SSL and internet security news – Page 170 – Informations about SSL certificates and networks security

Consumer Reports Reviews Wireless Home-Security Cameras

November 7, 2018 infossl

cameras, internetofthings, Security technology, securityengineering, vulnerabilities

Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it’s reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn’t store video from the DCS-2630L in the cloud. Instead, the camera has its own, onboard web server, which can deliver video to the … Read More “Consumer Reports Reviews Wireless Home-Security Cameras” »

Security of Solid-State-Drive Encryption

November 6, 2018 infossl

academicpapers, encryption, firmware, hardware, reverseengineering, Security technology, securityengineering, vulnerabilities

Interesting research: “Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)“: Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have … Read More “Security of Solid-State-Drive Encryption” »

Troy Hunt on Passwords

November 5, 2018 infossl

authentication, biometrics, passwords, Security technology

Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren’t going anywhere in the foreseeable future and why [insert thing here] isn’t going to kill them. No amount of focusing on how bad passwords are or how many accounts have been breached … Read More “Troy Hunt on Passwords” »

Friday Squid Blogging: Eating More Squid

November 2, 2018 infossl

academicpapers, Security technology, squid

This research paper concludes that we’ll be eating more squid in the future. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

How to Punish Cybercriminals

November 2, 2018 infossl

cyberattack, cybercrime, hacking, reports, Security technology

Interesting policy paper by Third Way: “To Catch a Hacker: Toward a comprehensive strategy to identify, pursue, and punish malicious cyber actors“: In this paper, we argue that the United States currently lacks a comprehensive overarching strategic approach to identify, stop and punish cyberattackers. We show that: There is a burgeoning cybercrime wave: A rising … Read More “How to Punish Cybercriminals” »

Buying Used Voting Machines on eBay

November 1, 2018 infossl

ebay, secrecy, Security technology, securityengineering, voting

This is not surprising: This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines — those that were used in the 2016 election — are running Windows CE and have USB ports, along with other components, that make them even easier to … Read More “Buying Used Voting Machines on eBay” »

Was the Triton Malware Attack Russian in Origin?

October 31, 2018 infossl

attribution, control, iran, malware, russia, saudiarabia, Security technology

The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia. I don’t know. FireEye likes to attribute all sorts of things to Russia, but the evidence here looks pretty good. Powered by WPeMatico

ID Systems Throughout the 50 States

October 31, 2018 infossl

dhs, facerecognition, idcards, identification, nationalsecuritypolicy, Security technology

Jim Harper at CATO has a good survey of state ID systems in the US. Powered by WPeMatico

Cell Phone Security and Heads of State

October 30, 2018 infossl

china, eavesdropping, essays, iphone, nationalsecuritypolicy, phones, russia, Security technology

Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump’s personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one. Security experts have been talking about the potential security vulnerabilities in Trump’s cell phone use since he … Read More “Cell Phone Security and Heads of State” »

More on the Supermicro Spying Story

October 29, 2018 infossl

china, espionage, hardware, Security technology

I’ve blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don’t know if the story is true, although I am increasingly skeptical because of the lack of corroborating evidence to emerge. We don’t know anything more, but this is the most comprehensive rebuttal of the story … Read More “More on the Supermicro Spying Story” »