Category: Security technology

Auto Added by WPeMatico

De-Anonymizing Browser History Using Social-Network Data

Posted on By infossl
academicpapers, anonymity, deanonymization, identification, Security technology, socialmedia, tracking

Interesting research: “De-anonymizing Web Browsing Data with Social Networks“: Abstract: Can online trackers and network adversaries de-anonymize web browsing data readily available to them? We show — theoretically, via simulation, and through experiments on real user data — that de-identified web browsing histories can be linked to social media profiles using only publicly available data. … Read More “De-Anonymizing Browser History Using Social-Network Data” »

Security and Privacy Guidelines for the Internet of Things

Posted on By infossl
internetofthings, privacy, Security technology, securityengineering, securitystandards

Lately, I have been collecting IoT security and privacy guidelines. Here’s everything I’ve found: “Internet of Things (IoT) Broadband Internet Technical Advisory Group, Broadband Internet Technical Advisory Group, Nov 2016. “IoT Security Guidance,” Open Web Application Security Project (OWASP), May 2016. “Strategic Principles for Securing the Internet of Things (IoT),” US Department of Homeland Security, … Read More “Security and Privacy Guidelines for the Internet of Things” »

Predicting a Slot Machine's PRNG

Posted on By infossl
casinos, cheating, gambling, randomnumbers, russia, Security technology

Wired is reporting on a new slot machine hack. A Russian group has reverse-engineered a particular brand of slot machine — from Austrian company Novomatic — and can simulate and predict the pseudo-random number generator. The cell phones from Pechanga, combined with intelligence from investigations in Missouri and Europe, revealed key details. According to Willy … Read More “Predicting a Slot Machine's PRNG” »

Cryptkeeper Bug

Posted on By infossl
backdoors, encryption, linux, Security technology, securityengineering

The Linux encryption app Cryptkeeper has a rather stunning security bug: the single-character decryption key “p” decrypts everything: The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper … Read More “Cryptkeeper Bug” »

Hacker Leaks Cellebrite's Phone-Hacking Tools

Posted on By infossl
Security technology

In January we learned that a hacker broke into Cellebrite’s network and stole 900GB of data. Now the hacker has dumped some of Cellebrite’s phone-hacking tools on the Internet. In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene­a community of iPhone hackers that … Read More “Hacker Leaks Cellebrite's Phone-Hacking Tools” »