Month: May 2018

Maliciously Changing Someone’s Address

Posted on By infossl
authentication, fraud, identitytheft, mail, Security technology

Someone changed the address of UPS corporate headquarters to his own apartment in Chicago. The company discovered it three months later. The problem, of course, is that in the US there isn’t any authentication of change-of-address submissions: According to the Postal Service, nearly 37 million change-of-address requests ­ known as PS Form 3575 ­ were … Read More “Maliciously Changing Someone’s Address” »

Accessing Cell Phone Location Information

Posted on By infossl
cellphones, lawenforcement, privacy, searches, Security technology, surveillance, tracking

The New York Times is reporting about a company called Securus Technologies that gives police the ability to track cell phone locations without a warrant: The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies … Read More “Accessing Cell Phone Location Information” »

Sending Inaudible Commands to Voice Assistants

Posted on By infossl
amazon, apple, google, internetofthings, Security technology, voicerecognition

Researchers have demonstrated the ability to send inaudible commands to voice assistants like Alexa, Siri, and Google Assistant. Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside … Read More “Sending Inaudible Commands to Voice Assistants” »

Details on a New PGP Vulnerability

Posted on By infossl
cryptography, eavesdropping, email, encryption, pgp, Security technology, signal, vulnerabilities, whatsapp

A new PGP vulnerability was announced today. Basically, the vulnerability makes use of the fact that modern e-mail programs allow for embedded HTML objects. Essentially, if an attacker can intercept and modify a message in transit, he can insert code that sends the plaintext in a URL to a remote website. Very clever. The EFAIL … Read More “Details on a New PGP Vulnerability” »

Critical PGP Vulnerability

Posted on By infossl
cryptanalysis, cryptography, email, encryption, pgp, protocols, Security technology, vulnerabilities

EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. … Read More “Critical PGP Vulnerability” »

Virginia Beach Police Want Encrypted Radios

Posted on By infossl
backdoors, encryption, lawenforcement, police, Security technology

This article says that the Virginia Beach police are looking to buy encrypted radios. Virginia Beach police believe encryption will prevent criminals from listening to police communications. They said officer safety would increase and citizens would be better protected. Someone should ask them if they want those radios to have a backdoor. Powered by WPeMatico

The US Is Unprepared for Election-Related Hacking in 2018

Posted on By infossl
cyberattack, cybersecurity, nationalsecuritypolicy, Security technology, securityawareness, voting

This survey and report is not surprising: The survey of nearly forty Republican and Democratic campaign operatives, administered through November and December 2017, revealed that American political campaign staff — primarily working at the state and congressional levels — are not only unprepared for possible cyber attacks, but remain generally unconcerned about the threat. The … Read More “The US Is Unprepared for Election-Related Hacking in 2018” »