Author: infossl

Problems with Georgia’s Voter Registration Portal

Posted on By infossl
fraud, Georgia, identification, national security policy, Security technology, Uncategorized, voting

It’s possible to cancel other people’s voter registration: On Friday, four days after Georgia Democrats began warning that bad actors could abuse the state’s new online portal for canceling voter registrations, the Secretary of State’s Office acknowledged to ProPublica that it had identified multiple such attempts… …the portal suffered at least two security glitches that … Read More “Problems with Georgia’s Voter Registration Portal” »

On the Cyber Safety Review Board

Posted on By infossl
computer security, cybersecurity, hacking, Security technology, Uncategorized

When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of dollars. We need one. To be sure, … Read More “On the Cyber Safety Review Board” »

Leaked GitHub Python Token

Posted on By infossl
leaks, security analysis, Security technology, supply chain, Uncategorized

Here’s a disaster that didn’t happen: Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF). JFrog discussed what could have happened: The … Read More “Leaked GitHub Python Token” »

Education in Secure Software Development

Posted on By infossl
security education, Security technology, software, Uncategorized

The Linux Foundation and OpenSSF released a report on the state of education in secure software development. …many developers lack the essential knowledge and skills to effectively implement secure software development. Survey findings outlined in the report show nearly one-third of all professionals directly involved in development and deployment ­ system operations, software developers, committers, … Read More “Education in Secure Software Development” »

Providing Security Updates to Automobile Software

Posted on By infossl
books, cars, cybersecurity, Security technology, software, Uncategorized

Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them. … Read More “Providing Security Updates to Automobile Software” »

New Research in Detecting AI-Generated Videos

Posted on By infossl
academic papers, artificial intelligence, deepfake, Security technology, Uncategorized, videos

The latest in what will be a continuing arms race between creating and detecting videos: The new tool the research project is unleashing on deepfakes, called “MISLnet”, evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or images. These may include the addition … Read More “New Research in Detecting AI-Generated Videos” »