Collaborate Disseminate
Interesting paper: "Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier," by Christine Borgman: Abstract: As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challeng… Continue reading Privacy and Security of Data at Universities
Interesting paper: "Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier," by Christine Borgman: Abstract: As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel developments in academic data collection… Continue reading Privacy and Security of Data at Universities
Interesting research: "Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many… Continue reading Security of Solid-State-Drive Encryption
This research paper concludes that we’ll be eating more squid in the future. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here…. Continue reading Friday Squid Blogging: Eating More Squid
This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if you watch a few seconds on a phone screen, aren’t perfect (yet). They contain tells, like creepily ever-open eyes, from flaws in their creation process. In looking into DeepFake’s guts, Lyu realized that the images that… Continue reading Detecting Fake Videos
This is a long — and somewhat technical — paper by Chris C. Demchak and Yuval Shavitt about China’s repeated hacking of the Internet Border Gateway Protocol (BGP): "China’s Maxim Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking." BGP hacking is how large intelligence agencies manipulate Internet routing to make certain traffic easier to… Continue reading China’s Hacking of the Border Gateway Protocol
If you’re an American of European descent, there’s a 60% chance you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public. Research paper: "Identity inference of genomic data using long-range familial searches." Abstract: Consumer genomics databases have reached the scale of millions… Continue reading How DNA Databases Violate Everyone’s Privacy
Interesting research paper: "Fear the Reaper: Characterization and Fast Detection of Card Skimmers": Abstract: Payment card fraud results in billions of dollars in losses annually. Adversaries increasingly acquire card data using skimmers, which are attached to legitimate payment devices including point of sale terminals, gas pumps, and ATMs. Detecting such devices can be difficult, and while many experts offer advice… Continue reading Detecting Credit Card Skimmers
From Kashmir Hill: Facebook is not content to use the contact information you willingly put into your Facebook profile for advertising. It is also using contact information you handed over for security purposes and contact information you didn’t hand over at all, but that was collected from other people’s contact books, a hidden layer of details Facebook has about you… Continue reading Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising
This is interesting research: "On the Security of the PKCS#1 v1.5 Signature Scheme": Abstract: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplici… Continue reading Evidence for the Security of PKCS #1 Digital Signatures