computer security – SSL and internet security news

Ethical Problems in Computer Security

June 21, 2023 infossl

academic papers, computer security, ethics, Security technology, Uncategorized

Tadayoshi Kohno, Yasemin Acar, and Wulf Loh wrote excellent paper on ethical thinking within the computer security community: “Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversation“: Abstract: The computer security research community regularly tackles ethical questions. The field of ethics / moral philosophy has for centuries considered what it means to be “morally … Read More “Ethical Problems in Computer Security” »

Computer Repair Technicians Are Stealing Your Data

November 28, 2022 infossl

computer security, privacy, Security technology, Uncategorized

Laptop technicians routinely violate the privacy of the people whose computers they repair: Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied … Read More “Computer Repair Technicians Are Stealing Your Data” »

Recovering Passwords by Measuring Residual Heat

October 12, 2022 infossl

cameras, computer security, machine learning, passwords, Security technology, Uncategorized

Researchers have used thermal cameras and ML guessing techniques to recover passwords from measuring the residual heat left by fingers on keyboards. From the abstract: We detail the implementation of ThermoSecure and make a dataset of 1,500 thermal images of keyboards with heat traces resulting from input publicly available. Our first study shows that ThermoSecure … Read More “Recovering Passwords by Measuring Residual Heat” »

Bypassing Two-Factor Authentication

April 1, 2022 infossl

computer security, passwords, Security technology, two-factor authentication, Uncategorized

These techniques are not new, but they’re increasingly popular: …some forms of MFA are stronger than others, and recent events show that these weaker forms aren’t much of a hurdle for some hackers to clear. In the past few months, suspected script kiddies like the Lapsus$ data extortion gang and elite Russian-state threat actors (like … Read More “Bypassing Two-Factor Authentication” »

Paul van Oorschot’s Computer Security and the Internet

June 17, 2021 infossl

books, computer security, Security technology, Uncategorized

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading. Powered by WPeMatico

Mysterious Macintosh Malware

March 2, 2021 infossl

apple, computer security, malware, Security technology, Uncategorized

This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack … Read More “Mysterious Macintosh Malware” »