Category: academicpapers

Auto Added by WPeMatico

Frequent Password Changes Is a Bad Security Idea

Posted on By infossl
academicpapers, algorithms, passwords, Security technology, securitypolicies

I’ve been saying for years that it’s bad security advice, that it encourages poor passwords. Lorrie Cranor, now the FTC’s chief technologist, agrees: By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1”, for instance (excluding the quotation marks) frequently became “tArheels#1” … Read More “Frequent Password Changes Is a Bad Security Idea” »

Detecting When a Smartphone Has Been Compromised

Posted on By infossl
academicpapers, malware, phones, Security technology, securityengineering, tracking

Andrew “bunnie” Huang and Edward Snowden have designed a smartphone case that detects unauthorized transmissions by the phone. Paper. Three news articles. Looks like a clever design. Of course, it has to be outside the device; otherwise, it could be compromised along with the device. Note that this is still in the research design stage; … Read More “Detecting When a Smartphone Has Been Compromised” »

"Surreptitiously Weakening Cryptographic Systems"

Posted on By infossl
academicpapers, backdoors, cryptanalysis, cryptography, sabotage, schneiernews, Security technology

New paper: “Surreptitiously Weakening Cryptographic Systems,” by Bruce Schneier, Matthew Fredrikson, Tadayoshi Kohno, and Thomas Ristenpart. Abstract: Revelations over the past couple of years highlight the importance of understanding malicious and surreptitious weakening of cryptographic systems. We provide an overview of this domain, using a number of historical examples to drive development of a weaknesses … Read More “"Surreptitiously Weakening Cryptographic Systems"” »

Cell Phones Leak Location Information through Power Usage

Posted on By infossl
academicpapers, cellphones, Security technology, sidechannelattacks, tracking

New research on tracking the location of smart phone users by monitoring power consumption: PowerSpy takes advantage of the fact that a phone’s cellular transmissions use more power to reach a given cell tower the farther it travels from that tower, or when obstacles like buildings or mountains block its signal. That correlation between battery … Read More “Cell Phones Leak Location Information through Power Usage” »

Tracking Bitcoin Scams

Posted on By infossl
academicpapers, bitcoin, scams, Security technology

Interesting paper: “There’s No Free Lunch, Even Using Bitcoin: Tracking the Popularity and Profits of Virtual Currency Scams,” by Marie Vasek and Tyler Moore. Abstract: We present the first empirical analysis of Bitcoin-based scams: operations established with fraudulent intent. By amalgamating reports gathered by voluntary vigilantes and tracked in online forums, we identify 192 scams … Read More “Tracking Bitcoin Scams” »

Subconscious Keys

Posted on By infossl
academicpapers, cryptanalysis, cryptography, encryption, keys, secrecy, Security technology

I missed this paper when it was first published in 2012: “Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks” Abstract: Cryptographic systems often rely on the secrecy of cryptographic keys given to users. Many schemes, however, cannot resist coercion attacks where the user is forcibly asked by an attacker to reveal the … Read More “Subconscious Keys” »

Defending Against Liar Buyer Fraud

Posted on By infossl
academicpapers, anonymity, ebay, fraud, lies, Security technology

It’s a common fraud on sites like eBay: buyers falsely claim that they never received a purchased item in the mail. Here’s a paper on defending against this fraud through basic psychological security measures. It’s preliminary research, but probably worth experimental research. We have tested a collection of possible user-interface enhancements aimed at reducing liar … Read More “Defending Against Liar Buyer Fraud” »

How Surveillance Causes Writers to Self-Censor

Posted on By infossl
academicpapers, censorship, internetandsociety, privacy, Security technology, surveillance

A worldwide survey of writers affiliated with PEN shows a significant level of self-censoring. From the press release: The report’s revelations, based on a survey of nearly 800 writers worldwide, are alarming. Concern about surveillance is now nearly as high among writers living in democracies (75%) as among those living in non-democracies (80%). The levels … Read More “How Surveillance Causes Writers to Self-Censor” »

Fidgeting as Lie Detection

Posted on By infossl
academicpapers, biometrics, deception, lies, Security technology

Sophie Van Der Zee and colleagues have a new paper on using body movement as a lie detector: Abstract: We present a new robust signal for detecting deception: full body motion. Previous work on detecting deception from body movement has relied either on human judges or on specific gestures (such as fidgeting or gaze aversion) … Read More “Fidgeting as Lie Detection” »

Attributing Cyberattacks

Posted on By infossl
academicpapers, cybercrime, cyberterrorism, cyberwar, Security technology

New paper: “Attributing Cyber Attacks,” by Thomas Rid and Ben Buchanan: Abstract: Who did it? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either … Read More “Attributing Cyberattacks” »