Informations about SSL certificates and networks security
Auto Added by WPeMatico
The 1Password password manager has just introduced “travel mode,” which allows you to delete your stored passwords when you’re in other countries or crossing borders: Your vaults aren’t just hidden; they’re completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no … Read More “1Password’s Travel Mode” »
Micah Lee ran a two-year experiment designed to detect whether or not his laptop was ever tampered with. The results are inconclusive, but demonstrate how difficult it can be to detect laptop tampering. Powered by WPeMatico
“Do Not Disturb” is a Macintosh app that send an alert when the lid is opened. The idea is to detect computer tampering. Wire article: Do Not Disturb goes a step further than just the push notification. Using the Do Not Disturb iOS app, a notified user can send themselves a picture snapped with the … Read More “Computer Alarm that Triggers When Lid Is Opened” »
Interesting research into undetectably adding backdoors into computer chips during manufacture: “Stealthy dopant-level hardware Trojans: extended version,” also available here: Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community. One of the main concerns is that integrated circuits, e.g., for military or critical-infrastructure applications, … Read More “Adding Backdoors at the Chip Level” »
Princeton’s Karen Levy has a good article computer security and the intimate partner threat: When you learn that your privacy has been compromised, the common advice is to prevent additional access — delete your insecure account, open a new one, change your password. This advice is such standard protocol for personal security that it’s almost … Read More “Intimate Partner Threat” »
A Raspberry Pi is a tiny computer designed for markers and all sorts of Internet-of-Things types of projects. Make magazine has an article about securing it. Reading it, I am struck by how much work it is to secure. I fear that this is beyond the capabilities of most tinkerers, and the result will be … Read More “Securing a Raspberry Pi” »
Kaspersky Labs exposed a highly sophisticated set of hacking tools from Russia called WhiteBear. From February to September 2016, WhiteBear activity was narrowly focused on embassies and consular operations around the world. All of these early WhiteBear targets were related to embassies and diplomatic/foreign affair organizations. Continued WhiteBear activity later shifted to include defense-related organizations … Read More “Russian Hacking Tools Codenamed WhiteBear Exposed” »
New paper: “Policy measures and cyber insurance: a framework,” by Daniel Woods and Andrew Simpson, Journal of Cyber Policy, 2017. Abstract: The role of the insurance industry in driving improvements in cyber security has been identified as mutually beneficial for both insurers and policy-makers. To date, there has been no consideration of the roles governments … Read More “A Framework for Cyber Security Insurance” »
Researchers demonstrated a really clever hack: they hid malware in a replacement smart phone screen. The idea is that you would naively bring your smart phone in for repair, and the repair shop would install this malicious screen without your knowledge. The malware is hidden in touchscreen controller software, which is trusted by the phone. … Read More “Hacking a Phone Through a Replacement Touchscreen” »
There is an unpatchable vulnerability that affects most modern cars. It’s buried in the Controller Area Network (CAN): Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable. Patching the issue means changing … Read More “Unfixable Automobile Computer Security Vulnerability” »