academic papers – Page 11 – SSL and internet security news

Information Flows and Democracy

June 9, 2021 infossl

academic papers, disinformation, national security policy, Security technology, Uncategorized

Henry Farrell and I published a paper on fixing American democracy: “Rechanneling Beliefs: How Information Flows Hinder or Help Democracy.” It’s much easier for democratic stability to break down than most people realize, but this doesn’t mean we must despair over the future. It’s possible, though very difficult, to back away from our current situation … Read More “Information Flows and Democracy” »

Friday Squid Blogging: Underwater Cameras for Observing Squid

May 28, 2021 infossl

academic papers, cameras, Security technology, squid, Uncategorized

Interesting research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

New Spectre-Like Attacks

May 5, 2021 infossl

academic papers, hardware, patching, Security technology, Uncategorized, vulnerabilities

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago. Details: The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing … Read More “New Spectre-Like Attacks” »

Wi-Fi Devices as Physical Object Sensors

April 5, 2021 infossl

academic papers, Security technology, sensors, Uncategorized, Wi-Fi, wireless

The new 802.11bf standard will turn Wi-Fi devices into object sensors: In three years or so, the Wi-Fi specification is scheduled to get an upgrade that will turn wireless devices into sensors capable of gathering data about the people and objects bathed in their signals. “When 802.11bf will be finalized and introduced as an IEEE … Read More “Wi-Fi Devices as Physical Object Sensors” »

Determining Key Shape from Sound

March 24, 2021 infossl

academic papers, keys, locks, physical security, Security technology, smartphones, Uncategorized

It’s not yet very accurate or practical, but under ideal conditions it is possible to figure out the shape of a house key by listening to it being used. Listen to Your Key: Towards Acoustics-based Physical Key Inference Abstract: Physical locks are one of the most prevalent mechanisms for securing objects such as doors. While … Read More “Determining Key Shape from Sound” »

Security Analysis of Apple’s “Find My…” Protocol

March 15, 2021 infossl

academic papers, apple, bluetooth, crowdsourcing, de-anonymization, privacy, reverse engineering, security analysis, Security technology, tracking, Uncategorized

Interesting research: “Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System“: Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world’s largest crowd-sourced location tracking network called offline finding (OF). OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an … Read More “Security Analysis of Apple’s “Find My…” Protocol” »

Metadata Left in Security Agency PDFs

March 12, 2021 infossl

academic papers, metadata, security analysis, Security technology, Uncategorized

Really interesting research: “Exploitation and Sanitization of Hidden Data in PDF Files” Abstract: Organizations publish and share more and more electronic documents like PDF files. Unfortunately, most organizations are unaware that these documents can compromise sensitive information like authors names, details on the information system and architecture. All these information can be exploited easily by … Read More “Metadata Left in Security Agency PDFs” »

Fast Random Bit Generation

March 11, 2021 infossl

academic papers, Fortuna, random numbers, Security technology, Uncategorized

Science has a paper (and commentary) on generating 250 random terabits per second with a laser. I don’t know how cryptographically secure they are, but that can be cleaned up with something like Fortuna. Powered by WPeMatico

Hacking Digitally Signed PDF Files

March 8, 2021 infossl

academic papers, adobe, hacking, Security technology, signatures, Uncategorized

Interesting paper: “Shadow Attacks: Hiding and Replacing Content in Signed PDFs“: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification. In 2019, Mladenov et al. revealed various parsing vulnerabilities … Read More “Hacking Digitally Signed PDF Files” »

Browser Tracking Using Favicons

February 17, 2021 infossl

academic papers, browsers, Security technology, tracking, Uncategorized

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page name.) Abstract: The privacy threats of online tracking have garnered considerable attention in recent years from researchers and practitioners alike. This has resulted in users becoming more privacy-cautious … Read More “Browser Tracking Using Favicons” »