June 2024 – Page 2 – SSL and internet security news

Using AI for Political Polling

June 12, 2024 infossl

artificial intelligence, chatbots, democracy, LLM, Security technology, Uncategorized

Public polling is a critical function of modern political campaigns and movements, but it isn’t what it once was. Recent US election cycles have produced copious postmortems explaining both the successes and the flaws of public polling. There are two main reasons polling fails. First, nonresponse has skyrocketed. It’s radically harder to reach people than … Read More “Using AI for Political Polling” »

LLMs Acting Deceptively

June 11, 2024 infossl

academic papers, artificial intelligence, deception, LLM, Security technology, Uncategorized

New research: “Deception abilities emerged in large language models“: Abstract: Large language models (LLMs) are currently at the forefront of intertwining AI systems with human communication and everyday life. Thus, aligning them with human values is of great importance. However, given the steady increase in reasoning abilities, future LLMs are under suspicion of becoming able … Read More “LLMs Acting Deceptively” »

Exploiting Mistyped URLs

June 10, 2024 infossl

academic papers, browsers, Security technology, Uncategorized

Interesting research: “Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains“: Abstract: Web users often follow hyperlinks hastily, expecting them to be correctly programmed. However, it is possible those links contain typos or other mistakes. By discovering active but erroneous hyperlinks, a malicious actor can spoof a website or service, impersonating the expected content and … Read More “Exploiting Mistyped URLs” »

Friday Squid Blogging: Squid Catch Quotas in Peru

June 7, 2024 infossl

Security technology, squid, Uncategorized

Peru has set a lower squid quota for 2024. The article says “giant squid,” but that seems wrong. We don’t eat those. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Security and Human Behavior (SHB) 2024

June 7, 2024 infossl

conferences, cybersecurity, security conferences, Security technology, Uncategorized

This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security. The fifty or so attendees include psychologists, economists, … Read More “Security and Human Behavior (SHB) 2024” »

The Justice Department Took Down the 911 S5 Botnet

June 7, 2024 infossl

botnets, courts, COVID-19, crime, cybercrime, malware, Security technology, Uncategorized

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million … Read More “The Justice Department Took Down the 911 S5 Botnet” »

Espionage with a Drone

June 6, 2024 infossl

drones, espionage, national security policy, photos, Security technology, Uncategorized

The US is using a World War II law that bans aircraft photography of military installations to charge someone with doing the same thing with a drone. Powered by WPeMatico

Online Privacy and Overfishing

June 5, 2024 infossl

artificial intelligence, microsoft, privacy, Security technology, Uncategorized

Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions weren’t about how hackers were using the tools (that was utterly predictable), but about how Microsoft figured it out. The natural conclusion was that Microsoft was spying on its AI users, looking for … Read More “Online Privacy and Overfishing” »

Breaking a Password Manager

June 4, 2024 infossl

bitcoin, cryptocurrency, passwords, Security technology, Uncategorized

Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that versionand subsequent … Read More “Breaking a Password Manager” »

Seeing Like a Data Structure

June 3, 2024 infossl

Internet and society, Security technology, Uncategorized

Technology was once simply a tool—and a small one at that—used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We don’t live in that world anymore. Not … Read More “Seeing Like a Data Structure” »