Category: usability

Auto Added by WPeMatico

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Posted on By infossl
academic papers, Security technology, Uncategorized, usability

Really interesting research: “How WEIRD is Usable Privacy and Security Research?” by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract: In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries. This WEIRD skew may hinder understanding … Read More “Is Security Human Factors Research Skewed Towards Western Ideas and Habits?” »

Apple’s Lockdown Mode

Posted on By infossl
apple, cybersecurity, ios, Security technology, Uncategorized, usability, vulnerabilities

I haven’t written about Apple’s Lockdown Mode yet, mostly because I haven’t delved into the details. This is how Apple describes it: Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most … Read More “Apple’s Lockdown Mode” »

Hiding Vulnerabilities in Source Code

Posted on By infossl
academic papers, operating systems, security engineering, Security technology, steganography, Uncategorized, usability, vulnerabilities

Really interesting research demonstrating how to hide vulnerabilities in source code by manipulating how Unicode text is displayed. It’s really clever, and not the sort of attack one would normally think about. From Ross Anderson’s blog: We have discovered ways of manipulating the encoding of source code files so that human viewers and compilers see … Read More “Hiding Vulnerabilities in Source Code” »

SIM Hijacking

Posted on By infossl
academicpapers, authentication, cellphones, fraud, Security technology, simcards, smartphones, usability

SIM hijacking — or SIM swapping — is an attack where a fraudster contacts your cell phone provider and convinces them to switch your account to a phone that they control. Since your smartphone often serves as a security measure or backup verification system, this allows the fraudster to take over other accounts of yours. … Read More “SIM Hijacking” »

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

Posted on By infossl
apple, authentication, banking, ios, Security technology, sms, twofactorauthentication, usability

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, so that people can use them without having to memorize or type them. Sounds like a really good idea, but Andreas Gutmann points … Read More “Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill” »

WhatsApp Security Vulnerability

Posted on By infossl
backdoors, encryption, facebook, Security technology, signal, usability, vulnerabilities, whatsapp

Back in March, Rolf Weber wrote about a potential vulnerability in the WhatsApp protocol that would allow Facebook to defeat perfect forward secrecy by forcibly change users’ keys, allowing it — or more likely, the government — to eavesdrop on encrypted messages. It seems that this vulnerability is real: WhatsApp has the ability to force … Read More “WhatsApp Security Vulnerability” »