February 2017 – Page 3 – SSL and internet security news

Predicting a Slot Machine's PRNG

February 8, 2017 infossl

casinos, cheating, gambling, randomnumbers, russia, Security technology

Wired is reporting on a new slot machine hack. A Russian group has reverse-engineered a particular brand of slot machine — from Austrian company Novomatic — and can simulate and predict the pseudo-random number generator. The cell phones from Pechanga, combined with intelligence from investigations in Missouri and Europe, revealed key details. According to Willy … Read More “Predicting a Slot Machine's PRNG” »

Profile of Citizen Lab and Ron Diebert

February 7, 2017 infossl

citizenlab, cybersecurity, cyberwar, espionage, phishing, Security technology

Here’s a nice profile of Citizen Lab and its director, Ron Diebert. Citizen Lab is a jewel. There should be more of them. Powered by WPeMatico

Cryptkeeper Bug

February 7, 2017 infossl

backdoors, encryption, linux, Security technology, securityengineering

The Linux encryption app Cryptkeeper has a rather stunning security bug: the single-character decryption key “p” decrypts everything: The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper … Read More “Cryptkeeper Bug” »

Hacker Leaks Cellebrite's Phone-Hacking Tools

February 6, 2017 infossl

Security technology

In January we learned that a hacker broke into Cellebrite’s network and stole 900GB of data. Now the hacker has dumped some of Cellebrite’s phone-hacking tools on the Internet. In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scenea community of iPhone hackers that … Read More “Hacker Leaks Cellebrite's Phone-Hacking Tools” »

Friday Squid Blogging: Whale Mistakes Plastic Bags for Squid

February 4, 2017 infossl

Security technology

A whale recently died in Norway because there were thirty plastic bags in its stomach. Researchers believe it may have mistaken the plastic bags for squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico

How the US Secret Service Breaks into Smart Phones

February 3, 2017 infossl

Security technology

Here’s an article about the US Secret Service and their Cell Phone Forensics Facility in Tulsa. I said it before and I’ll say it again: the FBI needs technical expertise, not back doors. Powered by WPeMatico

Pacemaker Data Used in Arson Conviction

February 2, 2017 infossl

courts, fraud, internetofthings, Security technology

Here’s a story about data from a pacemaker being used as evidence in an arson conviction. EDITED TO ADD: Another news article. BoingBoing post. Powered by WPeMatico

Security and the Internet of Things

February 1, 2017 infossl

Security technology

Last year, on October 21, your digital video recorder - or at least a DVR like yours - knocked Twitter off the internet. Someone used your DVR, along with millions of insecure webcams, routers, and other connected devices, to launch an attack that started a chain reaction, resulting in Twitter, Reddit, Netflix, and many sites … Read More “Security and the Internet of Things” »