Informations about SSL certificates and networks security
Auto Added by WPeMatico
Researchers found that they could confuse the road sign detection algorithms of self-driving cars by adding stickers to the signs on the road. They could, for example, cause a car to think that a stop sign is a 45 mph speed limit sign. The changes are subtle, though — look at the photo from the … Read More “Confusing Self-Driving Cars by Altering Road Signs” »
Researchers are developing technologies that can detect IMSI-catchers: those fake cell phone towers that can be used to surveil people in the area. This is good work, but it’s unclear to me whether these devices can detect all the newer IMSI-catchers that are being sold to governments worldwide. News article. Powered by WPeMatico
New paper: “Taking Stock: Estimating Vulnerability Rediscovery,” by Trey Herr, Bruce Schneier, and Christopher Morris: Abstract: How often do multiple, independent, parties discover the same vulnerability? There are ample models of vulnerability discovery, but little academic work on this issue of rediscovery. The immature state of this research and subsequent debate is a problem for … Read More “Measuring Vulnerability Rediscovery” »
New research: In this study, the optic lobe of a giant squid (Architeuthis dux, male, mantle length 89 cm), which was caught by local fishermen off the northeastern coast of Taiwan, was scanned using high-resolution magnetic resonance imaging in order to examine its internal structure. It was evident that the volume ratio of the optic … Read More “Friday Squid Blogging: Giant Squids Have Small Brains” »
“Traffic shaping” — the practice of tricking data to flow through a particular route on the Internet so it can be more easily surveiled — is an NSA technique that has gotten much less attention than it deserves. It’s a powerful technique that allows an eavesdropper to get access to communications channels it would otherwise … Read More “More on the NSA’s Use of Traffic Shaping” »
This is nice work: “The Password Reset MitM Attack,” by Nethanel Gelerntor, Senia Kalma, Bar Magnezi, and Hen Porcilan: Abstract: We present the password reset MitM (PRMitM) attack and show how it can be used to take over user accounts. The PRMitM attack exploits the similarity of the registration and password reset processes to launch … Read More “A Man-in-the-Middle Attack against a Password Reset System” »
The more they mate, the sooner they die. Academic paper (paywall). News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Ross Anderson blogged about his new paper on security and safety concerns about the Internet of Things. (See also this short video.) It’s very much along the lines of what I’ve been writing. Powered by WPeMatico
Interesting law-journal article: “Surveillance Intermediaries,” by Alan Z. Rozenshtein. Abstract:Apple’s 2016 fight against a court order commanding it to help the FBI unlock the iPhone of one of the San Bernardino terrorists exemplifies how central the question of regulating government surveillance has become in American politics and law. But scholarly attempts to answer this question … Read More “Surveillance Intermediaries” »
Really interesting research: “Unpacking Spear Phishing Susceptibility,” by Zinaida Benenson, Freya Gassmann, and Robert Landwirth. Abstract: We report the results of a field experiment where we sent to over 1200 university students an email or a Facebook message with a link to (non-existing) party pictures from a non-existing person, and later asked them about the … Read More “Spear Phishing Attacks” »