Friday Squid Blogging: Space Kraken

A Lego model of a giant space kraken destroying a Destroyer from Star Wars.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on September 23, 2016 at 4:14 PM114 Comments

Tesla Model S Hack

Impressive remote hack of the Tesla Model S.

Details. Video.

The vulnerability has been fixed.

Remember, a modern car isn't an automobile with a computer in it. It's a computer with four wheels and an engine. Actually, it's a distributed 20-400-computer system with four wheels and an engine.

Posted on September 21, 2016 at 7:33 AM40 Comments

More on the Equities Debate

This is an interesting back-and-forth: initial post by Dave Aitel and Matt Tait, a reply by Mailyn Filder, a short reply by Aitel, and a reply to the reply by Filder.

Posted on September 20, 2016 at 7:34 AM5 Comments

Friday Squid Blogging: Giant Squid on Japanese Television

I got this video from PZ Myers's blog. I know absolutely nothing about it.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on September 16, 2016 at 4:11 PM181 Comments

Hacking Bridge-Hand Generation Software

Interesting:

Roughly three weeks later, there is a operation program available to crack ACBL hand records.

  • Given three consecutive boards, all the remaining boards for that session can be determined.
  • The program can be easily parallelized. This analysis can be finished while sessions are still running

this would permit the following type of attack:

  • A confederate watch boards 1-3 of the USBF team trials on vugraph
  • The confederate uses Amazon web services to crack all the rest of the boards for that session
  • The confederate texts the hands to a players smart phone
  • The player hits the head, whips out his smart phone, and ...

Posted on September 16, 2016 at 12:12 PM10 Comments

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient, an IBM Company.