encryption, ios, iphone, locks, phones, Security technology
Here’s another company that claims to unlock phones for a price. Powered by WPeMatico
Month: March 2018
academicpapers, backdoors, cryptography, cryptowars, encryption, Security technology
Seems like everyone is writing about encryption and backdoors this season. “Policy Approaches to the Encryption Debate,” R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. “Encryption Policy in Democratic Regimes,” East West Institute. I recently blogged about the new National Academies report on the same topic. Here’s a … Read More “Two New Papers on the Encryption Debate” »
audio, Security technology, squid
Here’s an hour-long audio interview with squid scientist Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
conferences, rsa, Security technology
Responding to the lack of diversity at the RSA Conference, a group of security experts have announced a competing one-day conference: OUR Security Advocates, or OURSA. It’s in San Francisco, and it’s during RSA, so you can attend both. Powered by WPeMatico
historyofsecurity, intelligence, military, Security technology
Interesting history of the US Army Security Agency in the early years of Cold War Germany. Powered by WPeMatico
denialofservice, dns, Security technology
This is worrisome: DDoS vandals have long intensified their attacks by sending a small number of specially designed data packets to publicly available services. The services then unwittingly respond by sending a much larger number of unwanted packets to a target. The best known vectors for these DDoS amplification attacks are poorly secured domain name … Read More “New DDoS Reflection-Attack Variant” »
academicpapers, blockchain, Security technology, vulnerabilities
Interesting research: “Finding The Greedy, Prodigal, and Suicidal Contracts at Scale“: Abstract: Smart contracts — stateful executable objects hosted on blockchains like Ethereum — carry billions of dollars worth of coins and cannot be updated once deployed. We present a new systematic characterization of a class of trace vulnerabilities, which result from analyzing multiple invocations … Read More “Security Vulnerabilities in Smart Contracts” »
authentication, computersecurity, insiders, Security technology, securityquestions, socialmedia, threatmodels
Princeton’s Karen Levy has a good article computer security and the intimate partner threat: When you learn that your privacy has been compromised, the common advice is to prevent additional access — delete your insecure account, open a new one, change your password. This advice is such standard protocol for personal security that it’s almost … Read More “Intimate Partner Threat” »
academicpapers, datamining, secrecy, Security technology
This is fascinating research about how the underlying training data for a machine-learning system can be inadvertently exposed. Basically, if a machine-learning system trains on a dataset that contains secret information, in some cases an attacker can query the system to extract that secret information. My guess is that there is a lot more research … Read More “Extracting Secrets from Machine Learning Systems” »
Security technology, squid, video
Video and short commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico