This article discusses an e-commerce fraud technique in the UK. Because the Royal Mail only tracks packages to the postcode — and not to the address – it’s possible to commit a variety of different frauds. Tracking systems that rely on signature are not similarly vulnerable. Powered by WPeMatico
Yahoo News reported that the Russians have successfully targeted an FBI communications system: American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams. Officials also feared that the Russians may have devised other ways to monitor … Read More “Russians Hack FBI Comms System” »
In a document published earlier this month (in French), France described the legal framework in which it will conduct cyberwar operations. Lukasz Olejnik explains what it means, and it’s worth reading. Powered by WPeMatico
Another piglet squid video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Earlier this month I made fun of a company called Crown-Sterling, for…for…for being a company that deserves being made fun of. This morning, the company announced that they “decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer.” Really. They did. This keylength is so small it has never been … Read More “Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago” »
Maria Farrell has a really interesting framing of information/device privacy: What our smartphones and relationship abusers share is that they both exert power over us in a world shaped to tip the balance in their favour, and they both work really, really hard to obscure this fact and keep us confused and blaming ourselves. Here … Read More “A Feminist Take on Information Privacy” »
This article discusses new types of biometrics under development, including gait, scent, heartbeat, microbiome, and butt shape (no, really). Powered by WPeMatico
I previously blogged about a Black Hat talk that disclosed security vulnerabilities in the Boeing 787 software. Ben Rothke concludes that the vulnerabilities are real, but not practical. Powered by WPeMatico
I am in search of a strategic thought partner: a person who can work closely with me over the next 9 to 12 months in assessing what’s needed to advance the practice, integration, and adoption of public-interest technology. All of the details are in the RFP. The selected strategist will work closely with me on … Read More “I’m Looking to Hire a Strategist to Help Figure Out Public-Interest Tech” »
Expandpass is a string expansion program. It’s “useful for cracking passwords you kinda-remember.” You tell the program what you remember about the password and it tries related passwords. I learned about it in this article about Phil Dougherty, who helps people recover lost cryptocurrency passwords (mostly Ethereum) for a cut of the recovered value. Powered … Read More “Cracking Forgotten Passwords” »