Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 65

The popular Screencastify Chrome extension has fixed a vulnerability that allowed malicious sites to hijack users’ webcams and steal recorded videos. However, security flaws still exist that could be exploited by unscrupulous insiders.

The vendor acknowledged the cross-site scripting (XSS) vulnerability and promptly fixed it after security researcher Wladimir Palant reported it responsibly on February 14, 2022.

However, the same privacy and security-related risks remain unaddressed, keeping users at potential risk from websites that partner with the Screencastify platform.

Read more | >

Circa 2014

For most of us, even one bite of chocolate is enough to send our taste buds into ecstasy. Now, scientists have concocted a process to make these dark, dulcet morsels look as decadent as they taste.

Switzerland-based company Morphotonix has given traditional Swiss chocolate-making a colorful twist: It’s devised a method to imprint shiny holograms onto the sweet surfaces — sans harmful additives. Which means when you tilt the goodies from side to side, rainbow stars and swirly patterns on the chocolate’s surface dance and shimmer in the light.

Typically, holograms are laser-imprinted onto a flat, metallic surface such as aluminum; the rainbow-colored hologram appears when light hits the surface at a certain angle (Think of the security sticker on the back of your credit card). But aluminum-drenched chocolate doesn’t sound very appetizing, so confectioners pour the chocolate into a mold etched with a patchwork of minuscule bumps, or microstructures, that bend light at specific angles — embedding a hologram directly onto its surface.

Read more | >

A group of researchers developed a tool capable of detecting errors in the way applications such as Adobe Acrobat or Microsoft Word process JavaScript code, which has allowed finding a total of 134 security flaws, of which 33 have already received a CVE tracking key.

The tool is called “Cooper”, in reference to the technique known as “Cooperative Mutation” it employees. Xu Peng, a software development specialist and co-author of the tool, explains that tools like the ones mentioned accept information from scripting languages; for example, Acrobat allows JavaScript to manipulate PDF files.

This requires the PDF to define native PDF objects and parse the JavaScript code. Native objects are processed by Acrobat modules and a built-in JavaScript engine handles the scripts, while a “binding layer” does the translation.

Read more | >

NVIDIA has published the source code of its Linux kernel modules for the R515 driver, allowing developers to provide greater integration, stability, and security for Linux distributions.

The source code has been published to NVIDIA’s GitHub repository under a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable.

The products supported by these drivers include all models built on the Turing and Ampere architecture, released after 2018, including the GeForce 30 and GeForce 20 series, the GTX 1,650 and 1,660, and data center-grade A series, Tesla, and Quadro RTX.

Read more | >

AUSTIN, Texas—Companies nationwide are struggling to get employees back in the office, but not in Austin.

These days, the city’s workforce is putting in more face time at offices than those in any other major U.S. metro area.

Austin offices are 59%-occupied—and cracked the 60% threshold last month—according to data from Kastle Systems, an office-security firm that records workers’ comings and goings by measuring badge swipes into skyscrapers and corporate campuses.

This Texas city’s workers are putting in more face time than any other major U.S. metro area.

Read more | >

Zack Mannheimer, the CEO of Alquist, predicts more US homes will be 3D printed than built “traditionally” within the next five years.

Imagine moving through airport security without having to take off your shoes or belt or getting pulled aside while your flight boards—while keeping all the precautions that ensure the safety of passengers and flight crews.

Read more | >

Imagine moving through airport security without having to take off your shoes or belt or getting pulled aside while your flight boards—while keeping all the precautions that ensure the safety of passengers and flight crews.

This is the challenge tackled by a team including researchers from Sandia National Laboratories—a challenge that led to development of the Open Threat Assessment Platform, which allows the Transportation Security Administration to respond more quickly and easily to threats to air travel safety.

“When we wanted to change how we screen in response to new threats,” said Andrew Cox, a Sandia R&D systems analyst who leads the OTAP project. “The technology was too rigid. TSA compensated by adding procedures. There’s a shoe bomber and you have to take your shoes off; liquid explosives arrived, and TSA had to limit liquids and gels.”

Read more | >

NASA’s Swift Observatory Tracks Potential Magnetic Flip of Monster Black Hole A rare and enigmatic outburst from an active galaxy 236 million light-years away may have been sparked by a magnetic reversal, a spontaneous flip of the magnetic field surrounding its central black hole. In a comprehen.

A device, created at Stevens Institute of Technology, uses millimeter-wave imaging — the same technology used in airport security scanners — to scan a patient’s skin to detect if they have skin cancer. Millimeter-wave rays harmlessly penetrate about 2mm into human skin, so the team’s imaging technology provides a clear 3D map of scanned skin lesions.

Read more | >