Uncategorized – Page 63 – SSL and internet security news

Recovering Passwords by Measuring Residual Heat

October 12, 2022 infossl

cameras, computer security, machine learning, passwords, Security technology, Uncategorized

Researchers have used thermal cameras and ML guessing techniques to recover passwords from measuring the residual heat left by fingers on keyboards. From the abstract: We detail the implementation of ThermoSecure and make a dataset of 1,500 thermal images of keyboards with heat traces resulting from input publicly available. Our first study shows that ThermoSecure … Read More “Recovering Passwords by Measuring Residual Heat” »

Inserting a Backdoor into a Machine-Learning System

October 11, 2022 infossl

academic papers, backdoors, machine learning, Security technology, Uncategorized

Interesting research: “ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks, by Tim Clifford, Ilia Shumailov, Yiren Zhao, Ross Anderson, and Robert Mullins: Abstract: Early backdoor attacks against machine learning set off an arms race in attack and defence development. Defences have since appeared demonstrating some ability to detect backdoors in models or even remove … Read More “Inserting a Backdoor into a Machine-Learning System” »

Complex Impersonation Story

October 10, 2022 infossl

fraud, impersonation, scams, Security technology, Uncategorized

This is a story of one piece of what is probably a complex employment scam. Basically, real programmers are having their resumes copied and co-opted by scammers, who apply for jobs (or, I suppose, get recruited from various job sites), then hire other people with Western looks and language skills are to impersonate those first … Read More “Complex Impersonation Story” »

Friday Squid Blogging: Emotional Support Squid

October 7, 2022 infossl

Security technology, squid, Uncategorized, video

The Monterey Bay Aquarium has a video—”2 Hours Of Squid To Relax/Study/Work To“—with 2.4 million views. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Spyware Maker Intellexa Sued by Journalist

October 7, 2022 infossl

courts, cyberweapons, Greece, israel, privacy, Security technology, spyware, surveillance, Uncategorized

The Greek journalist Thanasis Koukakis was spied on by his own government, with a commercial spyware product called “Predator.” That product is sold by a company in North Macedonia called Cytrox, which is in turn owned by an Israeli company called Intellexa. Koukakis is suing Intellexa. The lawsuit filed by Koukakis takes aim at Intellexa … Read More “Spyware Maker Intellexa Sued by Journalist” »

October Is Cybersecurity Awareness Month

October 5, 2022 infossl

cybersecurity, history of security, security education, Security technology, Uncategorized

For the past nineteen years, October has been Cybersecurity Awareness Month here in the US, and that event that has always been part advice and part ridicule. I tend to fall on the apathy end of the spectrum; I don’t think I’ve ever mentioned it before. But the memes can be funny. Here’s a decent … Read More “October Is Cybersecurity Awareness Month” »

NSA Employee Charged with Espionage

October 4, 2022 infossl

cryptocurrency, cyberespionage, espionage, fbi, nsa, Security technology, Uncategorized, undercover

An ex-NSA employee has been charged with trying to sell classified data to the Russians (but instead actually talking to an undercover FBI agent). It’s a weird story, and the FBI affidavit raises more questions than it answers. The employee only worked for the NSA for three weeks—which is weird in itself. I can’t figure … Read More “NSA Employee Charged with Espionage” »

Detecting Deepfake Audio by Modeling the Human Acoustic Tract

October 3, 2022 infossl

academic papers, artificial intelligence, deep fake, Security technology, Uncategorized

This is interesting research: In this paper, we develop a new mechanism for detecting audio deepfakes using techniques from the field of articulatory phonetics. Specifically, we apply fluid dynamics to estimate the arrangement of the human vocal tract during speech generation and show that deepfakes often model impossible or highly-unlikely anatomical arrangements. When parameterized to … Read More “Detecting Deepfake Audio by Modeling the Human Acoustic Tract” »

Friday Squid Blogging: Breeding the Oval Squid

September 30, 2022 infossl

Security technology, squid, Uncategorized

Japanese scientists are trying to breed the oval squid in captivity. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Security Vulnerabilities in Covert CIA Websites

September 30, 2022 infossl

cia, Citizen Lab, cyberespionage, espionage, operational security, Security technology, Uncategorized

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.” Citizen Lab did the research: … Read More “Security Vulnerabilities in Covert CIA Websites” »