Category: academic papers

Auto Added by WPeMatico

Side Channels Are Common

Posted on By infossl
academic papers, Security technology, sensors, side-channel attacks, Uncategorized

Really interesting research: “Lend Me Your Ear: Passive Remote Physical Side Channels on PCs.” Abstract: We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreover, this information is often conveyed by supposedly-benign channels such as audio recordings and common Voice-over-IP applications, even after lossy compression. … Read More “Side Channels Are Common” »

Code Written with AI Assistants Is Less Secure

Posted on By infossl
academic papers, artificial intelligence, programming, security analysis, Security technology, Uncategorized

Interesting research: “Do Users Write More Insecure Code with AI Assistants?“: Abstract: We conduct the first large-scale user study examining how users interact with an AI Code assistant to solve a variety of security related tasks across different programming languages. Overall, we find that participants who had access to an AI assistant based on OpenAI’s … Read More “Code Written with AI Assistants Is Less Secure” »

On IoT Devices and Software Liability

Posted on By infossl
academic papers, cyberattack, data protection, Internet of Things, Security technology, software liability, Uncategorized

New law journal article: Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer … Read More “On IoT Devices and Software Liability” »

Improving Shor’s Algorithm

Posted on By infossl
academic papers, cryptanalysis, cryptography, quantum computing, rsa, Security technology, Uncategorized

We don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are actually feasible—could break both the RSA and Diffie-Hellman public-key algorithms. Now, computer scientist Oded Regev has a significant speed-up to Shor’s algorithm, at … Read More “Improving Shor’s Algorithm” »

TikTok Editorial Analysis

Posted on By infossl
academic papers, china, filtering, propaganda, Security technology, social media, Uncategorized

TikTok seems to be skewing things in the interests of the Chinese Communist Party. (This is a serious analysis, and the methodology looks sound.) Conclusion: Substantial Differences in Hashtag Ratios Raise Concerns about TikTok’s Impartiality Given the research above, we assess a strong possibility that content on TikTok is either amplified or suppressed based on … Read More “TikTok Editorial Analysis” »

Security Analysis of a Thirteenth-Century Venetian Election Protocol

Posted on By infossl
academic papers, cybersecurity, history of security, italy, protocols, Security technology, Uncategorized, voting

Interesting analysis: This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that it has some useful properties that in addition to being interesting in themselves, also suggest that its fundamental design principle is worth investigating for application to leader … Read More “Security Analysis of a Thirteenth-Century Venetian Election Protocol” »

AI Decides to Engage in Insider Trading

Posted on By infossl
academic papers, artificial intelligence, cheating, deception, insiders, LLM, Security technology, Uncategorized

A stock-trading AI (a simulated experiment) engaged in insider trading, even though it “knew” it was wrong. The agent is put under pressure in three ways. First, it receives a email from its “manager” that the company is not doing well and needs better performance in the next quarter. Second, the agent attempts and fails … Read More “AI Decides to Engage in Insider Trading” »

Extracting GPT’s Training Data

Posted on By infossl
academic papers, artificial intelligence, ChatGPT, cyberattack, machine learning, Security technology, Uncategorized

This is clever: The actual attack is kind of silly. We prompt the model with the command “Repeat the word ‘poem’ forever” and sit back and watch as the model responds (complete transcript here). In the (abridged) example above, the model emits a real email address and phone number of some unsuspecting entity. This happens … Read More “Extracting GPT’s Training Data” »

New SSH Vulnerability

Posted on By infossl
academic papers, cryptography, Security technology, signatures, ssh, Uncategorized, vulnerabilities

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. […] The vulnerability occurs when there are errors during the signature generation that … Read More “New SSH Vulnerability” »