Informations about SSL certificates and networks security
Auto Added by WPeMatico
I recently wrote about the new ability to disable the Touch ID login on iPhones. This is important because of a weirdness in current US law that protects people’s passcodes from forced disclosure in ways it does not protect actions: being forced to place a thumb on a fingerprint reader. There’s another, more significant, change: … Read More “Another iPhone Change to Frustrate the Police” »
Slashdot asks if password masking — replacing password characters with asterisks as you type them — is on the way out. I don’t know if that’s true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in passwords … Read More “Password Masking” »
This is nice work: “The Password Reset MitM Attack,” by Nethanel Gelerntor, Senia Kalma, Bar Magnezi, and Hen Porcilan: Abstract: We present the password reset MitM (PRMitM) attack and show how it can be used to take over user accounts. The PRMitM attack exploits the similarity of the registration and password reset processes to launch … Read More “A Man-in-the-Middle Attack against a Password Reset System” »
Sad story of someone whose computer became owned by a griefer: The trouble began last year when he noticed strange things happening: files went missing from his computer; his Facebook picture was changed; and texts from his daughter didn’t reach him or arrived changed. “Nobody believed me,” says Gary. “My wife and my brother thought … Read More “Separating the Paranoid from the Hacked” »
The password-manager 1Password has just implemented a travel mode that tries to protect users while crossing borders. It doesn’t make much sense. To enable it, you have to create a list of passwords you feel safe traveling with, and then you can turn on the mode that only gives you access to those passwords. But … Read More “Passwords at the Border” »
A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers, what we said disappeared once we’d said it. Neither face-to-face conversations nor telephone conversations were routinely recorded. A permanent communication was something different and special; we called it correspondence. The Internet changed … Read More “Defense Against Doxing” »
In this impressive social-engineering display, a hacker convinces a cell phone tech-support person to change an account password without being verified in any way. Powered by WPeMatico
According to a Harris poll, 39% of Americans would give up sex for a year in exchange for perfect computer security: According to an online survey among over 2,000 U.S. adults conducted by Harris Poll on behalf of Dashlane, the leader in online identity and password management, nearly four in ten Americans (39%) would sacrifice … Read More “Dumb Security Survey Questions” »
This is impressive research: “When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals“: Abstract: In this study, we present WindTalker, a novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information. WindTalker is motivated from the observation that … Read More “Using Wi-Fi to Detect Hand Motions and Steal Passwords” »
Interesting data and analysis. Powered by WPeMatico