Security technology – Page 138 – SSL and internet security news

Dark Web Site Taken Down without Breaking Encryption

October 25, 2019 infossl

bitcoin, childpornography, cryptocurrency, cryptography, darkweb, forensics, Security technology

The US Department of Justice unraveled a dark web child-porn website, leading to the arrest of 337 people in at least 18 countries. This was all accomplished not through any backdoors in communications systems, but by analyzing the bitcoin transactions and following the money: Welcome to Video made money by charging fees in bitcoin, and … Read More “Dark Web Site Taken Down without Breaking Encryption” »

Mapping Security and Privacy Research across the Decades

October 24, 2019 infossl

academicpapers, computersecurity, historyofsecurity, privacy, Security technology

This is really interesting: “A Data-Driven Reflection on 36 Years of Security and Privacy Research,” by Aniqua Baset and Tamara Denning: Abstract: Meta-research—research about research—allows us, as a community, to examine trends in our research and make informed decisions regarding the course of our future research activities. Additionally, overviews of past research are particularly useful … Read More “Mapping Security and Privacy Research across the Decades” »

NordVPN Breached

October 23, 2019 infossl

breaches, certificates, cryptography, disclosure, encryption, keys, Security technology, vpn

There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN’s network or for a variety of other sensitive purposes. The name of the … Read More “NordVPN Breached” »

Public Voice Launches Petition for an International Moratorium on Using Facial Recognition for Mass Surveillance

October 22, 2019 infossl

biometrics, facerecognition, privacy, Security technology, surveillance

Coming out of the Privacy Commissioners’ Conference in Albania, Public Voice is launching a petition for an international moratorium on using facial recognition software for mass surveillance. You can sign on as an individual or an organization. I did. You should as well. No, I don’t think that countries will magically adopt this moratorium. But … Read More “Public Voice Launches Petition for an International Moratorium on Using Facial Recognition for Mass Surveillance” »

Calculating the Benefits of the Advanced Encryption Standard

October 22, 2019 infossl

aes, cryptography, historyofcryptography, nist, Security technology

NIST has completed a study — it was published last year, but I just saw it recently — calculating the costs and benefits of the Advanced Encryption Standard. From the conclusion: The result of performing that operation on the series of cumulated benefits extrapolated for the 169 survey respondents finds that present value of benefits … Read More “Calculating the Benefits of the Advanced Encryption Standard” »

Details of the Olympic Destroyer APT

October 21, 2019 infossl

advancedpersistentthreats, attribution, cyberattack, northkorea, russia, Security technology, sports

Interesting details on Olympic Destroyer, the nation-state cyberattack against the 2018 Winter Olympic Games in South Korea. Wired’s Andy Greenberg presents evidence that the perpetrator was Russia, and not North Korea or China. Powered by WPeMatico

Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef

October 18, 2019 infossl

Security technology, squid, video

It’s likely the diamondback squid. There’s a video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Why Technologists Need to Get Involved in Public Policy

October 18, 2019 infossl

publicinterest, schneiernews, Security technology, video

Last month, I gave a 15-minute talk in London titled: “Why technologists need to get involved in public policy.” In it, I try to make the case for public-interest technologists. (I also maintain a public-interest tech resources page, which has pretty much everything I can find in this space. If I’m missing something, please let … Read More “Why Technologists Need to Get Involved in Public Policy” »

Adding a Hardware Backdoor to a Networked Computer

October 18, 2019 infossl

backdoors, firewall, hacking, hardware, Security technology, spyware, supplychain

Interesting proof of concept: At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minimal skills, working on a shoestring budget, can plant a chip … Read More “Adding a Hardware Backdoor to a Networked Computer” »

Using Machine Learning to Detect IP Hijacking

October 17, 2019 infossl

academicpapers, bgp, crime, machinelearning, Security technology

This is interesting research: In a BGP hijack, a malicious actor convinces nearby networks that the best path to reach a specific IP address is through their network. That’s unfortunately not very hard to do, since BGP itself doesn’t have any security procedures for validating that a message is actually coming from the place it … Read More “Using Machine Learning to Detect IP Hijacking” »