Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Even more unwanted software protection via the Safe Browsing API

Google Online Security Blog: ” Deceptive software disguised as a useful download harms your web experience by making undesired changes to your computer. Safe Browsing offers protection from such unwanted software by showing a warning in Chrome before you download these programs. In February we started showing additional warnings in Chrome before you visit a site that encourages downloads of unwanted software. Today, we’re adding information about unwanted software to our Safe Browsing API. In addition to our constantly-updated malware and phishing data, our unwanted software data is now publicly available for developers to integrate into their own security measures. For example, any app that wants to save its users from winding up on sites that lead to deceptive software could use our API to do precisely that. We continue to integrate Safe Browsing technology across Google—in Chrome, Google Analytics, and more—to protect users. Our Safe Browsing API helps extend our malware, phishing, and unwanted software protection to keep more than 1.1 billion users safe online. Check out our updated API documentation here.”

The Emergence of Cybersecurity Law

Prepared for the Indiana University Maurer School of Law by Hanover Research | February 2015 “This paper examines cyberlaw as a growing field of legal practice and the roles that lawyers play in helping companies respond to cybersecurity threats. Drawing on interviews with lawyers, consultants, and academics knowledgeable in the intersection of law and cybersecurity,Continue Reading

Report – Largest global manufacturer of SIM cards hacked

The Intercept – Jeremy Scahill and Josh Begley – “American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security AgencyContinue Reading

Paper – The Quest to Replace Passwords

The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes, by Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, Frank Stajano. “We evaluate two decades of proposals to replace text passwords for general-purpose user authentication on the web using a broad set of twenty-five usability, deployability and security benefits that anContinue Reading

Hearing Before the Senate On Protecting America from Cyber Attacks: The Importance of Information Sharing

CDT – “Greg Nojeim’s testimony for the January 28th hearing before the Senate Homeland Security and Government Affairs Committee on Protecting America from Cyber Attacks. He will explain how Congress can embrace cybersecurity information sharing policies with appropriate authorities and safeguards that enhance both privacy and security, first describing the cybersecurity threat then identifying different approachesContinue Reading

Prying Eyes: Inside the NSA’s War on Internet Security

By SPIEGEL Staff: “…Software giant Microsoft, which acquired Skype in 2011, said in a statement: “We will not provide governments with direct or unfettered access to customer data or encryption keys.” The NSA had been monitoring Skype even before that, but since February 2011, the service has been under order from the secret US ForeignContinue Reading

Congress Tells DoD to Report on Leaks

Secrecy News – Steven Aftergood: For the next two years, Congress wants to receive quarterly reports from the Department of Defense on how the Pentagon is responding to leaks of classified information. The reporting requirement was included in the pending National Defense Authorization Act for FY 2015 (Sec. 1052). “Compromises of classified information cause indiscriminate andContinue Reading

Regin: Top-tier espionage tool enables stealthy surveillance

Symantec Security Response: ” An advanced spying tool, Regin displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and private individuals.  An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since atContinue Reading

Understand the Cost of Cyber Security Crime

HP Report – Cyber Crime Costs Continue to Grow: “Cyber crimes are growing more common, more costly, and taking longer to resolve. Those are among the findings of the fifth annualCost of Cyber Crime Study conducted by the respected Ponemon Institute on behalf of HP Enterprise Security. The 2014 global study of U.S.-based companies, which spannedContinue Reading

Security in the New Mobile Ecosystem – Report

“Ponemon Institute and Raytheon are pleased to present the findings of Security in the New Mobile Ecosystem (reg. req’d). The purpose of this research is to examine the impact of mobile devices, mobile apps and the mobile workforce (a.k.a. mobile ecosystem) on the overall security posture of organizations in the United States. Security is sacrificed for productivity.Continue Reading

Is Your Company Ready for a Big Data Breach?

The Second Annual Study on Data Breach Preparedness – Ponemon Institute© Research Report – Sponsored by Experian® Data Breach Resolution – Independently conducted by Ponemon Institute LLC. Publication Date: September 2014. “Data breaches are increasing in frequency. Forty-three percent of respondents say their companies had a data breach involving the loss or theft of more than 1,000 records, anContinue Reading

Taking Steps to Improve Federal Information Security

Beth Cobert, Deputy Director for Management at the Office of Management and Budget  “In a rapidly changing technological environment, we must have robust procedures, policies, and systems in place to protect our nation’s most sensitive information. Growing cybersecurity threats make it ever more important for the Federal government to maintain comprehensive information security controls to assessContinue Reading