SSL and internet security news – Page 181 – Informations about SSL certificates and networks security

Recovering Keyboard Inputs through Thermal Imaging

July 10, 2018 infossl

academicpapers, passwords, Security technology, sidechannelattacks

Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it’s interesting to think about the types of scenarios in which it might be pulled off. Abstract: As a warm-blooded mammalian species, we humans routinely leave thermal residues on various objects … Read More “Recovering Keyboard Inputs through Thermal Imaging” »

PROPagate Code Injection Seen in the Wild

July 9, 2018 infossl

malware, passwords, Security technology

Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware: This technique abuses the SetWindowsSubclass function — a process used to install or update subclass windows running on the system — and can be used to modify the properties of windows running in the … Read More “PROPagate Code Injection Seen in the Wild” »

Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War

July 6, 2018 infossl

Security technology, squid

Chinese buyers are canceling orders to buy US squid in advance of an expected 25% tariff. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

The NSA’s Domestic Surveillance Centers

July 6, 2018 infossl

edwardsnowden, espionage, nationalsecuritypolicy, nsa, privacy, Security technology, surveillance

The Intercept has a long story about the NSA’s domestic interception points. Includes some new Snowden documents. Powered by WPeMatico

Beating Facial Recognition Software with Face Makeup

July 5, 2018 infossl

biometrics, facerecognition, privacy, Security technology, surveillance

At least right now, facial recognition algorithms don’t work with Juggalo makeup. Powered by WPeMatico

California Passes New Privacy Law

July 3, 2018 infossl

datacollection, dataprotection, laws, privacy, Security technology

The California legislature unanimously passed the strongest data privacy law in the nation. This is great news, but I have a lot of reservations. The Internet tech companies pressed to get this law passed out of self-defense. A ballot initiative was already going to be voted on in November, one with even stronger data privacy … Read More “California Passes New Privacy Law” »

Traffic Analysis of the LTE Mobile Standard

July 2, 2018 infossl

academicpapers, cellphones, encryption, phones, Security technology, trafficanalysis, vulnerabilities

Interesting research in using traffic analysis to learn things about encrypted traffic. It’s hard to know how critical these vulnerabilities are. They’re very hard to close without wasting a huge amount of bandwidth. The active attacks are more interesting. Powered by WPeMatico

Friday Squid Blogging: Fried Squid with Turmeric

June 29, 2018 infossl

Security technology, squid

Good-looking recipe. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Conservation of Threat

June 29, 2018 infossl

academicpapers, psychologyofsecurity, Security technology, threatmodels, warontheunexpected

Here’s some interesting research about how we perceive threats. Basically, as the environment becomes safer we basically manufacture new threats. From an essay about the research: To study how concepts change when they become less common, we brought volunteers into our laboratory and gave them a simple task – to look at a series of … Read More “Conservation of Threat” »

Manipulative Social Media Practices

June 28, 2018 infossl

consumerization, deception, facebook, google, norway, privacy, Security technology, socialmedia

The Norwegian Consumer Council just published an excellent report on the deceptive practices tech companies use to trick people into giving up their privacy. From the executive summary: Facebook and Google have privacy intrusive defaults, where users who want the privacy friendly option have to go through a significantly longer process. They even obscure some … Read More “Manipulative Social Media Practices” »