, 2017
A kindly lesson for you non-techies about encryption
The following tweets need to be debunked: The answer to John Schindler's question is: every expert in cryptography doesn't k...
Wednesday, June 14, 2017
Notes on open-sourcing abandoned code
Some people want a law that compels companies to release their source code for "abandoned software", in the name of cybersecurity...
Tuesday, June 06, 2017
What about other leaked printed documents?
So nat-sec pundit/expert Marci Wheeler ( @emptywheel ) asks about those DIOG docs leaked last year. They were leaked in printed form, then s...
Monday, June 05, 2017
How The Intercept Outed Reality Winner
Today, The Intercept released documents on election tampering from an NSA leaker. Later, the arrest warrant request for an NSA contractor ...
Some non-lessons from WannaCry
This piece by Bruce Schneier needs debunking. I thought I'd list the things wrong with it.
View web version