Author: infossl

AT&T Charging Customers to Not Spy on Them

Posted on By infossl
att, privacy, Security technology, surveillance

AT&T is charging a premium for gigabit Internet service without surveillance: The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program “works independently of your browser’s privacy settings regarding cookies, do-not-track and private browsing.” In other words, AT&T is performing deep packet inspection, … Read More “AT&T Charging Customers to Not Spy on Them” »

Cell Phones Leak Location Information through Power Usage

Posted on By infossl
academicpapers, cellphones, Security technology, sidechannelattacks, tracking

New research on tracking the location of smart phone users by monitoring power consumption: PowerSpy takes advantage of the fact that a phone’s cellular transmissions use more power to reach a given cell tower the farther it travels from that tower, or when obstacles like buildings or mountains block its signal. That correlation between battery … Read More “Cell Phones Leak Location Information through Power Usage” »

Friday Squid Blogging: Squid Can Recode Their Genetic Makeup

Posted on By infossl
Security technology, squid

This is freaky: A new study showcases the first example of an animal editing its own genetic makeup on-the-fly to modify most of its proteins, enabling adjustments to its immediate surroundings. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by … Read More “Friday Squid Blogging: Squid Can Recode Their Genetic Makeup” »

Man-in-the-Middle Attacks on Lenovo Computers

Posted on By infossl
adware, computersecurity, lenovo, maninthemiddleattacks, Security technology

It’s not just national intelligence agencies that break your https security through man-in-the-middle attacks. Corporations do it, too. For the past few months, Lenovo PCs have shipped with an adware app called Superfish that man-in-the-middles TLS connections. Here’s how it works, and here’s how to get rid of it. And you should get rid of … Read More “Man-in-the-Middle Attacks on Lenovo Computers” »

NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys

Posted on By infossl
cellphones, databases, eavesdropping, edwardsnowden, gchq, hacking, nsa, phones, privacy, Security technology, simcards, surveillance

The Intercept has an extraordinary story: the NSA and/or GCHQ hacked into the Dutch SIM card manufacturer Gemalto, stealing the encryption keys for billions of cell phones. People are still trying to figure out exactly what this means, but it seems to mean that the intelligence agencies have access to both voice and data from … Read More “NSA/GCHQ Hacks SIM Card Database and Steals Billions of Keys” »

IRS Encourages Poor Cryptography

Posted on By infossl
aes, cryptography, encryption, irs, Security technology

I’m not sure what to make of this, or even what it means. The IRS has a standard called IDES: International Data Exchange Service: “The International Data Exchange Service (IDES) is an electronic delivery point where Financial Institutions (FI) and Host Country Tax Authorities (HCTA) can transmit and exchange FATCA data with the United States.” … Read More “IRS Encourages Poor Cryptography” »

The Equation Group's Sophisticated Hacking and Exploitation Tools

Posted on By infossl
edwardsnowden, exploits, hacking, implants, kaspersky, nsa, Security technology, vulnerabilities

This week, Kaspersky Labs published detailed information on what it calls the Equation Group — almost certainly the NSA — and its abilities to embed spyware deep inside computers, gaining pretty much total control of those computers while maintaining persistence in the face of reboots, operating system reinstalls, and commercial anti-virus products. The details are … Read More “The Equation Group's Sophisticated Hacking and Exploitation Tools” »