Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In…
Colorado Passes Consumer Privacy Law
First California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws.Read more: schneier.com
Security and Human Behavior (SHB) 2021
Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but we’re all on Zoom. SHB is a small, annual, invitational workshop of people…
TikTok Can Now Collect Biometric Data
This is probably worth paying attention to: A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its…
Banning Surveillance-Based Advertising
The Norwegian Consumer Council just published a fantastic new report: “Time to Ban Surveillance-Based Advertising.” From the Introduction: The challenges caused and entrenched by surveillance-based advertising include, but are not limited to: privacy and data…
Apple Censorship and Surveillance in China
Good investigative reporting on how Apple is participating in and assisting with Chinese censorship and surveillance.Read more: schneier.com
Organisations are struggling to monitor remote employees
I don’t think any of us would have thought in March 2020 that remote working would be as popular as it has become. The scepticism perhaps came from the hurriedness with which the measures were…
Virginia Data Privacy Law
Virginia is about to get a data privacy law, modeled on California’s law.Read more: schneier.com
Security Analysis of Apple’s “Find My…” Protocol
Interesting research: “Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System“: Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world’s largest crowd-sourced location tracking network called offline…