June 2021 – Page 2 – SSL and internet security news

Intentional Flaw in GPRS Encryption Algorithm GEA-1

June 17, 2021 infossl

academic papers, algorithms, backdoors, cryptanalysis, encryption, Security technology, Uncategorized

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit key, the effective key length is only 40 … Read More “Intentional Flaw in GPRS Encryption Algorithm GEA-1” »

Paul van Oorschot’s Computer Security and the Internet

June 17, 2021 infossl

books, computer security, Security technology, Uncategorized

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Powered by WPeMatico

VPNs and Trust

June 16, 2021 infossl

privacy, risk assessment, Security technology, surveillance, trust, Uncategorized, vpn

TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies. Express VPN is incorporated in the British Virgin Islands. NordVPN is incorporated in … Read More “VPNs and Trust” »

Andrew Appel on New Hampshire’s Election Audit

June 15, 2021 infossl

auditing, scanners, Security technology, Uncategorized, voting

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire. Based on preliminary reports published by the team of experts that New Hampshire engaged to examine an election discrepancy, it appears that a buildup of dust in the read heads of optical-scan voting machines (possibly over several years … Read More “Andrew Appel on New Hampshire’s Election Audit” »

Friday Squid Blogging: Fossil of Squid Eating and Being Eaten

June 11, 2021 infossl

Security technology, squid, Uncategorized

We now have a fossil of a squid eating a crustacean while it is being eaten by a shark. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

FBI/AFP-Run Encrypted Phone

June 11, 2021 infossl

australia, backdoors, encryption, fbi, law enforcement, Security technology, trust, Uncategorized

For three years, the Federal Bureau of Investigation and the Australian Federal Police owned and operated a commercial encrypted phone app, called AN0M, that was used by organized crime around the world. Of course, the police were able to read everything — I don’t even know if this qualifies as a backdoor. This week, the … Read More “FBI/AFP-Run Encrypted Phone” »

Detecting Deepfake Picture Editing

June 10, 2021 infossl

academic papers, deep fake, Security technology, tamper detection, Uncategorized

“Markpainting” is a clever technique to watermark photos in such a way that makes it easier to detect ML-based manipulation: An image owner can modify their image in subtle ways which are not themselves very visible, but will sabotage any attempt to inpaint it by adding visible information determined in advance by the markpainter. One … Read More “Detecting Deepfake Picture Editing” »

Information Flows and Democracy

June 9, 2021 infossl

academic papers, disinformation, national security policy, Security technology, Uncategorized

Henry Farrell and I published a paper on fixing American democracy: “Rechanneling Beliefs: How Information Flows Hinder or Help Democracy.” It’s much easier for democratic stability to break down than most people realize, but this doesn’t mean we must despair over the future. It’s possible, though very difficult, to back away from our current situation … Read More “Information Flows and Democracy” »

Vulnerabilities in Weapons Systems

June 8, 2021 infossl

cyberattack, cyberwar, cyberweapons, essays, military, Security technology, supply chain, Uncategorized

“If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” That was Bruce’s response at a conference hosted by US Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the Internet. That may be necessary to keep in touch with … Read More “Vulnerabilities in Weapons Systems” »

The Supreme Court Narrowed the CFAA

June 7, 2021 infossl

courts, fraud, machine learning, Security technology, Uncategorized

In a 6-3 ruling, the Supreme Court just narrowed the scope of the Computer Fraud and Abuse Act: In a ruling delivered today, the court sided with Van Buren and overturned his 18-month conviction. In a 37-page opinion written and delivered by Justice Amy Coney Barrett, the court explained that the “exceeds authorized access” language … Read More “The Supreme Court Narrowed the CFAA” »