Collaborate Disseminate
Bluetooth has a serious security vulnerability: In some implementations, the elliptic curve parameters are not all validated by the cryptographic algorithm implementation, which may allow a remote attacker within wireless range to inject an invalid public key to determine the session key with high probability. Such an attacker can then passively intercept and decrypt all device messages, and/or forge and… Continue reading Major Bluetooth Vulnerability
Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it’s interesting to think about the types of scenarios in which it might be pulled off. Abstract:… Continue reading Recovering Keyboard Inputs through Thermal Imaging
Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it’s interesting to think about the types of scenarios in which it might be pulled off. Abstract: As a warm-blooded mammalian species, we humans routinely leave thermal residues on various objects with which we come in… Continue reading Recovering Keyboard Inputs through Thermal Imaging
Interesting research in using traffic analysis to learn things about encrypted traffic. It’s hard to know how critical these vulnerabilities are. They’re very hard to close without wasting a huge amount of bandwidth. The active attacks are more interesting. EDITED TO ADD (7/3): More information. I have been thinking about this, and now believe the attacks are more serious than… Continue reading Traffic Analysis of the LTE Mobile Standard
Here’s some interesting research about how we perceive threats. Basically, as the environment becomes safer we basically manufacture new threats. From an essay about the research: To study how concepts change when they become less common, we brought volunteers into our laboratory and gave them a simple task – to look at a series of computer-generated faces and decide which… Continue reading Conservation of Threat
We all know that it happens: when we see a security warning too often — and without effect — we start tuning it out. A new paper uses fMRI, eye tracking, and field studies to prove it. EDITED TO ADD (6/6): This blog post summarizes the findings…. Continue reading The Habituation of Security Warnings
Ross Anderson has a new paper on cryptocurrency exchanges. From his blog: Bitcoin Redux explains what’s going wrong in the world of cryptocurrencies. The bitcoin exchanges are developing into a shadow banking system, which do not give their customers actual bitcoin but rather display a "balance" and allow them to transact with others. However if Alice sends Bob a bitcoin,… Continue reading Regulating Bitcoin
Maybe not DNA, but biological somethings. "Cause of Cambrian explosion — Terrestrial or Cosmic?": Abstract: We review the salient evidence consistent with or predicted by the Hoyle-Wickramasinghe (H-W) thesis of Cometary (Cosmic) Biology. Much of this physical and biological evidence is multifactorial. One particular focus are the recent studies which date the emergence of the complex retroviruses of vertebrate lines… Continue reading Friday Squid Blogging: Do Cephalopods Contain Alien DNA?
Maybe not DNA, but biological somethings. "Cause of Cambrian explosion — Terrestrial or Cosmic?": Abstract: We review the salient evidence consistent with or predicted by the Hoyle-Wickramasinghe (H-W) thesis of Cometary (Cosmic) Biology. Much… Continue reading Friday Squid Blogging: Do Cephalopods Contain Alien DNA?
Playing a sound over the speakers can cause computers to crash and possibly even physically damage the hard drive. Academic paper…. Continue reading Damaging Hard Drives with an Ultrasonic Attack