July 2019 – Page 3 – SSL and internet security news

Cell Networks Hacked by (Probable) Nation-State Attackers

July 9, 2019 infossl

attribution, cellphones, datacollection, espionage, hacking, metadata, Security technology, vulnerabilities

A sophisticated attacker has successfuly infiltrated cell providers to collect information on specific users: The hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — … Read More “Cell Networks Hacked by (Probable) Nation-State Attackers” »

Cardiac Biometric

July 8, 2019 infossl

biometrics, facerecognition, falsenegatives, falsepositives, identification, medicine, Security technology

MIT Technology Review is reporting about an infrared laser device that can identify people by their unique cardiac signature at a distance: A new device, developed for the Pentagon after US Special Forces requested it, can identify people without seeing their face: instead it detects their unique cardiac signature with an infrared laser. While it … Read More “Cardiac Biometric” »

Ransomware Recovery Firms Who Secretly Pay Hackers

July 8, 2019 infossl

fraud, hacking, ransomware, Security technology

ProPublica is reporting on companies that pretend to recover data locked up by ransomware, but just secretly pay the hackers and then mark up the cost to the victims. Powered by WPeMatico

Friday Squid Blogging: Squid Cars

July 5, 2019 infossl

cars, Security technology, squid

Jalopnik asks the important question: “If squids ruled the earth, what would their cars be like?“ As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Applied Cryptography is Banned in Oregon Prisons

July 5, 2019 infossl

appliedcryptography, books, censorship, cryptography, prisons, Security technology

My Applied Cryptography is on a list of books banned in Oregon prisons. It’s not me — and it’s not cryptography — it’s that the prisons ban books that teach people to code. The subtitle is “Algorithms, Protocols, and Source Code in C” — and that’s the reason. My more recent Cryptography Engineering is a … Read More “Applied Cryptography is Banned in Oregon Prisons” »

Research on Human Honesty

July 5, 2019 infossl

academicpapers, economicsofsecurity, Security technology, societalsecurity, theft

New research from Science: “Civic honesty around the globe“: Abstract: Civic honesty is essential to social capital and economic development, but is often in conflict with material self-interest. We examine the trade-off between honesty and self-interest using field experiments in 355 cities spanning 40 countries around the globe. We turned in over 17,000 lost wallets … Read More “Research on Human Honesty” »

US Journalist Detained When Returning to US

July 4, 2019 infossl

borders, email, lawenforcement, privacy, searches, Security technology, surveillance

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico. After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, … Read More “US Journalist Detained When Returning to US” »

Digital License Plates

July 3, 2019 infossl

lawenforcement, privacy, Security technology, surveillance

They’re a thing: Developers say digital plates utilize “advanced telematics” — to collect tolls, pay for parking and send out Amber Alerts when a child is abducted. They also help recover stolen vehicles by changing the display to read “Stolen,” thereby alerting everyone within eyeshot. This makes no sense to me. The numbers are static. … Read More “Digital License Plates” »

Google Releases Basic Homomorphic Encryption Tool

July 2, 2019 infossl

cryptography, encryption, google, Security technology

Google has released an open-source cryptographic tool: Private Join and Compute. From a Wired article: Private Join and Compute uses a 1970s methodology known as “commutative encryption” to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. This is helpful for multiparty … Read More “Google Releases Basic Homomorphic Encryption Tool” »

Yubico Security Keys with a Crypto Flaw

July 1, 2019 infossl

cryptography, encryption, firmware, keys, randomnumbers, Security technology, securityengineering, securitytokens

Wow, is this an embarrassing bug: Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys … Read More “Yubico Security Keys with a Crypto Flaw” »