SSL and internet security news – Page 216 – Informations about SSL certificates and networks security

NSA Document Outlining Russian Attempts to Hack Voter Rolls

June 9, 2017 infossl

dhs, essays, fbi, nationalsecuritypolicy, nsa, russia, Security technology, voting

This week brought new public evidence about Russian interference in the 2016 election. On Monday, the Intercept published a top-secret National Security Agency document describing Russian hacking attempts against the US election system. While the attacks seem more exploratory than operational – and there’s no evidence that they had any actual effect – they further … Read More “NSA Document Outlining Russian Attempts to Hack Voter Rolls” »

Safety and Security and the Internet of Things

June 8, 2017 infossl

academicpapers, certifications, internetofthings, patching, Security technology, securityengineering

Ross Anderson blogged about his new paper on security and safety concerns about the Internet of Things. (See also this short video.) It’s very much along the lines of what I’ve been writing. Powered by WPeMatico

Surveillance Intermediaries

June 7, 2017 infossl

academicpapers, courts, incentives, laws, nationalsecuritypolicy, privacy, Security technology, surveillance

Interesting law-journal article: “Surveillance Intermediaries,” by Alan Z. Rozenshtein. Abstract:Apple’s 2016 fight against a court order commanding it to help the FBI unlock the iPhone of one of the San Bernardino terrorists exemplifies how central the question of regulating government surveillance has become in American politics and law. But scholarly attempts to answer this question … Read More “Surveillance Intermediaries” »

Spear Phishing Attacks

June 6, 2017 infossl

academicpapers, phishing, Security technology, socialmedia

Really interesting research: “Unpacking Spear Phishing Susceptibility,” by Zinaida Benenson, Freya Gassmann, and Robert Landwirth. Abstract: We report the results of a field experiment where we sent to over 1200 university students an email or a Facebook message with a link to (non-existing) party pictures from a non-existing person, and later asked them about the … Read More “Spear Phishing Attacks” »

CIA’s Pandemic Toolkit

June 5, 2017 infossl

cia, cyberweapons, exploits, hacking, implants, Security technology, wikileaks

WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called “Pandemic”: The Pandemic leak does not explain what the CIA’s initial infection vector is, but does describe it as a persistent implant. “As the name suggests, a single computer on a local network with shared drives that is infected with … Read More “CIA’s Pandemic Toolkit” »

Friday Squid Blogging: Squid as Prey

June 2, 2017 infossl

Security technology, squid

There’s lots of video of squid as undersea predators. This is one of the few instances of squid as prey (from a deep submersible in the Pacific): “We saw brittle stars capturing a squid from the water column while it was swimming. I didn’t know that was possible. And then there was a tussle among … Read More “Friday Squid Blogging: Squid as Prey” »

WannaCry and Vulnerabilities

June 2, 2017 infossl

essays, hacking, microsoft, nsa, patching, ransomware, russia, Security technology, vulnerabilities

There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which blocks victims’ access to their computers until they pay a fee. Then there are the users who … Read More “WannaCry and Vulnerabilities” »

Passwords at the Border

June 1, 2017 infossl

borders, eff, encryption, passwords, passwordsafe, Security technology, socialmedia

The password-manager 1Password has just implemented a travel mode that tries to protect users while crossing borders. It doesn’t make much sense. To enable it, you have to create a list of passwords you feel safe traveling with, and then you can turn on the mode that only gives you access to those passwords. But … Read More “Passwords at the Border” »

Post-Quantum RSA

May 31, 2017 infossl

academicpapers, quantumcomputing, rsa, Security technology

Interesting research on a version of RSA that is secure against a quantum computer: Post-quantum RSA Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today’s computers while (2) all known attacks are infeasible, even … Read More “Post-Quantum RSA” »

Inmates Secretly Build and Network Computers while in Prison

May 30, 2017 infossl

concealment, networksecurity, prisons, searches, Security technology

This is kind of amazing: Inmates at a medium-security Ohio prison secretly assembled two functioning computers, hid them in the ceiling, and connected them to the Marion Correctional Institution’s network. The hard drives were loaded with pornography, a Windows proxy server, VPN, VOIP and anti-virus software, the Tor browser, password hacking and e-mail spamming tools, … Read More “Inmates Secretly Build and Network Computers while in Prison” »