Informations about SSL certificates and networks security
In January we learned that a hacker broke into Cellebrite’s network and stole 900GB of data. Now the hacker has dumped some of Cellebrite’s phone-hacking tools on the Internet. In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scenea community of iPhone hackers that … Read More “Hacker Leaks Cellebrite's Phone-Hacking Tools” »
A whale recently died in Norway because there were thirty plastic bags in its stomach. Researchers believe it may have mistaken the plastic bags for squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Here’s an article about the US Secret Service and their Cell Phone Forensics Facility in Tulsa. I said it before and I’ll say it again: the FBI needs technical expertise, not back doors. Powered by WPeMatico
Here’s a story about data from a pacemaker being used as evidence in an arson conviction. EDITED TO ADD: Another news article. BoingBoing post. Powered by WPeMatico
Last year, on October 21, your digital video recorder - or at least a DVR like yours - knocked Twitter off the internet. Someone used your DVR, along with millions of insecure webcams, routers, and other connected devices, to launch an attack that started a chain reaction, resulting in Twitter, Reddit, Netflix, and many sites … Read More “Security and the Internet of Things” »
Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network. Among other things, the locked network wouldn’t allow any of the guests to open their hotel room doors. I expect IoT ransomware to become a major area of crime in the next few years. How long before we see … Read More “IoT Ransomware against Austrian Hotel” »
Last week, President Trump signed an executive order affecting the privacy rights of non-US citizens with respect to data residing in the US. Here’s the relevant text: Privacy Act. Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents … Read More “New Rules on Data Privacy for Non-US Citizens” »
New fossil bed discovered in Alberta: The finds at the site include 16 vampyropods, a relative of the vampire squid with its ink sac and fine details of its muscles still preserved in exquisite detail. As usual, you can also use this squid post to talk about the security stories in the news that I … Read More “Friday Squid Blogging: Squid Fossils from the Early Jurassic” »
There are a lot of them. In a world where the number of fans, friends, followers, and likers are social currency — and where the number of reposts is a measure of popularity — this kind of gaming the system is inevitable. Powered by WPeMatico
Mike Specter has an interesting idea on how to make biometric access-control systems more secure: add a duress code. For example, you might configure your iPhone so that either thumb or forefinger unlocks the device, but your left middle finger disables the fingerprint mechanism (useful in the US where being compelled to divulge your password … Read More “Duress Codes for Fingerprint Access Control” »