Informations about SSL certificates and networks security
Auto Added by WPeMatico
Here’s an hour-long audio interview with squid scientist Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Responding to the lack of diversity at the RSA Conference, a group of security experts have announced a competing one-day conference: OUR Security Advocates, or OURSA. It’s in San Francisco, and it’s during RSA, so you can attend both. Powered by WPeMatico
Interesting history of the US Army Security Agency in the early years of Cold War Germany. Powered by WPeMatico
This is worrisome: DDoS vandals have long intensified their attacks by sending a small number of specially designed data packets to publicly available services. The services then unwittingly respond by sending a much larger number of unwanted packets to a target. The best known vectors for these DDoS amplification attacks are poorly secured domain name … Read More “New DDoS Reflection-Attack Variant” »
Interesting research: “Finding The Greedy, Prodigal, and Suicidal Contracts at Scale“: Abstract: Smart contracts — stateful executable objects hosted on blockchains like Ethereum — carry billions of dollars worth of coins and cannot be updated once deployed. We present a new systematic characterization of a class of trace vulnerabilities, which result from analyzing multiple invocations … Read More “Security Vulnerabilities in Smart Contracts” »
Princeton’s Karen Levy has a good article computer security and the intimate partner threat: When you learn that your privacy has been compromised, the common advice is to prevent additional access — delete your insecure account, open a new one, change your password. This advice is such standard protocol for personal security that it’s almost … Read More “Intimate Partner Threat” »
This is fascinating research about how the underlying training data for a machine-learning system can be inadvertently exposed. Basically, if a machine-learning system trains on a dataset that contains secret information, in some cases an attacker can query the system to extract that secret information. My guess is that there is a lot more research … Read More “Extracting Secrets from Machine Learning Systems” »
Video and short commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Since you don’t have enough to worry about, here’s a paper postulating that space aliens could send us malware capable of destroying humanity. Abstract: A complex message from space may require the use of computers to display, analyze and understand. Such a message cannot be decontaminated with certainty, and technical risks remain which can pose … Read More “Malware from Space” »
Two weeks ago, I blogged about the myriad of hacking threats against the Olympics. Last week, the Washington Post reported that Russia hacked the Olympics network and tried to cast the blame on North Korea. Of course, the evidence is classified, so there’s no way to verify this claim. And while the article speculates that … Read More “Russians Hacked the Olympics” »