Category: protocols

Auto Added by WPeMatico

Web 3.0 Requires Data Integrity

Posted on By infossl
internet, protocols, Security technology, Uncategorized, web

If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and availability—known as the CIA triad. When we talk about a system being secure, that’s what we’re referring to. All are important, but to different degrees in different contexts. In a world populated by artificial intelligence (AI) systems … Read More “Web 3.0 Requires Data Integrity” »

RADIUS Vulnerability

Posted on By infossl
academic papers, authentication, man-in-the-middle attacks, protocols, Security technology, Uncategorized, vulnerabilities

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or … Read More “RADIUS Vulnerability” »

Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed

Posted on By infossl
infrastructure, phones, protocols, Security technology, Uncategorized, vulnerabilities

It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol: On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers’ locations. The FCC has also asked carriers to detail any … Read More “Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed” »

Security Analysis of a Thirteenth-Century Venetian Election Protocol

Posted on By infossl
academic papers, cybersecurity, history of security, italy, protocols, Security technology, Uncategorized, voting

Interesting analysis: This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that it has some useful properties that in addition to being interesting in themselves, also suggest that its fundamental design principle is worth investigating for application to leader … Read More “Security Analysis of a Thirteenth-Century Venetian Election Protocol” »

Wallpaper that Crashes Android Phones

Posted on By infossl
android, phones, protocols, Security technology

This is interesting: The image, a seemingly innocuous sunset (or dawn) sky above placid waters, may be viewed without harm. But if loaded as wallpaper, the phone will crash. The fault does not appear to have been maliciously created. Rather, according to developers following Ice Universe’s Twitter thread, the problem lies in the way color … Read More “Wallpaper that Crashes Android Phones” »

Security Vulnerabilities in the RCS Texting Protocol

Posted on By infossl
cellphones, encryption, protocols, Security technology, securityengineering, ss7, vulnerabilities

Interesting research: SRLabs founder Karsten Nohl, a researcher with a track record of exposing security flaws in telephony systems, argues that RCS is in many ways no better than SS7, the decades-old phone system carriers still used for calling and texting, which has long been known to be vulnerable to interception and spoofing attacks. While … Read More “Security Vulnerabilities in the RCS Texting Protocol” »

Vulnerabilities in the WPA3 Wi-Fi Security Protocol

Posted on By infossl
academicpapers, certifications, protocols, Security technology, vulnerabilities, wifi

Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category consists of downgrade attacks against WPA3-capable devices, and the second category consists of weaknesses in the Dragonfly handshake of WPA3, which in the Wi-Fi standard is better known as the … Read More “Vulnerabilities in the WPA3 Wi-Fi Security Protocol” »

Critical PGP Vulnerability

Posted on By infossl
cryptanalysis, cryptography, email, encryption, pgp, protocols, Security technology, vulnerabilities

EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. … Read More “Critical PGP Vulnerability” »

Unfixable Automobile Computer Security Vulnerability

Posted on By infossl
cars, computersecurity, mitigation, protocols, Security technology, vulnerabilities

There is an unpatchable vulnerability that affects most modern cars. It’s buried in the Controller Area Network (CAN): Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable. Patching the issue means changing … Read More “Unfixable Automobile Computer Security Vulnerability” »