SHB 2019 – Liveblog

I’ll be trying to liveblog the twelfth workshop on security and human behaviour at Harvard. I’m doing this remotely because of US visa issues, as I did for WEIS 2019 over the last couple of days. Ben Collier is attending as my proxy and we’re trying to build on the experience of telepresence reported here … Continue reading SHB 2019 – Liveblog

The lifetime of an Android API vulnerability

By Daniel Carter, Daniel Thomas, and Alastair Beresford Security updates are an important mechanism for protecting users and their devices from attack, and therefore it’s important vendors produce security updates, and that users apply them. Producing security updates is particularly difficult when more than one vendor needs to make changes in order to secure a … Continue reading The lifetime of an Android API vulnerability

Don’t blame Cambridge for Facebook’s privacy crisis

Mark Zuckerberg tried to blame Cambridge University in his recent testimony before the US Senate, saying “We do need to understand whether there was something bad going on in Cambridge University overall, that will require a stronger action from us.” The New Scientist invited me to write a rebuttal piece, and here it is. Dr … Continue reading Don’t blame Cambridge for Facebook’s privacy crisis

Crypto Wars 2.0

Today we unveil a major report on whether law enforcement and intelligence agencies should have exceptional access to cryptographic keys and to our computer and communications data generally. David Cameron has called for this, as have US law enforcement leaders such as FBI Director James Comey. This policy repeats a mistake of the 1990s. The … Continue reading Crypto Wars 2.0

Security and Human Behaviour 2014

I’m liveblogging the Workshop on Security and Human Behaviour which is being held here in Cambridge. The participants’ papers are here and the programme is here. For background, see the liveblogs for SHB 2008-13 which are linked here and here. Blog posts summarising the talks at the workshop sessions will appear as followups below, and … Continue reading Security and Human Behaviour 2014