Informations about SSL certificates and networks security
This sort of thing is still very rare, but I fear it will become more common: …hackers had struck an unnamed steel mill in Germany. They did so by manipulating and disrupting control systems to such a degree that a blast furnace could not be properly shut down, resulting in “massive” — though unspecified — … Read More “Hacking Attack Causes Physical Damage at German Steel Mill” »
When you’re attacked by a missile, you can follow its trajectory back to where it was launched from. When you’re attacked in cyberspace, figuring out who did it is much harder. The reality of international aggression in cyberspace will change how we approach defense. Many of us in the computer-security field are skeptical of the … Read More “Attack Attribution in Cyberspace” »
No one has admitted taking down North Korea’s Internet. It could have been an act of retaliation by the US government, but it could just as well have been an ordinary DDoS attack. The follow-on attack against Sony PlayStation definitely seems to be the work of hackers unaffiliated with a government. Not knowing who did … Read More “Attributing the Sony Attack” »
Sophie Van Der Zee and colleagues have a new paper on using body movement as a lie detector: Abstract: We present a new robust signal for detecting deception: full body motion. Previous work on detecting deception from body movement has relied either on human judges or on specific gestures (such as fidgeting or gaze aversion) … Read More “Fidgeting as Lie Detection” »
New paper: “Attributing Cyber Attacks,” by Thomas Rid and Ben Buchanan: Abstract: Who did it? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either … Read More “Attributing Cyberattacks” »
In Kyoto, taxi drivers are encouraged to loiter around convenience stores late at night. Their presence reduces crime. In Kyoto about half of the convenience stores had signed on for the Midnight Defender Strategy. These 500 or so shops hung posters with slogans such as “vigilance strengthening” written on them in their windows. These signs … Read More “Loitering as a Security System” »
Stewed squid with tomatoes, sauteed squid with parsley and garlic, and braised squid with garlic and herbs. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Those of you unfamiliar with hacker culture might need an explanation of “doxing.” The word refers to the practice of publishing personal information about people without their consent. Usually it’s things like an address and phone number, but it can also be credit card details, medical information, private e-mails — pretty much anything an assailant … Read More “Doxing as an Attack” »
An analysis of the timestamps on some of the leaked documents shows that they were downloaded at USB 2.0 speeds — which implies an insider. Our Gotnews.com investigation into the data that has been released by the “hackers” shows that someone at Sony was copying 182GB at minimum the night of the 21st — the … Read More “More Data on Attributing the Sony Attack” »
I haven’t seen much press mention about the leaked CIA documents that have appeared on WikiLeaks this month. There are three: The CIA review of high-value target assassination programs, classified SECRET, from 2009. The CIA’s advice for agents going through airport security and surviving secondary screening, classified SECRET, from 2011. The CIA’s advice for agents … Read More “Leaked CIA Documents” »