Informations about SSL certificates and networks security
Researchers found that they could confuse the road sign detection algorithms of self-driving cars by adding stickers to the signs on the road. They could, for example, cause a car to think that a stop sign is a 45 mph speed limit sign. The changes are subtle, though — look at the photo from the … Read More “Confusing Self-Driving Cars by Altering Road Signs” »
For once, the real story isn’t as bad as it seems. A researcher has figured out how to install malware onto an Echo that causes it to stream audio back to a remote controller, but: The technique requires gaining physical access to the target Echo, and it works only on devices sold before 2017. But … Read More “Turning an Amazon Echo into an Eavesdropping Device” »
Interesting story about Uber drivers who have figured out how to game the company’s algorithms to cause surge pricing: According to the study. drivers manipulate Uber’s algorithm by logging out of the app at the same time, making it think that there is a shortage of cars. […] The study said drivers have been coordinating … Read More “Uber Drivers Hacking the System to Cause Surge Pricing” »
Interesting story: The venture is built on Alex’s talent for reverse engineering the algorithms — known as pseudorandom number generators, or PRNGs — that govern how slot machine games behave. Armed with this knowledge, he can predict when certain games are likeliest to spit out moneyinsight that he shares with a legion of field agents … Read More “Hacking Slot Machines by Reverse-Engineering the Random Number Generators” »
I never imagined that there would be fake news about squid. (That website lets you write your own stories.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Attackers used a vulnerability in an Internet-connected fish tank to successfully penetrate a casino’s network. BoingBoing post. Powered by WPeMatico
Rumor is that the Trump administration will separate the NSA and US Cyber Command. I have long thought this was a good idea. Here’s a good discussion of what it does and doesn’t mean. Powered by WPeMatico
Last week, DefCon hosted a “Voter Hacker Village” event. Every single voting machine there was easily hackable. Here are detailed details. There should be a summary report soon; I’ll add it to this post when it’s published. Powered by WPeMatico
Researchers are developing technologies that can detect IMSI-catchers: those fake cell phone towers that can be used to surveil people in the area. This is good work, but it’s unclear to me whether these devices can detect all the newer IMSI-catchers that are being sold to governments worldwide. News article. Powered by WPeMatico
Back in 2013, Der Spiegel reported that the NSA intercepts and collects Windows bug reports: One example of the sheer creativity with which the TAO spies approach their work can be seen in a hacking method they use that exploits the error-proneness of Microsoft’s Windows. Every user of the operating system is familiar with the … Read More “NSA Collects MS Windows Error Information” »