Category: Security technology

Auto Added by WPeMatico

Hacking Voice Assistants with Ultrasonic Waves

Posted on By infossl
academicpapers, android, apple, google, hacking, iphone, Security technology, sidechannelattacks, smartphones, video

I previously wrote about hacking voice assistants with lasers. Turns you can do much the same thing with ultrasonic waves: Voice assistants — the demo targeted Siri, Google Assistant, and Bixby — are designed to respond when they detect the owner’s voice after noticing a trigger phrase such as ‘Ok, Google’. Ultimately, commands are just … Read More “Hacking Voice Assistants with Ultrasonic Waves” »

Emergency Surveillance During COVID-19 Crisis

Posted on By infossl
china, covid19, datacollection, eff, epidemiology, iran, israel, nationalsecuritypolicy, privacy, Security technology, surveillance

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure will increase to leverage existing corporate surveillance infrastructure for these purposes in the US and other countries. With that in mind, the EFF has some good thinking on … Read More “Emergency Surveillance During COVID-19 Crisis” »

Work-from-Home Security Advice

Posted on By infossl
covid19, epidemiology, infrastructure, Security technology, securityawareness, vpn, vulnerabilities

SANS has made freely available its “Work-from-Home Awareness Kit.” When I think about how COVID-19’s security measures are affecting organizational networks, I see several interrelated problems: One, employees are working from their home networks and sometimes from their home computers. These systems are more likely to be out of date, unpatched, and unprotected. They are … Read More “Work-from-Home Security Advice” »

The Insecurity of WordPress and Apache Struts

Posted on By infossl
apache, reports, Security technology, securityengineering, vulnerabilities

Interesting data: A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized and exploited in the wild were for two major application frameworks, namely WordPress and Apache Struts. The Drupal content management system ranked third, followed by Ruby on Rails … Read More “The Insecurity of WordPress and Apache Struts” »

TSA Admits Liquid Ban Is Security Theater

Posted on By infossl
airtravel, medicine, Security technology, securitytheater, tsa

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the containers may have to be screened … Read More “TSA Admits Liquid Ban Is Security Theater” »

The EARN-IT Act

Posted on By infossl
backdoors, children, cryptography, cryptowars, encryption, Security technology

Prepare for another attack on encryption in the U.S. The EARN-IT Act purports to be about protecting children from predation, but it’s really about forcing the tech companies to break their encryption schemes: The EARN IT Act would create a “National Commission on Online Child Sexual Exploitation Prevention” tasked with developing “best practices” for owners … Read More “The EARN-IT Act” »

The Whisper Secret-Sharing App Exposed Locations

Posted on By infossl
blackmail, children, datacollection, dataloss, leaks, secretsharing, Security technology

This is a big deal: Whisper, the secret-sharing app that called itself the “safest place on the Internet,” left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed. […] The records were viewable … Read More “The Whisper Secret-Sharing App Exposed Locations” »