Collaborate Disseminate
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers wher… Continue reading Spectre and Meltdown Attacks
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud… Continue reading Spectre and Meltdown Attacks
There has been a flurry of research into using the various sensors on your phone to steal data in surprising ways. Here’s another: using the phone’s ambient light sensor to detect what’s on the screen. It’s a proof of concept, but the paper’s general conclusions are correct: There is a lesson here that designing specifications and systems from a privacy… Continue reading Stealing Browsing History Using Your Phone’s Ambient Light Sensor
Researchers build a covert channel between two virtual machines using a shared cache…. Continue reading Covert Channel via Two VMs
Researchers have demonstrated how a malicious piece of software in an air-gapped computer can communicate with a nearby drone using a blinking LED on the computer. I have mixed feelings about research like this. On the one hand, it’s pretty cool. On the other hand, there’s not really anything new or novel, and it’s kind of a movie-plot threat. Research… Continue reading Jumping Air Gaps with Blinking Lights and Drones
New paper: "A Simple Power Analysis Attack on the Twofish Key Schedule." This shouldn’t be a surprise; these attacks are devastating if you don’t take steps to mitigate them. The general issue is if an attacker has physical control of the computer performing the encryption, it is very hard to secure the encryption inside the computer. I wrote a paper… Continue reading Twofish Power Analysis Attack
New paper: "A Simple Power Analysis Attack on the Twofish Key Schedule." This shouldn’t be a surprise; these attacks are devastating if you don’t take steps to mitigate them. The general issue is if an attacker has physical control of the computer performing the encryption, it is very hard to secure the encryption inside the computer. I wrote a paper… Continue reading Twofish Power Analysis Attack
This is impressive research: "When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals": Abstract: In this study, we present WindTalker, a novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information. WindTalker is motivated from the observation that keystrokes on mobile devices will… Continue reading Using Wi-Fi to Detect Hand Motions and Steal Passwords
Ad networks are surreptitiously using ultrasonic communications to jump from device to device. It should come as no surprise that this communications channel can be used to hack devices as well…. Continue reading Ultrasonic Hacking
This is exactly the sort of Internet-of-Things attack that has me worried: "IoT Goes Nuclear: Creating a ZigBee Chain Reaction" by Eyal Ronen, Colin OFlynn, Adi Shamir and Achi-Or Weingarten. Abstract: Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat in which adjacent IoT devices… Continue reading Self-Propagating Smart Light Bulb Worm