Informations about SSL certificates and networks security
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis. Powered by WPeMatico
Really interesting analysis of the American M-209 encryption device and its security. Powered by WPeMatico
This story seems straightforward. A city is the victim of a ransomware attack. They repeatedly lie to the media about the severity of the breach. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher. Let’s hope the judge throws the case out, but—still—it will serve as … Read More “Security Researcher Sued for Disproving Government Statements” »
The NSA’s “National Cryptographic School Television Catalogue” from 1991 lists about 600 COMSEC and SIGINT training videos. There are a bunch explaining the operations of various cryptographic equipment, and a few code words I have never heard of before. Powered by WPeMatico
Interesting vulnerability: …a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips. The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA … Read More “SQL Injection Attack on Airport Security” »
Details. Blog moderation policy. Powered by WPeMatico
The “long lost lecture” by Adm. Grace Hopper has been published by the NSA. (Note that there are two parts.) It’s a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP and the internet went operational. She was a remarkable person. … Read More “Adm. Grace Hopper’s 1982 NSA Lecture Has Been Published” »
Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not. Powered by WPeMatico
Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized. Powered by WPeMatico
This is a big deal. A US Appeals Court ruled that geofence warrants—these are general warrants demanding information about all people within a geographical boundary—are unconstitutional. The decision seems obvious to me, but you can’t take anything for granted. Powered by WPeMatico