industry

Fingerprint Login and Authentication

With Apple’s introduction of Touch ID for the new iPhone 5S, there’s been a lot of news coverage of their new fingerprint-based unlock system. People want to know: is it secure? Can someone bypass it? But the thing about fingerprints is that they’ve been easy to bypass for more than 20 years.

authentication, hardware, industry, risk

BlackHat USA 2012

This year I’ve decided to make a departure from the talk-by-talk trip reports I’ve done in the past. Most of the interesting presentations are already online (the whitepapers and slide decks, at least) and I’ll link to them here, but overall this was a very interesting year in information security and I think the gestalt and the keynotes are more important than the specific exploits demonstrated.

attacks, crypto, industry, networks, privacy, products, society

DefCon 19, Day 2

My experiences attending DefCon 19.

attacks, industry, networks, products, risk

DefCon 19, Day 1

Having finished with BlackHat, I checked out of the Flamingo and moved to DefCon’s new location this year, the Rio. This was an enormous upgrade from the Riviera, the previous location. For one, the conference center is nearly 50% bigger, and it’s beautiful. Traffic flow was greatly improved, despite record attendance (~12,000, from estimates I’ve […]

industry, physical security, privacy, risk, society, statistics, terrorism

BlackHat USA 2011, Day 2

The second day of BlackHat started out with a keynote by Mudge. I attended this one despite the normally-dull nature of BlackHat keynotes, because while Mudge is a Fed now (he works for DARPA), he has a long history as a contributor to hacker culture and I wanted to hear what he had to say. […]

attacks, crypto, industry, risk, society