Maciej Cegłowski has published a long, practical, insightful, and witty article on his experiences with political campaign security. He wisely focuses on a handful of steps to narrow the attack surface with the fewest tools and techniques. This should be a Coursera course, or a series of short videos.
Emails are notoriously hard to validate. Emails are like typed, signed contracts with no section or page numbers: you can take out or add whatever pages you want as long as you keep the signatures. Intelligence expert Malcom Nance has tweeted that Wikileaks' recent collection of Podesta emails contain "obvious forgeries." It is hard to detect emails forgeries... Continue Reading →
I'm not often a fan of conspiracy theories, except for entertainment value. This one is interesting because it combines international intrigue, the elections, and our world of notoriously poor email security. The conspiracy arises from foreigners trying to influence the United States election. They spy on unprotected emails and leak the contents to influence US... Continue Reading →
Early last month, Edward Snowden criticized former Secretary of State Hillary Clinton for obviously and intentionally mishandling classified information by using a private email server. A recent Huffington post argues that, if true, Snowden's comments could cost Clinton the Democratic Presidential nomination. This rests on technical questions of security and classified information. Based on the information I have seen, Clinton... Continue Reading →