Informations about SSL certificates and networks security
Last week, Ron Rivest gave a talk at MIT about Spritz, a new stream cipher by him and Jacob Schuldt. It’s basically a redesign of RC4, given current cryptographic tools and knowledge. RC4 is an example of what I think of as a too-good-to-be-true cipher. It looks so simple. It is so simple. In classic … Read More “Spritz: A New RC4-Like Stream Cipher” »
A pair of Humboldt squids attacked a Greenpeace submarine. There’s video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Good analysis. Powered by WPeMatico
Interesting paper: Maya Embar, Louis M. McHough IV, and William R. Wesselman, “Printer watermark obfuscation,” Proceeding RIIT ’14: Proceedings of the 3rd annual conference on Research in information technology: Abstract: Most color laser printers manufactured and sold today add “invisible” information to make it easier to determine when a particular document was printed and exactly … Read More “Analysis of Printer Watermarking Techniques” »
Susan Landau has a new paper on the NSA’s increasing role in commercial cybersecurity. She argues that the NSA is the wrong organization to do this, and we need a more public and open government agency involved in commercial cybersecurity. Powered by WPeMatico
Last week, Adi Shamir gave a presentation at Black Hat Europe on using all-in-one printers to control computers on the other side of air gaps. There’s no paper yet, but two publications reported on the talk: Theoretically, if a malicious program is installed on an air-gapped computer by an unsuspecting user via, say, a USB … Read More “Jumping Air Gaps with All-in-One Printers” »
Interesting essay on the sorts of things you can learn from anonymized taxi passenger and fare data. Powered by WPeMatico
The Guardian has reported that the app Whisper tracks users, and then published a second article explaining what it knows after Whisper denied the story. Here’s Whisper’s denial; be sure to also read the first comment from Moxie Marlinspike. Slashdot thread. Hacker News thread. EDITED TO ADD (10/22): Another Whisper explanation, and another Guardian article. … Read More “Whisper Tracks Users” »
FBI Director James Comey again called for an end to secure encryption by putting in a backdoor. Here’s his speech: There is a misconception that building a lawful intercept solution into a system requires a so-called “back door,” one that foreign adversaries and hackers may try to exploit. But that isn’t true. We aren’t seeking … Read More “More Crypto Wars II” »
Last month, I wrote that the FBI identified Ross W. Ulbricht as the Silk Road’s Dread Pirate Roberts through a leaky CAPTCHA. Seems that story doesn’t hold water: The FBI claims that it found the Silk Road server by examining plain text Internet traffic to and from the Silk Road CAPTCHA, and that it visited … Read More “How Did the Feds Identity Dread Pirate Roberts?” »