Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which…
Google Responds to Warrants for “About” Searches
One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal search would be on a name, or…
The NSA is Refusing to Disclose its Policy…
Senator Ron Wyden asked, and the NSA didn’t answer: The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures…
NSA Advisory on Chinese Government Hacking
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese…
Former NSA Director Keith Alexander Joins Amazon’s Board…
This sounds like a bad idea.Read more: schneier.com
NSA on Securing VPNs
The NSA's Central Security Service -- that's the part that's supposed to work on defense -- has released two documents (a full and an abridged version) on securing virtual private networks. Some of it is…
Drovorub Malware
The NSA and FBI have jointly disclosed Drovorub, a Russian malware suite that targets Linux. Detailed advisory. Fact sheet. News articles. Reddit thread.Read more: schneier.com
Bart Gellman on Snowden
Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in…
Securing Internet Videoconferencing Apps: Zoom and Others
The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It…