Informations about SSL certificates and networks security
We’re starting to see some information on the Israeli cyber-weapons arms manufacturer that sold the iPhone zero-day exploit to the United Arab Emirates so they could spy on human rights defenders. Powered by WPeMatico
Another paper on using Wi-Fi for surveillance. This one is on identifying people by their body shape. “FreeSense:Indoor Human Identification with WiFi Signals“: Abstract: Human identification plays an important role in human-computer interaction. There have been numerous methods proposed for human identification (e.g., face recognition, gait recognition, fingerprint identification, etc.). While these methods could be … Read More “Using Wi-Fi Signals to Identify People by Body Shape” »
This is interesting research: “Keystroke Recognition Using WiFi Signals.” Basically, the user’s hand positions as they type distorts the Wi-Fi signal in predictable ways. Abstract: Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this … Read More “Keystroke Recognition from Wi-Fi Distortion” »
Last week, Apple issued a critical security patch for the iPhone: iOS 9.3.5. The incredible story is that this patch is the result of investigative work by Citizen Lab, which uncovered a zero-day exploit being used by the UAE government against a human rights defender. The UAE spyware was provided by the Israeli cyberweapons arms … Read More “iPhone Zero-Day Used by UAE Government” »
Apple received a patent earlier this year on collecting biometric information of an unauthorized device user. The obvious application is taking a copy of the fingerprint and photo of someone using as stolen smartphone. Note that I have no opinion on whether this is a patentable idea or the patent is valid. Powered by WPeMatico
Really: As shown in the video below, researchers at Pennsylvania State University recently developed a polyelectrolyte liquid solution made of bacteria and yeast that automatically mends clothes. It doesn’t have a name yet, but it’s almost miraculous. Simply douse two halves of a ripped fabric in the stuff, hold them together under warm water for … Read More “Friday Squid Blogging: Self-Repairing Fabrics Based on Squid Teeth” »
We’ve long known that 64 bits is too small for a block cipher these days. That’s why new block ciphers like AES have 128-bit, or larger, block sizes. The insecurity of the smaller block is nicely illustrated by a new attack called “Sweet32.” It exploits the ability to find block collisions in Internet protocols to … Read More “Collision Attacks Against 64-Bit Block Ciphers” »
The National Security Agency is lying to us. We know that because of data stolen from an NSA server was dumped on the Internet. The agency is hoarding information about security vulnerabilities in the products you use, because it wants to use it to hack others’ computers. Those vulnerabilities aren’t being reported, and aren’t getting … Read More “The NSA Is Hoarding Vulnerabilities” »
Interesting research that shows we exaggerate the risks of something when we find it morally objectionable. From an article about and interview with the researchers: To get at this question experimentally, Thomas and her collaborators created a series of vignettes in which a parent left a child unattended for some period of time, and participants … Read More “Confusing Security Risks with Moral Judgments” »
In this article, detailing the Australian and then worldwide investigation of a particularly heinous child-abuse ring, there are a lot of details of the pedophile security practices and the police investigative techniques. The abusers had a detailed manual on how to scrub metadata and avoid detection, but not everyone was perfect. The police used information … Read More “Interesting Internet-Based Investigative Techniques” »