Interesting catch by Sucuri, a website exploit that adds malicious code to the EXIF headers in legitimate images on the compromised host.
I would be more worried that someone would kill me in order to get the documents released than I would be that someone would kill me to prevent the documents from being released. Any real-world situation involves multiple adversaries, and it’s important to keep all of them in mind when designing a security system.
—Bruce Schneier, in response to Edward Snowden having a “dead man’s switch” that would release all of the documents he stole if anything happens to him.
I have a new column/blog on Dark Reading. Or, more accurately, I’ve taken over a column called Sophos Security Insights (previously SophosLabs Insights).
The first post, “Forget Standardization. Embrace BYOD.” went up today. Here’s a sneak peak:
Despite its rocky start, Windows 8 has IT departments salivating over the idea of standardizing on a single platform. It’s a compelling vision: phones, tablets, and workstations all running a single OS and managed through a shared set of native Microsoft tools. Compelling, perhaps, but for most organizations, it ain’t gonna happen.