Every year, the NSA has a competition for the best cybersecurity paper. Winners get to go to the NSA to pick up the award. (Warning: you will almost certainly be fingerprinted while you’re there.) Submission guidelines and nomination page. Powered by WPeMatico
Month: March 2017
I have written a paper with Orin Kerr on encryption workarounds. Our goal wasn’t to make any policy recommendations. (That was a good thing, since we probably don’t agree on any.) Our goal was to present a taxonomy of different workarounds, and discuss their technical and legal characteristics and complications. Abstract: The widespread use of … Read More “New Paper on Encryption Workarounds” »
Here is a listing of all the documents that the NSA has in its archives that are dated earlier than 1930. Powered by WPeMatico
WikiLeaks has started publishing a large collection of classified CIA documents, including information on several — possibly many — unpublished (i.e., zero-day) vulnerabilities in computing equipment used by Americans. Despite assurances that the US government prioritizes defense over offense, it seems that the CIA was hoarding vulnerabilities. (It’s not just the CIA; last year we … Read More “WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies” »
This is William Friedman’s highly annotated copy of Herbert Yardley’s book, The American Black Chamber. Powered by WPeMatico
Interesting research: “A Study of MAC Address Randomization in Mobile Devices When it Fails“: Abstract: Media Access Control (MAC) address randomization is a privacy technique whereby mobile devices rotate through random hardware addresses in order to prevent observers from singling out their traffic or physical location from other nearby devices. Adoption of this technology, however, … Read More “Security Vulnerabilities in Mobile MAC Randomization” »
News from the South Atlantic: While the outlook is good at present, it is too early to predict what the final balance of this season will be. The sector is totally aware that the 2016 harvest started well, but then it registered a strong decline. Last year only 60,315 tonnes of Illex squid were landed, … Read More “Friday Squid Blogging: Squid Catches Down in Argentina” »
The article is right; this is frighteningly good. Powered by WPeMatico
An interesting history. Powered by WPeMatico
Researchers have demonstrated using Intel’s Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX’s protected enclave: Malware Guard Extension: Using SGX to Conceal Cache Attacks Abstract:In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial … Read More “Using Intel's SGX to Attack Itself” »