smartphones – SSL and internet security news

Brute-Forcing a Fingerprint Reader

May 30, 2023 infossl

academic papers, authentication, cracking, fingerprints, Security technology, smartphones, Uncategorized

It’s neither hard nor expensive: Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the … Read More “Brute-Forcing a Fingerprint Reader” »

FBI Advising People to Avoid Public Charging Stations

April 12, 2023 infossl

cell phones, fbi, malware, Security technology, smartphones, Uncategorized, usb

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices … Read More “FBI Advising People to Avoid Public Charging Stations” »

Hacked Cellebrite and MSAB Software Released

January 16, 2023 infossl

cyberweapons, leaks, Security technology, smartphones, Uncategorized

Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies. Powered by WPeMatico

Recovering Smartphone Voice from the Accelerometer

December 30, 2022 infossl

academic papers, eavesdropping, Security technology, side-channel attacks, smartphones, Uncategorized

Yet another smartphone side-channel attack: “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers“: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks … Read More “Recovering Smartphone Voice from the Accelerometer” »

Ukraine Intercepting Russian Soldiers’ Cell Phone Calls

December 21, 2022 infossl

cell phones, eavesdropping, iphone, russia, Security technology, smartphones, ukraine, Uncategorized

They’re using commercial phones, which go through the Ukrainian telecom network: “You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too … Read More “Ukraine Intercepting Russian Soldiers’ Cell Phone Calls” »

Russian Software Company Pretending to Be American

November 16, 2022 infossl

russia, Security technology, smartphones, supply chain, Uncategorized

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a … Read More “Russian Software Company Pretending to Be American” »

Another Event-Related Spyware App

November 15, 2022 infossl

cyberweapons, egypt, Security technology, smartphones, spyware, Uncategorized

Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app: The app is being promoted as a tool to help attendees navigate the event. But it risks giving the Egyptian government permission to read users’ emails and messages. Even messages shared via … Read More “Another Event-Related Spyware App” »

Credit Card Fraud That Bypasses 2FA

September 22, 2022 infossl

banking, credit cards, fraud, Security technology, smartphones, two-factor authentication, Uncategorized

Someone in the UK is stealing smartphones and credit cards from people who have stored them in gym lockers, and is using the two items in combination to commit fraud: Phones, of course, can be made inaccessible with the use of passwords and face or fingerprint unlocking. And bank cards can be stopped. But the … Read More “Credit Card Fraud That Bypasses 2FA” »

Smartphones and Civilians in Wartime

June 9, 2022 infossl

laws, Security technology, sensors, smartphones, Uncategorized, war

Interesting article about civilians using smartphones to assist their militaries in wartime, and how that blurs the important legal distinction between combatants and non-combatants: The principle of distinction between the two roles is a critical cornerstone of international humanitarian law—the law of armed conflict, codified by decades of customs and laws such as the Geneva … Read More “Smartphones and Civilians in Wartime” »

Using Pupil Reflection in Smartphone Camera Selfies

May 3, 2022 infossl

academic papers, identification, Security technology, smartphones, Uncategorized

Researchers are using the reflection of the smartphone in the pupils of faces taken as selfies to infer information about how the phone is being used: For now, the research is focusing on six different ways a user can hold a device like a smartphone: with both hands, just the left, or just the right … Read More “Using Pupil Reflection in Smartphone Camera Selfies” »