NATIONAL CYBER SECURITY AWARENESS MONTH
October is National Cyber Security Awareness Month. In honor of this month, I will be posting daily blog posts, much like I did during the Thirty Day Security Challenge. Unlike the Thirty Day Security challenge, I am looking to make this a bit more interactive. There will be giveaways and prizes in return for your participation and feedback. I have not totally decided on what topics and themes I will cover during this month. If you have suggestions, please feel free to get them to me.
I also hope to make National Cyber Security Awareness Month coincide with the release of two books: Your Ultimate Security Guide: OS X and Your Ultimate Security Guide: iOS 10. The iOS book is coming along very nicely, and I have begun work on the OS X version. As a result, I may have a little less time to spend on the blog in the next couple of months, so forgive me if I miss a post or two.
I don’t like to just make announcement posts, so I also want to give you some actionable stuff to read. Below are some links to articles that I found interesting. The last month has been full of interesting developments, and I wanted to get these out to you in some form. If you would like to get more frequent updates you can follow me on Twitter.
Several interesting articles on encrypted messengers appeared in the last month. Most of these dealt with Signal in some way, and all offer good indications that Signal is probably the most secure, user-friendly messenger currently available.
- Best and Worst Encrypted Messaging Apps – Gizmodo
- Battle of the Secure Messaging Apps – The Intercept
- Security Tips Every Signal User Should Know – The Intercept
It was also a bad month for Android. We saw more than one instance of malicious apps that can auto-root phones. Also, Android’s full-disk encryption (when actually implemented) may be weaker than you think.
- Some Apps Found in Google Play can Root 90% of Android Phones – Ars Technica
- Ten Million Android Phones Infected with All-Powerful Auto-Rooting Apps – Ars Technica
- Android’s Full Disk Encryption Just Got Much Weaker – Here’s Why – Ars Technica
I also stumbled across an awesome series on encrypted email on the privacy sub-Reddit. It is definitely worth your time if you have an interest in encrypted or anonymous email.
- Part I – Introduction
- Part II – Encryption
- Part III – Metadata and Anonymity
- Part IV – Usability vs. Security
Also on the topic of email, ProtonMail released an updated version of its mobile app with an exciting new feature:
- ProtonMail Mobile v1.4.0 – ProtonMail Blog
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.