Homepage for Mathew Schwartz

Syria Back Online After Internet Blackout
All Internet traffic from the war-torn country -- via overland and submarine connections -- went offline Tuesday.
InformationWeek (May 08, 2013)

Anonymous OpUSA Hackathon: Mostly Bluster
DHS predicts Tuesday's hackathon will involve little more than nuisance exploits. Meanwhile, Syrian Electronic Army hacks Twitter feeds of satire site The Onion.
InformationWeek (May 07, 2013)

Sweet Password Security Strategy: Honeywords
To improve detection of database breaches, businesses should store multiple fake passwords and monitor attempts to use them, according to researchers at security firm RSA.
InformationWeek (May 07, 2013)

Spamhaus DDoS Suspect Arrested
Cyberbunker leader traveled Spain in a van, accessed Wi-Fi hotspots to launch DDoS attacks against anti-spam opponents, Dutch authorities allege.
InformationWeek (April 29, 2013)

Syrian Hacktivists Hit Guardian Twitter Feeds
Pro-Assad hacktivist group takes over 11 Twitter feeds belonging to British news group, decries "lies and slander about Syria."
InformationWeek (April 29, 2013)

Email Without A Warrant? Senators Not Sold
Update to 1986 Electronic Communications Privacy Act would require police to demonstrate probable cause before accessing someone's email or stored cloud data.
InformationWeek (April 26, 2013)

Twitter Two-Factor Authentication: Too Little, Too Late?
Two-factor authentication is a good step. But for securing many sites, Twitter included, it's not enough.
InformationWeek (April 26, 2013)

Android Smartphone Sellers Should Patch, Refund Or Perish
FTC should crack down on wireless carriers and smartphone manufacturers that put their customers at risk by failing to update Android devices.
InformationWeek (April 22, 2013)

How South Korea Traced Hacker To Pyongyang
Apparent mistake exposed the March bank hacker's IP address, which investigators traced to a North Korean address.
InformationWeek (April 11, 2013)

More: Archive

*SELECTED WRITING:*
Breaking Security News	Selected Stories
Syria Back Online After Internet Blackout All Internet traffic from the war-torn country -- via overland and submarine connections -- went offline Tuesday. InformationWeek (May 08, 2013) Anonymous OpUSA Hackathon: Mostly Bluster DHS predicts Tuesday's hackathon will involve little more than nuisance exploits. Meanwhile, Syrian Electronic Army hacks Twitter feeds of satire site The Onion. InformationWeek (May 07, 2013) Sweet Password Security Strategy: Honeywords To improve detection of database breaches, businesses should store multiple fake passwords and monitor attempts to use them, according to researchers at security firm RSA. InformationWeek (May 07, 2013) Spamhaus DDoS Suspect Arrested Cyberbunker leader traveled Spain in a van, accessed Wi-Fi hotspots to launch DDoS attacks against anti-spam opponents, Dutch authorities allege. InformationWeek (April 29, 2013) Syrian Hacktivists Hit Guardian Twitter Feeds Pro-Assad hacktivist group takes over 11 Twitter feeds belonging to British news group, decries "lies and slander about Syria." InformationWeek (April 29, 2013) Email Without A Warrant? Senators Not Sold Update to 1986 Electronic Communications Privacy Act would require police to demonstrate probable cause before accessing someone's email or stored cloud data. InformationWeek (April 26, 2013) Twitter Two-Factor Authentication: Too Little, Too Late? Two-factor authentication is a good step. But for securing many sites, Twitter included, it's not enough. InformationWeek (April 26, 2013) Android Smartphone Sellers Should Patch, Refund Or Perish FTC should crack down on wireless carriers and smartphone manufacturers that put their customers at risk by failing to update Android devices. InformationWeek (April 22, 2013) How South Korea Traced Hacker To Pyongyang Apparent mistake exposed the March bank hacker's IP address, which investigators traced to a North Korean address. InformationWeek (April 11, 2013) More: Archive	CISPA 2.0: House Intelligence Committee Fumbles Privacy Again Cybersecurity bill's backers portray threat intelligence sharing as a panacea, but yet again ignore the potential privacy and security downsides. InformationWeek (April 16, 2013) Banks Hit Downtime Milestone In DDoS Attacks Top 15 U.S. banks have experienced double the downtime from same period last year. Lawmakers demand passage of a cyber threat intelligence sharing bill. InformationWeek (April 04, 2013) Kill Passwords: Hassle-Free Substitute Wanted Passwords keep proliferating, but do new technologies and approaches offer an alternative? Maybe. InformationWeek (March 04, 2013) Don't Blame China For Security Hacks, Blame Yourself Focus on the sorry state of your information security defenses before worrying about the Chinese, Russians, hacktivists or cybercrime gangs. InformationWeek (February 25, 2013) China Denies U.S. Hacking Accusations: 6 Facts Mandiant report says that an elite Chinese military hacking unit is responsible for launching APT attacks against U.S. businesses. Chinese government cries foul. InformationWeek (February 21, 2013) BK Hack Triggers Twitter Password Smackdown "Operation Whopper" takeover of Burger King and Jeep Twitter accounts, and spoof hacks by MTV and BET, trigger Twitter's "friendly reminder" to use strong passwords. InformationWeek (February 21, 2013) Uncertain State Of Cyber War Just what does "cyber warfare" mean? We're still figuring out tactics and capabilities. InformationWeek (January 21, 2013) TV-Monitoring Patent Prompts Privacy Worries Could a television soon monitor your every move and conversation? IAPP (January 17, 2013) Exclusive: Anatomy Of A Brokerage IT Meltdown Regulators last year issued the SEC's first-ever privacy fine against broker-dealer GunnAllen for failing to protect customer data. But former IT staffers say regulators didn’t seem to know half of this cautionary tale of outsourcing and oversight gone wrong. InformationWeek (October 08, 2012) More: Archive
See my archive of all stories written by year: 2013 \| 2012 \| 2011 \| 2010 \| 2009 \| 2008 \| 2007 \| 2006 \| 2005 \| 2004 \| 2003

Travel Writing & Photography
11 Security Sights Seen Only At Black Hat Who says fun, sun, malware, and penetration testing don't mix? This year's Black Hat conference in Las Vegas offered information security training, hardware hacking, pool time, and more.
Istanbul in 5... Istanbul, a Turkish port city on the Bosporus, has long been celebrated as a place where east meets west. Geographically, at least, that’s true, since the bicoastal city spans two European coasts and one in Asia, with each offering something different.
Tenerife in 5... Find a different beach -- sandy, south-facing, and sunny -- for every day of your vacation on Tenerife, the largest of the Canary Islands, an autonomous part of Spain located near the northwest coast of Africa.
Croatian Beaches in 5... Never mind that the beaches are mostly made of pebbles and rocks, Croatia’s islands, off the coast of Dalmatia, make for a singular beach getaway that won’t wreck your budget.
Paris in 5... Whether it’s your first visit to Paris or your tenth, you ought to try something that may seem fiendishly simple, because it is: Living like a Parisian.
Fodor's Guide to The Da Vinci Code Full-color guide ("on the trail of the bestselling novel") profiles the locations, people, historic events, and symbols featured in the novel. Also included: relevant travel information, plus hotel and food recommendations. The guide opens with three of my essays, including profiles of the Paris Ritz (where the novel begins) and the Police Judiciaire, the real-life French law enforcement agency which employs Bezu Fache, the novel's fictional inspector. See my updates page for more information, or read more travel writing.

Photography
	Ireland From Clonmacnoise, to Dingle, to Dublin.	Portraits Headshots + friends
	Rome Springtime in Italy.	Publicity Singing ensemble, yoga instructors, and more.
Travel photo galleries: Budapest Chicago Cornwall Ireland Istanbul Massachusetts Panoramics Paris Rome

*Selected:*
Intranet Information Architecture (IA) This two-volume, 1,293-page report details numerous IA best practices, and profiles the actual information architecture of 56 organizations' intranets — from BT Global Services and McDonald's, to Vodafone and Zeiss. (Co-authored.) Nielsen Norman Group (November 2007)	Usability of Intranet Portals: A Report from the Trenches—Experiences From Real-Life Portal Projects This 188-page report on intranet portal usability uses case studies and lessons learned from portal projects in numerous companies, as well as government agencies, to determine best practices for creating intranet portals. (Co-authored.) Nielsen Norman Group (October 2005)