Sun Shooting →
Andrea Peterson, writing at The Washington Post, reports on the increased education and utility of celestial navigation (as opposed to Computational and GPS navigation). Fascinating.
Steering a ship by the stars fell out of favor with the rise of radio wave and GPS navigation. In fact, the U.S. Naval Academy stopped teaching the skill nearly 20 years ago. But now this ancient navigation is making a comeback at the Annapolis school, thanks to cybersecurity fears, according to the Capital Gazette.
"We went away from celestial navigation because computers are great," Lt. Cmdr. Ryan Rogers, the deputy chairman of the academy's Department of Seamanship and Navigation, told the Gazette. "The problem is, there's no backup." - via Andrea Peterson reporting at The Washington Post
Prevent HSTS Tracking →
The eponymous Martin Brinkmann, writing at his gHacks site, details the method used to disable the HTTP Strict Transport Security tracking 'feature' in browsers (specifically, in this case, within Mozilla's Firefox browser. Outstanding.
LE Seeking DNA
Kashmir Hill, writing for Fusion, reports on law enforcement efforts to garner DNA records from private sector commercial entities (read - Ancestry and 23andMe). Outstanding reportage kudos to Ms. Hill, and Hat Tip to T. Blalock.
Sunday Security Maxim
Just Walk It Off Maxim: Most organizations will become so focused on prevention (which is very difficult at best), that they fail to adequately plan for mitigating attacks, and for recovering when attacks occur. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
Buffett’s Maxim: You should only use security hardware, software, and strategies you understand. Comment: This is analogous to Warren Buffett’s advice on how to invest, but it applies equally well to security. While it’s little more than common sense, this advice is routinely ignored by security managers. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
No Mandatory Decrypt... For Now →
Interesting source this time, coming from Roger Fingas, writing for Apple Insider, detailing the current Lame-Duck Administrations' decision to avoid forcing corporate entities to decrypt communications for Law Enforcement Agencies.
LinkedIn Targeted By TG-2889 →
via Norse Corporation's DarkMatters, comes word of new LinkedIn targeted attacks; this time, perpetrated (allegedly) by Iranian miscreants et. al... In this case, the researchers have fingered TG-2889. Read the full report here.
The 500k →
Codebreaker Granddaughter →
Litany of the quiet heroism of William Gordon Welchman at Bletchley Park, his modern day connections (in this case his granddaughter's well-placed esteem). Today's Must Read.
Apple Boots In-App Ad-Blockers →
via the eponymous Graham Cluley, writing via his blog, details the removal of in-app ad-blockers from the Apple Inc. (NasdaqGS: AAPL) app store.
Sunday Security Maxim
Tabor’s Maxim #2 (Cost Maxim): Security is practically achieved by making the cost of obtaining or damaging an asset higher than the value of the asset itself. Comment: Note that “cost” isn’t necessarily measured in terms of dollars. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
Tabor’s Maxim #1 (Narcissism Maxim): Security is an illusionary ideal created by people who have an overvalued sense of their own self worth. Comment: This maxim is cynical even by our depressing standards—though that doesn’t make it wrong. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory