Informations about SSL certificates and networks security
Squid catch is down, so fisherman are trying to sell more processed product. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
This is pretty amazing: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone … Read More “Smartphone Secretly Sends Private Data to China” »
This is impressive research: “When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals“: Abstract: In this study, we present WindTalker, a novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information. WindTalker is motivated from the observation that … Read More “Using Wi-Fi to Detect Hand Motions and Steal Passwords” »
PoisonTap is an impressive hacking tool that can compromise computers via the USB port, even when they are password-protected. What’s interesting is the chain of vulnerabilities the tool exploits. No individual vulnerability is a problem, but together they create a big problem. Kamkar’s trick works by chaining together a long, complex series of seemingly innocuous … Read More “Hacking Password-Protected Computers via the USB Port” »
Yet another way to collect personal data on people without their knowledge or consent: “Lifestyle chemistries from phones for individual profiling“: Abstract: Imagine a scenario where personal belongings such as pens, keys, phones, or handbags are found at an investigative site. It is often valuable to the investigative team that is trying to trace back … Read More “Mass Spectrometry for Surveillance” »
It’s over. The voting went smoothly. As of the time of writing, there are no serious fraud allegations, nor credible evidence that anyone tampered with voting rolls or voting machines. And most important, the results are not in doubt. While we may breathe a collective sigh of relief about that, we can’t ignore the issue … Read More “Election Security” »
Julian Oliver has designed and built a cellular eavesdropping device that’s disguised as an old HP printer. Masquerading as a regular cellular service provider, Stealth Cell Tower surreptitiously catches phones and sends them SMSs written to appear they are from someone that knows the recipient. It does this without needing to know any phone numbers. … Read More “Fake HP Printer That's Actually a Cellular Eavesdropping Device” »
There’s a Kickstarter for a sticker that you can stick on a glove and then register with a biometric access system like an iPhone. It’s an interesting security trade-off: swapping something you are (the biometric) with something you have (the glove). Gizmodo story. Powered by WPeMatico
Pretty neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Interesting research: “Using Artificial Intelligence to Identify State Secrets,” by Renato Rocha Souza, Flavio Codeco Coelho, Rohan Shah, and Matthew Connelly. Abstract: Whether officials can be trusted to protect national security information has become a matter of great public controversy, reigniting a long-standing debate about the scope and nature of official secrecy. The declassification of … Read More “Automatically Identifying Government Secrets” »