Informations about SSL certificates and networks security
If you’ve read my book Liars and Outliers, you know I like the prisoner’s dilemma as a way to think about trust and security. There is an enormous amount of research — both theoretical and experimental — about the dilemma, which is why I found this new research so interesting. Here’s a decent summary: The … Read More “Prisoner's Dilemma Experiment Illustrates Four Basic Phenotypes” »
The NSA was badly hacked in 2013, and we’re just now learning about it. A group of hackers called “The Shadow Brokers” claim to have hacked the NSA, and are posting data to prove it. The data is source code from “The Equation Group,” which is a sophisticated piece of malware exposed last year and … Read More “Major NSA/Equation Group Leak” »
New research: “Flip Feng Shui: Hammering a Needle in the Software Stack,” by Kaveh Razavi, Ben Gras, Erik Bosman Bart Preneel, Cristiano Giuffrida, and Herbert Bos. Abstract: We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to induce bit flips over arbitrary physical memory in a fully controlled way. FFS … Read More “Powerful Bit-Flipping Attack” »
Both Kaspersky and Symantec have uncovered another piece of malware that seems to be a government design: The malware — known alternatively as “ProjectSauron” by researchers from Kaspersky Lab and “Remsec” by their counterparts from Symantec — has been active since at least 2011 and has been discovered on 30 or so targets. Its ability … Read More “Yet Another Government-Sponsored Malware” »
In a cautionary tale to those who favor government-mandated backdoors to security systems, Microsoft accidentally leaked the key protecting its UEFI Secure boot feature. As we all know, the problems with backdoors are less the cryptography and more the systems surrounding the cryptography. Powered by WPeMatico
Experts are blaming bacteria, not squid nets. Powered by WPeMatico
Some minimal information about the NSA’s abilities to hack networks via submarine. Powered by WPeMatico
Nice attack against electronic safes: Plore used side-channel attacks to pull it off. These are ways of exploiting physical indicators from a cryptographic system to get around its protections. Here, all Plore had to do was monitor power consumption in the case of one safe, and the amount of time operations took in other, and … Read More “Hacking Electronic Safes” »
Here’s an interesting hack against a computer’s monitor: A group of researchers has found a way to hack directly into the tiny computer that controls your monitor without getting into your actual computer, and both see the pixels displayed on the monitor — effectively spying on you — and also manipulate the pixels to display … Read More “Hacking Your Computer Monitor” »
We’re seeing car thefts in the wild accomplished through hacking: Houston police have arrested two men for a string of high-tech thefts of trucks and SUVs in the Houston area. The Houston Chronicle reports that Michael Armando Arce and Jesse Irvin Zelaya were charged on August 4th, and are believed to be responsible for more … Read More “Hackers Stealing Cars” »