I find and read a lot of interesting articles online and often later wish that I had bookmarked or made a note of some of them. I’m going to try and start making semi-regular posts with links to these — perhaps with some commentary.

  • GCHQ data collection regime violated human rights, court rules ECHR finds that GCHQ’s nulk data interception — as exposed by Snowden in 2013 — violated the European convention on human rights. The UK law this was performed under, the Regulation of Investigatory Powers Act, has already been updated in 2016.

  • Data breaches affect stock performance Report on how a data breach affects the share price of companies. Generally, breaches tend to have a negative effect. Interestingly, older breaches had a larger effect than more recent breaches, indicating that perhaps we’re getting used to companies being breached. There are also a few previous papers about the economics of data breaches: one, two, and a few that were presented at WEIS.

  • IoT devices causing power blackouts Instead of hacking into a power grid control station, hack into thousands of (probably much more insecure) networked IoT appliances such as air conditioners or heaters and turn them all on at the same time; the sudden increase in demand can destabilize the grid. Potentially a serious problem in the future as the number of such devices increases and, eventually, stop receiving security updates (if they ever got them in the first place). Usenix presentation

  • Government hacking makes everyone less safe A paper about the government’s use and disclosure of vulnerabilities. See also my paper on the US Vulnerabilities Equities Process.