threat models – SSL and internet security news

Security Analysis of Threema

January 19, 2023 infossl

academic papers, authentication, cryptanalysis, encryption, Security technology, side-channel attacks, threat models, Uncategorized, vulnerabilities

A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a … Read More “Security Analysis of Threema” »

Threats of Machine-Generated Text

January 13, 2023 infossl

academic papers, ChatGPT, machine learning, privacy, Security technology, threat models, Uncategorized

With the release of ChatGPT, I’ve read many random articles about this or that threat from the technology. This paper is a good survey of the field: what the threats are, how we might detect machine-generated text, directions for future research. It’s a solid grounding amongst all of the hype. Machine Generated Text: A Comprehensive … Read More “Threats of Machine-Generated Text” »

New Sophisticated Malware

May 4, 2022 infossl

backdoors, botnets, malware, Security technology, threat models, Uncategorized

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys … Read More “New Sophisticated Malware” »

Securing Your Smartphone

November 15, 2021 infossl

cybersecurity, phishing, risk assessment, security analysis, Security technology, smartphones, threat models, Uncategorized

This is part 3 of Sean Gallagher’s advice for “securing your digital life.” Powered by WPeMatico

Advice for Personal Digital Security

November 11, 2021 infossl

cybersecurity, risk assessment, security analysis, Security technology, threat models, Uncategorized

ArsTechnica’s Sean Gallagher has a two–part article on “securing your digital life.” It’s pretty good. Powered by WPeMatico

DNI’s Annual Threat Assessment

April 15, 2021 infossl

cybersecurity, national security policy, Security technology, supply chain, threat models, Uncategorized

The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages 20-21. Nothing surprising: Cyber threats from nation states and their surrogates will remain acute. States’ increasing use of cyber operations as a tool of national power, including increasing use by militaries around … Read More “DNI’s Annual Threat Assessment” »

Threat Model Humor

March 5, 2021 infossl

humor, medicine, Security technology, threat models, Uncategorized

At a hospital. Powered by WPeMatico

On Chinese-Owned Technology Platforms

February 25, 2021 infossl

china, national security policy, reports, Security technology, threat models, Uncategorized

I am a co-author on a report published by the Hoover Institution: “Chinese Technology Platforms Operating in the United States.” From a blog post: The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses. It starts from the common view … Read More “On Chinese-Owned Technology Platforms” »