Uncategorized – Page 66 – SSL and internet security news

Detecting Deepfake Audio by Modeling the Human Acoustic Tract

October 3, 2022 infossl

academic papers, artificial intelligence, deep fake, Security technology, Uncategorized

This is interesting research: In this paper, we develop a new mechanism for detecting audio deepfakes using techniques from the field of articulatory phonetics. Specifically, we apply fluid dynamics to estimate the arrangement of the human vocal tract during speech generation and show that deepfakes often model impossible or highly-unlikely anatomical arrangements. When parameterized to … Read More “Detecting Deepfake Audio by Modeling the Human Acoustic Tract” »

Friday Squid Blogging: Breeding the Oval Squid

September 30, 2022 infossl

Security technology, squid, Uncategorized

Japanese scientists are trying to breed the oval squid in captivity. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Security Vulnerabilities in Covert CIA Websites

September 30, 2022 infossl

cia, Citizen Lab, cyberespionage, espionage, operational security, Security technology, Uncategorized

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.” Citizen Lab did the research: … Read More “Security Vulnerabilities in Covert CIA Websites” »

Differences in App Security/Privacy Based on Country

September 29, 2022 infossl

academic papers, android, censorship, data collection, geolocation, privacy, Security technology, Uncategorized

Depending on where you are when you download your Android apps, it might collect more or less data about you. The apps we downloaded from Google Play also showed differences based on country in their security and privacy capabilities. One hundred twenty-seven apps varied in what the apps were allowed to access on users’ mobile … Read More “Differences in App Security/Privacy Based on Country” »

Cold War Bugging of Soviet Facilities

September 28, 2022 infossl

espionage, history of security, russia, Security technology, Uncategorized

Found documents in Poland detail US spying operations against the former Soviet Union. The file details a number of bugs found at Soviet diplomatic facilities in Washington, D.C., New York, and San Francisco, as well as in a Russian government-owned vacation compound, apartments used by Russia personnel, and even Russian diplomats’ cars. And the bugs … Read More “Cold War Bugging of Soviet Facilities” »

New Report on IoT Security

September 27, 2022 infossl

cybersecurity, Internet of Things, reports, security engineering, Security technology, Uncategorized

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.” The report examines the regulatory approaches taken by four countries—the US, the UK, Australia, and Singapore—to secure home, medical, and networking/telecommunications devices. The report recommends that regulators should … Read More “New Report on IoT Security” »

Leaking Passwords through the Spellchecker

September 26, 2022 infossl

browsers, data protection, leaks, passwords, Security technology, Uncategorized

Sometimes browser spellcheckers leak passwords: When using major web browsers like Chrome and Edge, your form data is transmitted to Google and Microsoft, respectively, should enhanced spellcheck features be enabled. Depending on the website you visit, the form data may itself include PII—including but not limited to Social Security Numbers (SSNs)/Social Insurance Numbers (SINs), name, … Read More “Leaking Passwords through the Spellchecker” »

Friday Squid Blogging: Another Giant Squid Washes Up on New Zealand Beach

September 23, 2022 infossl

Security technology, squid, Uncategorized

This one has chewed-up tentacles. (Note that this is a different squid than the one that recently washed up on a South African beach.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Leaking Screen Information on Zoom Calls through Reflections in Eyeglasses

September 23, 2022 infossl

academic papers, Security technology, side-channel attacks, Uncategorized, videoconferencing

Okay, it’s an obscure threat. But people are researching it: Our models and experimental results in a controlled lab setting show it is possible to reconstruct and recognize with over 75 percent accuracy on-screen texts that have heights as small as 10 mm with a 720p webcam.” That corresponds to 28 pt, a font size … Read More “Leaking Screen Information on Zoom Calls through Reflections in Eyeglasses” »

Prompt Injection/Extraction Attacks against AI Systems

September 22, 2022 infossl

artificial intelligence, cyberattack, security engineering, Security technology, Uncategorized

This is an interesting attack I had not previously considered. The variants are interesting, and I think we’re just starting to understand their implications. Powered by WPeMatico