Informations about SSL certificates and networks security
Yet another way to collect personal data on people without their knowledge or consent: “Lifestyle chemistries from phones for individual profiling“: Abstract: Imagine a scenario where personal belongings such as pens, keys, phones, or handbags are found at an investigative site. It is often valuable to the investigative team that is trying to trace back … Read More “Mass Spectrometry for Surveillance” »
It’s over. The voting went smoothly. As of the time of writing, there are no serious fraud allegations, nor credible evidence that anyone tampered with voting rolls or voting machines. And most important, the results are not in doubt. While we may breathe a collective sigh of relief about that, we can’t ignore the issue … Read More “Election Security” »
Julian Oliver has designed and built a cellular eavesdropping device that’s disguised as an old HP printer. Masquerading as a regular cellular service provider, Stealth Cell Tower surreptitiously catches phones and sends them SMSs written to appear they are from someone that knows the recipient. It does this without needing to know any phone numbers. … Read More “Fake HP Printer That's Actually a Cellular Eavesdropping Device” »
There’s a Kickstarter for a sticker that you can stick on a glove and then register with a biometric access system like an iPhone. It’s an interesting security trade-off: swapping something you are (the biometric) with something you have (the glove). Gizmodo story. Powered by WPeMatico
Pretty neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
Interesting research: “Using Artificial Intelligence to Identify State Secrets,” by Renato Rocha Souza, Flavio Codeco Coelho, Rohan Shah, and Matthew Connelly. Abstract: Whether officials can be trusted to protect national security information has become a matter of great public controversy, reigniting a long-standing debate about the scope and nature of official secrecy. The declassification of … Read More “Automatically Identifying Government Secrets” »
This is some interesting research. You can fool facial recognition systems by wearing glasses printed with elements of other peoples’ faces. Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, and Michael K. Reiter, “Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition“: ABSTRACT: Machine learning is enabling a myriad innovations, including new algorithms for … Read More “Fooling Facial Recognition Systems” »
Ad networks are surreptitiously using ultrasonic communications to jump from device to device. It should come as no surprise that this communications channel can be used to hack devices as well. Powered by WPeMatico
Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the outages, and the vulnerabilities that made the attack possible, was as much a failure of market and policy as it was of technology. If we want to secure our increasingly … Read More “Regulation of the Internet of Things” »
The NSA has been abandoning secret and proprietary cryptographic algorithms in favor of commercial public algorithms, generally known as “Suite B.” In 2010, an NSA employee filed some sort of whistleblower complaint, alleging that this move is both insecure and wasteful. The US DoD Inspector General investigated and wrote a report in 2011. The report … Read More “Whistleblower Investigative Report on NSA Suite B Cryptography” »