Cybersecurity

For years, when it came to credit-card security, the United States was the last major holdout in the developed world, continuing to issue cards with magnetic stripes rather than the more-secure microchip EMV cards (EMV stands for the three companies that pioneered the chip: Europay, Mastercard, and Visa). http://www.theatlantic.com/business/archive/2016/03/us-determined-to-have-the-least-secure-credit-cards-in-the-world/473199/ Posted from WordPress for Android →

  Now consider this story by the New York Post, which cries out in terror that a master key to the New York City utilities has leaked. The New York Post is crying out in terror that this master key is on the loose, and goes on to publish the full secret of the key, →

We have biometrics, which replaces all that security with a unique aspect of your body, be it a fingerprint, iris scan, or now even the unique sound echo created by your ear. That last one has been developed by NEC Corp in collaboration with Nagaoka University of Technology. They realized that the shape of an →

For an internet advertising company to make money, it can only happen because of the internet user. Yet sometimes it seems almost as if the advertising technology industry is at war with internet users. With more than 50% of savvy internet users in US on ad blockers, and ad blockers being among the most downloaded →

https://shkspr.mobi/blog/2016/03/the-absolute-horror-of-wifi-light-switches/ Example of IoT home automation gone wrong in many ways! Posted from WordPress for Android →

http://www.chiark.greenend.org.uk/~sgtatham/putty/ Maybe it is good time to do security update by installing newest version. Posted from WordPress for Android →

http://arstechnica.com/security/2016/03/pirates-hack-into-shipping-companys-servers-to-identify-booty/ Posted from WordPress for Android →

The discovery of a HTTPS encryption vulnerability, dubbed DROWN, again proves that supporting tired old protocols weakens modern crypto systems. DROWN (aka Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects HTTPS websites and other network services that rely on SSL and TLS – which are core cryptographic protocols for →

https://drownattack.com/#check Posted from WordPress for Android →

CacheBleed is a side-channel attack that exploits information leaks through cache-bank conflicts in Intel processors. By detecting cache-bank conflicts via minute timing variations, we are able to recover information about victim processes running on the same machine. Our attack is able to recover both 2048-bit and 4096-bit RSA secret keys from OpenSSL 1.0.2f running on →