
As we’ve discussed in the past, cryptography relies on the ability to generate random numbers that are both unpredictable and kept secret from any adversary. But “random” is a pretty tricky term; it’s used in many different fields to mean slightly different things. And like all of those fields, its use in cryptography is…

Medical devices are no longer a stand-alone component in the healthcare ecosystem. More and more devices are network-connected, which often involves interaction through websites and the transmission of sensitive data through wireless components. Network-connected medical devices promise an entirely new level of value for patients and doctors, but they also introduce new cybersecurity vulnerabilities…

Bad password advice from the 1990s continues to be repeated ad nauseam, even though it has been widely disproven and groups ranging from security firms to academic researchers to the National Institute of Standards and Technology (NIST) specifically advise against most of those principles. Below, I take this apart and offer you actual good…

Last week I was contacted by someone alerting me to the presence of a spam list. A big one. That’s a bit of a relative term though because whilst I’ve loaded “big” spam lists into Have I been pwned (HIBP) before, the largest to date has been a mere 393m records and belonged to…

If you’re a folk rock fan like me, you might be surprised when a music-streaming service suggests songs for you in other genres, such as country or reggae—and you actually enjoy them. Apple Music, Pandora, Spotify, and similar services are taking subtle cues from your listening habits, not only to recommend new artists but…