academicpapers – Page 17 – SSL and internet security news

Jumping Air Gaps with Blinking Lights and Drones

March 3, 2017 infossl

academicpapers, airgaps, drones, hacking, movieplotthreats, Security technology, sidechannelattacks

Researchers have demonstrated how a malicious piece of software in an air-gapped computer can communicate with a nearby drone using a blinking LED on the computer. I have mixed feelings about research like this. On the one hand, it’s pretty cool. On the other hand, there’s not really anything new or novel, and it’s kind … Read More “Jumping Air Gaps with Blinking Lights and Drones” »

Friday Squid Blogging: The Strawberry Squid's Lopsided Eyes

February 17, 2017 infossl

academicpapers, Security technology, squid

The evolutionary reasons why the strawberry squid has two different eyes. Additional articles. Original paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico

Research into the Root Causes of Terrorism

February 15, 2017 infossl

academicpapers, alqaeda, propaganda, Security technology, terrorism

Interesting article in Science discussing field research on how people are radicalized to become terrorists. The potential for research that can overcome existing constraints can be seen in recent advances in understanding violent extremism and, partly, in interdiction and prevention. Most notable is waning interest in simplistic root-cause explanations of why individuals become violent extremists … Read More “Research into the Root Causes of Terrorism” »

Hacking Back

February 13, 2017 infossl

academicpapers, cyberattack, hackback, hacking, Security technology

There’s a really interesting paper from George Washington University on hacking back: “Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats.” I’ve never been a fan of hacking back. There’s a reason we no longer issue letters of marque or allow private entities to commit crimes, and hacking back is a … Read More “Hacking Back” »

Friday Squid Blogging: Squid Communication through Skin Patterns

February 10, 2017 infossl

academicpapers, Security technology, squid

Interesting research. (Popular article here.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico

De-Anonymizing Browser History Using Social-Network Data

February 10, 2017 infossl

academicpapers, anonymity, deanonymization, identification, Security technology, socialmedia, tracking

Interesting research: “De-anonymizing Web Browsing Data with Social Networks“: Abstract: Can online trackers and network adversaries de-anonymize web browsing data readily available to them? We show — theoretically, via simulation, and through experiments on real user data — that de-identified web browsing histories can be linked to social media profiles using only publicly available data. … Read More “De-Anonymizing Browser History Using Social-Network Data” »

Internet Filtering in Authoritarian Regimes

January 13, 2017 infossl

academicpapers, censorship, cybersecurity, Security technology

Interesting research: Sebastian Hellmeier, “The Dictator’s Digital Toolkit: Explaining Variation in Internet Filtering in Authoritarian Regimes,” Politics & Policy, 2016 (full paper is behind a paywall): Abstract: Following its global diffusion during the last decade, the Internet was expected to become a liberation technology and a threat for autocratic regimes by facilitating collective action. Recently, … Read More “Internet Filtering in Authoritarian Regimes” »

Twofish Power Analysis Attack

January 12, 2017 infossl

academicpapers, cryptanalysis, cryptography, encryption, Security technology, sidechannelattacks, twofish

New paper: “A Simple Power Analysis Attack on the Twofish Key Schedule.” This shouldn’t be a surprise; these attacks are devastating if you don’t take steps to mitigate them. The general issue is if an attacker has physical control of the computer performing the encryption, it is very hard to secure the encryption inside the … Read More “Twofish Power Analysis Attack” »

How Signal Is Evading Censorship

December 28, 2016 infossl

academicpapers, censorship, egypt, encryption, Security technology, tls, unitedarabemirates

Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal’s new anti-censorship feature uses a trick called “domain fronting,” Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can … Read More “How Signal Is Evading Censorship” »

Let's Encrypt Is Making Web Encryption Easier

December 14, 2016 infossl

academicpapers, certificates, cryptography, encryption, Security technology

That’s the conclusion of a research paper: Once [costs and complexity] are eliminated, it enables big hosting providers to issue and deploy certificates for their customers in bulk, thus quickly and automatically enable encryption across a large number of domains. For example, we have shown that currently, 47% of LE certified domains are hosted at … Read More “Let's Encrypt Is Making Web Encryption Easier” »