Skip to content
SSL and internet security news

Informations about SSL certificates and networks security

Category: hardware

Auto Added by WPeMatico

Hardware Vulnerability in Apple’s M-Series Chips

Posted on March 28, 2024 By infossl
apple, encryption, hardware, Security technology, side-channel attacks, Uncategorized

It’s yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, … Read More “Hardware Vulnerability in Apple’s M-Series Chips” »

Successful Hack of Time-Triggered Ethernet

Posted on November 18, 2022 By infossl
cyberattack, embedded systems, hardware, Security technology, spoofing, Uncategorized

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it: On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single … Read More “Successful Hack of Time-Triggered Ethernet” »

M1 Chip Vulnerability

Posted on June 15, 2022 By infossl
academic papers, apple, cybersecurity, hardware, malware, Security technology, Uncategorized, vulnerabilities

This is a new vulnerability against Apple’s M1 chip. Researchers say that it is unpatchable. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving … Read More “M1 Chip Vulnerability” »

Testing Faraday Cages

Posted on December 3, 2021 By infossl
hardware, iphone, Security technology, Uncategorized

Matt Blaze tested a variety of Faraday cages for phones, both commercial and homemade. The bottom line: A quick and likely reliable “go/no go test” can be done with an Apple AirTag and an iPhone: drop the AirTag in the bag under test, and see if the phone can locate it and activate its alarm … Read More “Testing Faraday Cages” »

New Rowhammer Technique

Posted on November 19, 2021 By infossl
hardware, Security technology, side-channel attacks, Uncategorized

Rowhammer is an attack technique involving accessing — that’s “hammering” — rows of bits in memory, millions of times per second, with the intent of causing bits in neighboring rows to flip. This is a side-channel attack, and the result can be all sorts of mayhem. Well, there is a new enhancement: All previous Rowhammer … Read More “New Rowhammer Technique” »

New Spectre-Like Attacks

Posted on May 5, 2021 By infossl
academic papers, hardware, patching, Security technology, Uncategorized, vulnerabilities

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago. Details: The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing … Read More “New Spectre-Like Attacks” »

Router Security

Posted on February 19, 2021 By infossl
hardware, Internet of Things, linux, mitigation, patching, reports, Security technology, Uncategorized, vulnerabilities

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of … Read More “Router Security” »

Securing the International IoT Supply Chain

Posted on July 1, 2020 By infossl
academicpapers, cybersecurity, hardware, internetofthings, Security technology, securitypolicies, supplychain

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the … Read More “Securing the International IoT Supply Chain” »

Another Intel Speculative Execution Vulnerability

Posted on June 11, 2020 By infossl
exploits, hacking, hardware, intel, keys, Security technology, sidechannelattacks, vulnerabilities

Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data. Now that they — and the research into the Intel ME vulnerability — have shown researchers where to look, more is coming — and what they’ll find will be worse … Read More “Another Intel Speculative Execution Vulnerability” »

Used Tesla Components Contain Personal Information

Posted on May 8, 2020 By infossl
cars, dataloss, dataretention, hardware, identification, internetofthings, leaks, Security technology

Used Tesla components, sold on eBay, still contain personal information, even after a factory reset. This is a decades-old problem. It’s a problem with used hard drives. It’s a problem with used photocopiers and printers. It will be a problem with IoT devices. It’ll be a problem with everything, until we decide that data deletion … Read More “Used Tesla Components Contain Personal Information” »

Posts pagination

1 2 … 5 Next
fr_FR

Recent Posts

  • Chinese AI Submersible
  • Fake Student Fraud in Community Colleges
  • Another Move in the Deepfake Creation/Detection Arms Race
  • Friday Squid Blogging: Pyjama Squid
  • Privacy for Agentic AI

Tags

academicpapers airgaps android anonymity authentication borders cars cellphones censorship control courts crime cryptanalysis cryptography cryptowars deanonymization edwardsnowden encryption fbi fear geolocation guardian hacking intelligence ios jamming keyescrow lies malware medicine nationalsecuritypolicy nsa pointofsale printers privacy rc4 retail secrecy sidechannelattacks socialmedia squid surveillance tracking tradecraft whistleblowers

Categories

  • 3dprinters
  • 911
  • A Hacker's Mind
  • academic
  • academic papers
  • academicpapers
  • accountability
  • aclu
  • activism
  • adobe
  • advanced persistent threats
  • advancedpersistentthreats
  • adware
  • aes
  • AI
  • air travel
  • airgaps
  • airtravel
  • al Qaeda
  • alarms
  • algorithms
  • alqaeda
  • amazon
  • android
  • anonymity
  • Anonymous
  • antivirus
  • apache
  • apple
  • Applied Cryptography
  • appliedcryptography
  • artificial intelligence
  • artificialintelligence
  • assassinations
  • atms
  • att
  • attribution
  • audio
  • auditing
  • australia
  • authentication
  • authorization
  • automation
  • backdoors
  • backups
  • banking
  • baserate
  • behavioraldetection
  • Beyond Fear
  • beyondfear
  • bgp
  • biological warfare
  • biologicalwarfare
  • biometrics
  • bios
  • bitcoin
  • BitLocker
  • blackberry
  • blackmail
  • blockchain
  • bluetooth
  • bombs
  • books
  • borders
  • botnets
  • brazil
  • breaches
  • bribes
  • browsers
  • business of security
  • businessofsecurity
  • CALEA
  • cameras
  • camouflage
  • canada
  • captchas
  • cars
  • casinos
  • cell phones
  • cellphones
  • censorship
  • certificates
  • certifications
  • ch2ke
  • chatbots
  • ChatGPT
  • cheating
  • chelseamanning
  • chess
  • child pornography
  • childpornography
  • children
  • china
  • chipandpin
  • chrome
  • Chrome OS
  • cia
  • cisco
  • Citizen Lab
  • citizenlab
  • cloning
  • cloud computing
  • cloudcomputing
  • co3systems
  • coastguard
  • colombia
  • complexity
  • compliance
  • computer security
  • computersecurity
  • concealment
  • conferences
  • cons
  • consumerization
  • contests
  • control
  • cookies
  • cooperation
  • copyright
  • costbenefitanalysis
  • courts
  • cover-ups
  • coverups
  • COVID-19
  • covid19
  • cracking
  • credentials
  • credit cards
  • creditcards
  • crime
  • cross-site scripting
  • crowdsourcing
  • cryptanalysis
  • crypto wars
  • cryptocurrency
  • cryptography
  • cryptome
  • cryptowars
  • cuba
  • cyberattack
  • cybercrime
  • cyberespionage
  • cybersecurity
  • cyberterrorism
  • cyberwar
  • cyberweapons
  • dark web
  • darkweb
  • darpa
  • Data and Goliath
  • data breaches
  • data collection
  • data destruction
  • data loss
  • data mining
  • data privacy
  • data protection
  • dataandgoliath
  • databases
  • databreaches
  • datacollection
  • datadestruction
  • dataloss
  • datamining
  • dataprotection
  • dataretention
  • de-anonymization
  • dea
  • deaddrops
  • deanonymization
  • debates
  • deception
  • deep fake
  • deepfake
  • defense
  • democracy
  • deniability
  • denial of service
  • denialofservice
  • Department of Defense
  • departmentofdefense
  • dhs
  • disclosure
  • disguise
  • disinformation
  • dmca
  • dna
  • dns
  • doghouse
  • domain names
  • doxing
  • drm
  • drones
  • drug trade
  • drugtrade
  • e-mail
  • eavesdropping
  • ebay
  • ebooks
  • economics of security
  • economicsofsecurity
  • Edward Snowden
  • edwardsnowden
  • eff
  • egypt
  • email
  • embedded systems
  • embeddedsystems
  • employment
  • encryption
  • enigma
  • EPIC
  • epidemiology
  • espionage
  • essays
  • estonia
  • ethics
  • eu
  • EULA
  • exploits
  • externalities
  • extortion
  • face recognition
  • facebook
  • facerecognition
  • fake news
  • fakenews
  • false positives
  • falsenegatives
  • falsepositives
  • fbi
  • fear
  • feudalsecurity
  • filesharing
  • filtering
  • finance
  • fingerprints
  • firefox
  • firewall
  • firmware
  • fisa
  • foia
  • forensics
  • forgery
  • Fortuna
  • france
  • fraud
  • fsecure
  • ftc
  • g7
  • gambling
  • game theory
  • games
  • gametheory
  • gaming consoles
  • gchq
  • gdpr
  • generations
  • geolocation
  • Georgia
  • germany
  • gmail
  • google
  • googleglass
  • gps
  • Greece
  • Guardian
  • guns
  • hackback
  • hacking
  • hardware
  • hashes
  • healthcare
  • Hezbollah
  • history of computing
  • history of cryptography
  • history of security
  • historyofcomputing
  • historyofcryptography
  • historyofsecurity
  • hoaxes
  • homelandsecurity
  • homomorphic encryption
  • hotels
  • hp
  • https
  • human rights
  • humor
  • ibm
  • ics
  • idcards
  • identification
  • identity theft
  • identitytheft
  • impersonation
  • implants
  • incentives
  • incident response
  • incidentresponse
  • india
  • infrastructure
  • inrupt
  • insiders
  • insurance
  • intel
  • intelligence
  • internet
  • Internet and society
  • Internet of Things
  • internetandsociety
  • internetexplorer
  • internetofthings
  • interviews
  • intrusion detection
  • ios
  • iphone
  • iran
  • iraq
  • ireland
  • irs
  • isis
  • isps
  • israel
  • italy
  • jamming
  • japan
  • Juniper
  • kaspersky
  • kazakhstan
  • key logging
  • keyescrow
  • keylogging
  • keys
  • kidnapping
  • killswitch
  • law enforcement
  • lawenforcement
  • laws
  • leaks
  • lebanon
  • lenovo
  • Liars and Outliers
  • liarsandoutliers
  • lies
  • linkedin
  • linux
  • LLM
  • locks
  • loopholes
  • lotteries
  • machine learning
  • machinelearning
  • mail
  • malware
  • man-in-the-middle attacks
  • maninthemiddleattacks
  • marketing
  • mcafee
  • md5
  • medicine
  • Meta
  • metadata
  • microsoft
  • military
  • mitigation
  • monoculture
  • movieplotthreats
  • mozilla
  • music
  • national security policy
  • nationalism
  • nationalsecurityletters
  • nationalsecuritypolicy
  • natural security
  • naturalsecurity
  • networksecurity
  • New York Times
  • Nigeria
  • nist
  • no-fly list
  • Non classé
  • noncomputer hacks
  • North Korea
  • northkorea
  • norway
  • nsa
  • obscurity
  • onetimepads
  • open source
  • opensource
  • operating systems
  • operatingsystems
  • operational security
  • operationalsecurity
  • overreactions
  • pakistan
  • Password Safe
  • passwords
  • passwordsafe
  • patching
  • patents
  • patriotact
  • paypal
  • penetration testing
  • penetrationtesting
  • pgp
  • phishing
  • phones
  • photos
  • physical security
  • physicalsecurity
  • pins
  • plagiarism
  • point of sale
  • pointofsale
  • police
  • policy
  • pornography
  • power
  • press
  • printers
  • prison escapes
  • prisons
  • privacy
  • privilege escalation
  • programming
  • propaganda
  • protocols
  • proxies
  • pseudonymity
  • psychology of security
  • psychologyofsecurity
  • public interest
  • public transit
  • publicinterest
  • publictransit
  • qatar
  • QR codes
  • quantum computing
  • quantum cryptography
  • quantumcomputing
  • quantumcryptography
  • radio
  • random numbers
  • randomnumbers
  • ransomware
  • redaction
  • regulation
  • replayattacks
  • reports
  • reputation
  • resilience
  • Resilient Systems
  • resilientsystems
  • restaurants
  • retail
  • reverse engineering
  • reverseengineering
  • rfid
  • risk assessment
  • riskassessment
  • risks
  • robbery
  • robotics
  • rootkits
  • rsa
  • russia
  • sabotage
  • Safari
  • safes
  • samsung
  • saudiarabia
  • scada
  • scams
  • scanners
  • Schneier news
  • Schneier on Security (book)
  • schneiernews
  • schneierslaw
  • schools
  • sciencefiction
  • search engines
  • searches
  • secrecy
  • secretsharing
  • security analysis
  • security conferences
  • security education
  • security engineering
  • security standards
  • Security technology
  • security theater
  • security tokens
  • securityanalysis
  • securityawareness
  • securityconferences
  • securityeducation
  • securityengineering
  • securitymindset
  • securitymonitoring
  • securitypolicies
  • securityquestions
  • securitystandards
  • securitytheater
  • securitytokens
  • sensors
  • sha1
  • side-channel attacks
  • sidechannelattacks
  • signal
  • signatures
  • SIM cards
  • simcards
  • skimmers
  • skype
  • smart cards
  • smartcards
  • smartphones
  • sms
  • smuggling
  • snake oil
  • snakeoil
  • social engineering
  • social media
  • socialengineering
  • socialmedia
  • societalsecurity
  • software
  • software liability
  • softwareliability
  • sony
  • southkorea
  • spain
  • spam
  • spoofing
  • sports
  • spyware
  • SQL injection
  • sqlinjection
  • squid
  • ss7
  • ssh
  • ssl
  • stalking
  • steganography
  • stuxnet
  • supply chain
  • supplychain
  • surveillance
  • sweden
  • switzerland
  • symantec
  • syria
  • T-Mobile
  • Taiwan
  • tamper detection
  • tamperdetection
  • taxonomies
  • TED
  • telecom
  • telegram
  • television
  • tempest
  • terms of service
  • termsofservice
  • terrorism
  • Thailand
  • theft
  • threat models
  • threatalerts
  • threatmodels
  • tls
  • tor
  • torrents
  • torture
  • tpm
  • tracing
  • tracking
  • tradecraft
  • traffic analysis
  • trafficanalysis
  • transparency
  • transportation
  • treaties
  • trust
  • tsa
  • turkey
  • twitter
  • two-factor authentication
  • twofactorauthentication
  • twofish
  • uae
  • uber
  • uk
  • ukraine
  • un
  • Uncategorized
  • undercover
  • unitedarabemirates
  • usability
  • usb
  • usps
  • utilities
  • uzbekistan
  • verisign
  • verizon
  • video
  • videoconferencing
  • videos
  • violence
  • voice recognition
  • voicerecognition
  • voip
  • voting
  • vpn
  • vulnerabilities
  • war
  • war on the unexpected
  • warontheunexpected
  • watchlists
  • weapons
  • web
  • web privacy
  • webprivacy
  • whatsapp
  • whistleblowers
  • Wi-Fi
  • wifi
  • wikileaks
  • windows
  • wireless
  • yahoo
  • zero-day
  • zeroday

Archives

  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014

Copyright © 2025 SSL and internet security news.

Theme: Oceanly by ScriptsTown