Data Safety and Information Security

Tips, Tools and How-tos for Safer Online Communications

This is from an email thread on the topic of digital identity, which is the twice-yearly subject* of the Internet Identity Workshop, the most leveraged conference I know. It begins with a distincti…

I'm fairly certain that what I write here won't change the minds that need changing. But I feel like I need to make a statement anyway: your vote is secure.

This document is primarily intended for Firefox Enterprise users. Making sure the domains listed in this article are allowed by your firewall or other software ensures that Firefox works correctly.

New details emerge of Israel’s elaborate plan to sabotage Hezbollah communications devices to kill or maim thousands of its operatives.

The Washington Post has a long and detailed story about the operation that’s well worth reading (alternate version here). The sales pitch came from a marketing official trusted by Hezbollah w…

Discover how this offline random number generator uses simple physics to create secure cryptocurrency keys and clinical trial data.

Ransomware attacks have had devastating impact in recent years. IT managers are now using Zero Trust Network Access to combat these attacks.

It's About Training

The ability to remain installed and undetected makes Perfctl hard to fight.

Alethe Denis exposes tricks that made you fall for that return-to-office survey

How many times do you pull out your driver’s license a week? Maybe two to four times to purchase age restricted items, pick up prescriptions, or go to a bar. If you get a mobile driver’s license (mDL) or other forms of digital identification (ID) being offered in Google and Apple wallets, you may...

HP has detected an email campaign comprising a standard malware payload delivered by an AI-generated dropper.

In a contest of Pi-Hole vs. AdGuard, AdGuard wins with network-wide ad blocking. Read on to learn all the reasons I made the switch.

Cheatsheet for interacting with a postgres database inside a docker container

GreyNoise warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms.

A new Federal Trade Commission staff report that examines the data collection and use practices of major social media and video streaming services shows they engaged in vast surveillance of consume

Performance Co-Pilot (PCP) is a system for collecting system performance data and sharing it over the network. We performed a review of its main networking daemon component pmcd, which resulted in the finding of two CVEs and a couple of other noticeable aspects.

Please be on the alert for: Spam that includes your name, address, phone number and other personal details. Phone calls that are from human-sounding bots that pretend to be from friends or trusted …

Attacking APIs is easy, if you know what to look for, according to professional API hacker Katie Paxton-Fear. She shared how she does it.

We have a little problem on the web right now and I can only see this becoming a larger concern as time goes by. More and more sites are obtaining certificates, vitally important documents that we need to deploy HTTPS, but we have no way of protecting ourselves when things

Until we value freedom and independence in the digital world, we will yield up control of our digital lives to others who will act in their own interests, not ours.

.mobi top-level-domain managers changed the location of its WHOIS server. No one got the memo.

Sophisticated attack breaks security assurances of the most popular FIDO key.

The 1st Line Of Defense

What is Fingerprint Browser Bot Detection? Fingerprint Browser Bot Detection is a Smart Signal that detects automated activity on your website. It analyses a variety of browser attributes and gives you a bot detection signal with one of three values: Good bot - usually a bot that belongs to a well-k...