Month: June 2020

Availability Attacks against Neural Networks

Posted on By infossl
academicpapers, machinelearning, Security technology, securityengineering

New research on using specially crafted inputs to slow down machine-learning neural network systems: Sponge Examples: Energy-Latency Attacks on Neural Networks shows how to find adversarial examples that cause a DNN to burn more energy, take more time, or both. They affect a wide range of DNN applications, from image recognition to natural language processing … Read More “Availability Attacks against Neural Networks” »

Security Analysis of the Democracy Live Online Voting System

Posted on By infossl
academicpapers, reverseengineering, Security technology, securityanalysis, voting, vulnerabilities

New research: “Security Analysis of the Democracy Live Online Voting System“: Abstract: Democracy Live’s OmniBallot platform is a web-based system for blank ballot delivery, ballot marking, and (optionally) online voting. Three states — Delaware, West Virginia, and New Jersey — recently announced that they will allow certain voters to cast votes online using OmniBallot, but, … Read More “Security Analysis of the Democracy Live Online Voting System” »

New Research: “Privacy Threats in Intimate Relationships”

Posted on By infossl
academicpapers, cybersecurity, privacy, Security technology, securityawareness

I just published a new paper with Karen Levy of Cornell: “Privacy Threats in Intimate Relationships.” Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships. Many common assumptions about privacy are upended in the context of these … Read More “New Research: “Privacy Threats in Intimate Relationships”” »

Zoom’s Commitment to User Security Depends on Whether you Pay It or Not

Posted on By infossl
backdoors, encryption, privacy, Security technology, securitypolicies, videoconferencing

Zoom was doing so well…. And now we have this: Corporate clients will get access to Zoom’s end-to-end encryption service now being developed, but Yuan said free users won’t enjoy that level of privacy, which makes it impossible for third parties to decipher communications. “Free users for sure we don’t want to give that because … Read More “Zoom’s Commitment to User Security Depends on Whether you Pay It or Not” »

Wallpaper that Crashes Android Phones

Posted on By infossl
android, phones, protocols, Security technology

This is interesting: The image, a seemingly innocuous sunset (or dawn) sky above placid waters, may be viewed without harm. But if loaded as wallpaper, the phone will crash. The fault does not appear to have been maliciously created. Rather, according to developers following Ice Universe’s Twitter thread, the problem lies in the way color … Read More “Wallpaper that Crashes Android Phones” »

Password Changing After a Breach

Posted on By infossl
academicpapers, breaches, passwords, Security technology

This study shows that most people don’t change their passwords after a breach, and if they do they change it to a weaker password. Abstract: To protect against misuse of passwords compromised in a breach, consumers should promptly change affected passwords and any similar passwords on other accounts. Ideally, affected companies should strongly encourage this … Read More “Password Changing After a Breach” »