July 2018 – Page 2 – SSL and internet security news

Nicholas Weaver on Cryptocurrencies

July 24, 2018 infossl

bitcoin, cryptocurrency, riskassessment, risks, Security technology

This is well-worth reading (non-paywalled version). Here’s the opening: Cryptocurrencies, although a seemingly interesting idea, are simply not fit for purpose. They do not work as currencies, they are grossly inefficient, and they are not meaningfully distributed in terms of trust. Risks involving cryptocurrencies occur in four major areas: technical risks to participants, economic risks … Read More “Nicholas Weaver on Cryptocurrencies” »

1Password’s Travel Mode

July 23, 2018 infossl

computersecurity, lies, passwords, Security technology

The 1Password password manager has just introduced “travel mode,” which allows you to delete your stored passwords when you’re in other countries or crossing borders: Your vaults aren’t just hidden; they’re completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no … Read More “1Password’s Travel Mode” »

Friday Squid Blogging: Dead Squid on Prince Edward Island

July 20, 2018 infossl

Security technology, squid

A beach on Prince Edward Island is littered with dead squid. No one knows why. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

New Report on Chinese Intelligence Cyber-Operations

July 20, 2018 infossl

china, cyberespionage, intelligence, Security technology

The company ProtectWise just published a long report linking a bunch of Chinese cyber-operations over the past few years. The always interesting gruqq has some interesting commentary on the group and its tactics. Lots of detailed information in the report, but I admit that I have never heard of ProtectWise or its research team 401TRG. … Read More “New Report on Chinese Intelligence Cyber-Operations” »

Suing South Carolina Because Its Election Machines Are Insecure

July 19, 2018 infossl

courts, nationalsecuritypolicy, Security technology, voting

A group called Protect Democracy is suing South Carolina because its insecure voting machines are effectively denying people the right to vote. Note: I am an advisor to Protect Democracy on its work related to election cybersecurity, and submitted a declaration in litigation it filed, challenging President Trump’s now-defunct “election integrity” commission. Powered by WPeMatico

Defeating the iPhone Restricted Mode

July 18, 2018 infossl

apple, cellphones, cryptanalysis, cryptography, iphone, Security technology

Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson in this: security is hard. Apple Computer has one of the … Read More “Defeating the iPhone Restricted Mode” »

Installing a Credit Card Skimmer on a POS Terminal

July 17, 2018 infossl

creditcards, pointofsale, Security technology, skimmers

Watch how someone installs a credit card skimmer in just a couple of seconds. I don’t know if the skimmer just records the data and is collected later, or if it transmits the data back to some base station. Powered by WPeMatico

Reasonably Clever Extortion E-mail Based on Password Theft

July 16, 2018 infossl

extortion, passwords, pornography, Security technology

Imagine you’ve gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it’s for isn’t very valuable. How do you use it? You convince the owners of the password to send you money. I recently saw a spam e-mail that ties the password to a porn … Read More “Reasonably Clever Extortion E-mail Based on Password Theft” »

Gas Pump Hack

July 13, 2018 infossl

cars, cybercrime, hacking, physicalsecurity, Security technology, theft

This is weird: Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1,800. The theft took place in the middle of the day and went on for about 90 minutes, with the gas station attendant unable to thwart … Read More “Gas Pump Hack” »

Friday Squid Blogging: Antifungal Squid-Egg Coating

July 12, 2018 infossl

Security technology, squid

The Hawaiian bobtail squid coats its eggs with antifungal bacteria. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico