Informations about SSL certificates and networks security
Reports are that President Trump is still using his old Android phone. There are security risks here, but they are not the obvious ones. I’m not concerned about the data. Anything he reads on that screen is coming from the insecure network that we all use, and any e-mails, texts, Tweets, and whatever are going … Read More “Security Risks of the President's Android Phone” »
Interesting research — “Cracking Android Pattern Lock in Five Attempts“: Abstract: Pattern lock is widely used as a mechanism for authentication and authorization on Android devices. In this paper, we demonstrate a novel video-based attack to reconstruct Android lock patterns from video footage filmed u sing a mobile phone camera. Unlike prior attacks on pattern … Read More “Capturing Pattern-Lock Authentication” »
Good article that crunches the data and shows that the press’s coverage of terrorism is disproportional to its comparative risk. This isn’t new. I’ve written about it before, and wrote about it more generally when I wrote about the psychology of risk, fear, and security. Basically, the issue is the availability heuristic. We tend to … Read More “How the Media Influences Our Fear of Terrorism” »
NextGov has a nice article summarizing President Obama’s accomplishments in Internet security: what he did, what he didn’t do, and how it turned out. Powered by WPeMatico
This graphic shows the important difference between arms and tentacles. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Two days ago, the White House released a report on privacy: “Privacy in our Digital Lives: Protecting Individuals and Promoting Innovation.” The report summarizes things the administration has done, and lists future challenges: Areas for Further Attention Technology will pose new consumer privacy and security challenges. Emerging technology may simultaneously create new challenges and opportunities … Read More “New White House Privacy Report” »
There’s research in using a heartbeat as a biometric password. No details in the article. My guess is that there isn’t nearly enough entropy in the reproducible biometric, but I might be surprised. The article’s suggestion to use it as a password for health records seems especially problematic. “I’m sorry, but we can’t access the … Read More “Heartbeat as Biometric Password” »
Really interesting investigative story. Powered by WPeMatico
Back in March, Rolf Weber wrote about a potential vulnerability in the WhatsApp protocol that would allow Facebook to defeat perfect forward secrecy by forcibly change users’ keys, allowing it — or more likely, the government — to eavesdrop on encrypted messages. It seems that this vulnerability is real: WhatsApp has the ability to force … Read More “WhatsApp Security Vulnerability” »
Interesting post on Cloudflare’s experience with receiving a National Security Letter. News article. Powered by WPeMatico