Informations about SSL certificates and networks security
My proof of COVID-19 vaccination is recorded on an easy-to-forge paper card. With little trouble, I could print a blank form, fill it out, and snap a photo. Small imperfections wouldn’t pose any problem; you can’t see whether the paper’s weight is right in a digital image. When I fly internationally, I have to show … Read More “Why Vaccine Cards Are So Easily Forged” »
Oops: Instead of telling you when it’s safe to cross the street, the walk signs in Crystal City, VA are just repeating ‘CHANGE PASSWORD.’ Something’s gone terribly wrong here. Powered by WPeMatico
Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes them vulnerable to recovery. There aren’t many weak keys out there, but there are some: So far, Böck has identified only a handful of keys in the wild that are … Read More “Breaking RSA through Insufficiently Random Primes” »
This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »
This is a current list of where and when I am scheduled to speak: I’m participating in an online panel discussion on “Ukraine and Russia: The Online War,” hosted by UMass Amherst, at 5:00 PM Eastern on March 31, 2022. I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022. I’m speaking at … Read More “Upcoming Speaking Events” »
The transparency organization Distributed Denial of Secrets has released 800GB of data from Roskomnadzor, the Russian government censorship organization. Specifically, Distributed Denial of Secrets says the data comes from the Roskomnadzor of the Republic of Bashkortostan. The Republic of Bashkortostan is in the west of the country. […] The data is split into two main … Read More “Leak of Russian Censorship Data” »
A fossilized ancestor of the vampire squid — with ten arms — was discovered and named Syllipsimopodi bideni after President Biden. Here’s the research paper. Note: Vampire squids are not squids. (Yes, it’s weird.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t … Read More “Friday Squid Blog: 328-million-year-old Vampire Squid Ancestor Discovered” »
It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I can tell, the only thing that worked was the disabling of regional KA-SAT SATCOM terminals. It’s probably too early … Read More “Where’s the Russia-Ukraine Cyberwar?” »
Zelle is rife with fraud: Zelle’s immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. … Read More “Fraud on Zelle” »
Yet another method of surveillance: Radar can detect you moving closer to a computer and entering its personal space. This might mean the computer can then choose to perform certain actions, like booting up the screen without requiring you to press a button. This kind of interaction already exists in current Google Nest smart displays, … Read More “Using Radar to Read Body Language” »