November 2018 – Page 3 – SSL and internet security news

New IoT Security Regulations

November 13, 2018 infossl

essays, internetofthings, nationalsecuritypolicy, Security technology, securityengineering

Due to ever-evolving technological advances, manufacturers are connecting consumer goods — from toys to light bulbs to major appliances — to the Internet at breakneck speeds. This is the Internet of Things, and it’s a security nightmare. The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon’s Alexa, … Read More “New IoT Security Regulations” »

Hiding Secret Messages in Fingerprints

November 12, 2018 infossl

academicpapers, encryption, fingerprints, Security technology, steganography

This is a fun steganographic application: hiding a message in a fingerprint image. Can’t see any real use for it, but that’s okay. Powered by WPeMatico

Friday Squid Blogging: Australian Fisherman Gets Inked

November 9, 2018 infossl

Security technology, squid, video

Pretty good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

The Pentagon is Publishing Foreign Nation-State Malware

November 9, 2018 infossl

Security technology

This is a new thing: The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that’s used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape. This feels like an example of the US’s … Read More “The Pentagon is Publishing Foreign Nation-State Malware” »

Privacy and Security of Data at Universities

November 9, 2018 infossl

academicpapers, datacollection, privacy, Security technology

Interesting paper: “Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier,” by Christine Borgman: Abstract: As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel … Read More “Privacy and Security of Data at Universities” »

iOS 12.1 Vulnerability

November 8, 2018 infossl

apple, ios, iphone, Security technology, vulnerabilities

This is really just to point out that computer security is really hard: Almost as soon as Apple released iOS 12.1 on Tuesday, a Spanish security researcher discovered a bug that exploits group Facetime calls to give anyone access to an iPhone users’ contact information with no need for a passcode. […] A bad actor … Read More “iOS 12.1 Vulnerability” »

Consumer Reports Reviews Wireless Home-Security Cameras

November 7, 2018 infossl

cameras, internetofthings, Security technology, securityengineering, vulnerabilities

Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it’s reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn’t store video from the DCS-2630L in the cloud. Instead, the camera has its own, onboard web server, which can deliver video to the … Read More “Consumer Reports Reviews Wireless Home-Security Cameras” »

Security of Solid-State-Drive Encryption

November 6, 2018 infossl

academicpapers, encryption, firmware, hardware, reverseengineering, Security technology, securityengineering, vulnerabilities

Interesting research: “Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)“: Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have … Read More “Security of Solid-State-Drive Encryption” »

Troy Hunt on Passwords

November 5, 2018 infossl

authentication, biometrics, passwords, Security technology

Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren’t going anywhere in the foreseeable future and why [insert thing here] isn’t going to kill them. No amount of focusing on how bad passwords are or how many accounts have been breached … Read More “Troy Hunt on Passwords” »

Friday Squid Blogging: Eating More Squid

November 2, 2018 infossl

academicpapers, Security technology, squid

This research paper concludes that we’ll be eating more squid in the future. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico