Appsec Roundup - Nov 2024
A virtual feast of appsec!
Shostack + Friends Blog
Posts in category “privacy”
Application and AI roundup - October
Exciting news from the SEC, lots of AI, and lots of threat modeling.
Usable Security and Privacy for Engineers
The new IEEE S+P is all about usable security.
Doing an AMA
I'm doing a reddit AMA in /r/privacy
Van Buren
The Supreme Court has ruled in the van Buren case, and there's a good summary on the Eff's blog.
Tracking Company Says 96% of iPhone Users Block Tracking
So there's some good news and some bad news in this story: 'Too Bad, Zuck: Just 4% of U.S. iPhone Users Let Apps Track Them After iOS Update'.
Amazon's 'Alexa Built-in' Threat Model
Exploring supply chain threat modeling with Alexa
Echo, Threat Modeling and Privacy
I'm featured in (local NPR Affiliate) KUOW's Primed: Season 3, Episode 8.
Encryption & Privacy Policy and Technology
A few tidbits in recent news.
Managed Attribution Threat Modeling
Let's talk CAKED, a threat model for managed attribution.
A Seat At The Table (AppSecCali)
My talks from AppSecCali 2019
Facebook's Privacy Constitution
[no description provided]
Privacy Extension to Elevation of Privilege game
An extended version of Elevation of Privilege, now with Privacy.
Automotive Privacy
[no description provided]
Carpenter!
[no description provided]
346,000 Wuhan Citizens’ Secrets
[no description provided]
Citizen Threat Modeling and more data
[no description provided]
Threat Modeling: Citizens Versus Systems
[no description provided]
Threat Modeling Privacy of Seattle Residents
[no description provided]
The Carpenter Case
[no description provided]
Amicus brief in “Carpenter” Supreme Court Case
[no description provided]
A Privacy Threat Model for The People of Seattle
[no description provided]