Author: infossl

M1 Chip Vulnerability

Posted on By infossl
academic papers, apple, cybersecurity, hardware, malware, Security technology, Uncategorized, vulnerabilities

This is a new vulnerability against Apple’s M1 chip. Researchers say that it is unpatchable. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving … Read More “M1 Chip Vulnerability” »

Cryptanalysis of ENCSecurity’s Encryption Implementation

Posted on By infossl
Security technology, Uncategorized

ENCSecurity markets a file encryption system, and it’s used by SanDisk, Sony, Lexar, and probably others. Despite it using AES as its algorithm, it’s implementation is flawed in multiple ways—and breakable. The moral is, as it always is, that implementing cryptography securely is hard. Don’t roll your own anything if you can help it. Powered … Read More “Cryptanalysis of ENCSecurity’s Encryption Implementation” »

Smartphones and Civilians in Wartime

Posted on By infossl
laws, Security technology, sensors, smartphones, Uncategorized, war

Interesting article about civilians using smartphones to assist their militaries in wartime, and how that blurs the important legal distinction between combatants and non-combatants: The principle of distinction between the two roles is a critical cornerstone of international humanitarian law­—the law of armed conflict, codified by decades of customs and laws such as the Geneva … Read More “Smartphones and Civilians in Wartime” »

Me on Public-Interest Tech

Posted on By infossl
public interest, Schneier news, Security technology, Uncategorized, video

Back in November 2020, in the middle of the COVID-19 pandemic, I gave a virtual talk at the International Symposium on Technology and Society: “The Story of the Internet and How it Broke Bad: A Call for Public-Interest Technologists.” It was something I was really proud of, and it’s finally up on the net. Powered … Read More “Me on Public-Interest Tech” »

Remotely Controlling Touchscreens

Posted on By infossl
academic papers, malware, Security technology, side-channel attacks, Uncategorized

Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device. The … Read More “Remotely Controlling Touchscreens” »