Why Are Cryptographers Being Denied Entry into the US? Is there some cryptographer blacklist? Is something else going on? A lot of us would like to know.

Security Engineering: Third Edition Today I put online a chapter on Who is the Opponent, which draws together what we learned from Snowden and others about the capabilities of state actors, together with what we’ve learned about cybercrime actors as a result of running the Cambridge Cybercrime Centre. Isn’t it odd that almost six years after Snowden, nobody’s tried to pull together what we learned into a coherent summary? There’s also a chapter on Surveillance or Privacy which looks at policy. What’s the privacy landscape now, and what might we expect from the tussles over data retention, government backdoors and censorship more generally?

Google halts some business with China's Huawei: report Huawei will reportedly no longer be able to access Android updates, the Gmail app, the Google Play store and new versions of Google phones outside of China.

Forget Huawei, The Internet Of Things Is The Real Security Threat We've noted for a while how a lot of the US protectionist security hysteria surrounding Huawei isn't supported by much in the way of hard data. And while it's certainly possible that Huawei helps the Chinese government spy, the reality is that Chinese (or any other) intelligence services don't really need to rely on Huawei to spy on the American public. Why? Because people around the world keep connecting millions of internet of broken things devices to their home and business networks that lack even the most rudimentary of security and privacy protections. Week after week we've documented how these devices are being built with both privacy and security as a distant afterthought, resulting in everything from your television to your refrigerator creating both new attack vectors and wonderful new surveillance opportunities for hackers and state actors.