Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 67

Software development and testing platform Travis CI confirmed the second incident of exposing its users’ data in less than a year. On this occasion, the compromised records include authentication tokens that would allow access to platforms such as AWS, GitHub, and Docker Hub.

According to a report prepared by the firm Aqua Security, tens of thousands of user tokens would have been exposed through the Travis CI API, which contains more than 770 million records with multiple types of credentials belonging to users of free subscriptions.

According to the report, Travis CI did not apply sufficient protections for record numbers, which would allow the execution of an enumeration script to retrieve an undetermined number of code strings: “This is not easy with other providers since they must mention in the URL a client ID, making it difficult to execute enumeration in the records.”

Read more | >

Biometric authentication like fingerprint and iris scans are a staple of any spy movie, and trying to circumvent those security measures is often a core plot point. But these days the technology is not limited to spies, as fingerprint verification and facial recognition are now common features on many of our phones.

Now, researchers have developed a new potential odorous option for the security toolkit: your breath. In a report published in Chemical Communications, researchers from Kyushu University’s Institute for Materials Chemistry and Engineering, in collaboration with the University of Tokyo, have developed an olfactory sensor capable of identifying individuals by analyzing the compounds in their breath.

Combined with machine learning, this “artificial nose,” built with a 16-channel sensor array, was able to authenticate up to 20 individuals with an average accuracy of more than 97%.

Read more | >

Algorithms, Shor’s Quantum Factoring Algorithm for breaking RSA Security, and the Future of Quantum Computing.

▬ In this video ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
I talk about my PhD research at MIT in Quantum Artificial Intelligence. I also explain the basic concepts of quantum computers, and why they are superior to conventional computers for specific tasks. Prof. Peter Shor, the inventor of Shor’s algorithm and one of the founding fathers of Quantum Computing, kindly agreed to participate in this video.

▬ Follow me ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
LinkedIn: https://www.linkedin.com/in/samuel-bosch/
Instagram: https://www.instagram.com/samuel.bosch/

▬ Credits ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Some of the animations were taken from “Quanta Magazine” (Quantum Computers, Explained With Quantum Physics): https://www.youtube.com/channel/UCTpmmkp1E4nmZqWPS-dl5bg.

Other animations are from “Josh’s Channel” (How Quantum Computers Work): https://www.youtube.com/channel/UCnNEI3UdreSoQ6XUNcKoUeg.

The quantum circuit animations are from “Kurzgesagt – In a Nutshell” (Quantum Computers Explained – Limits of Human Technology): https://www.youtube.com/channel/UCsXVk37bltHxD1rDPwtNM8Q

Continue reading “Quantum Artificial Intelligence | My PhD at MIT” | >

Philip Glass to release a short silence on the matter.

The music vault is a parallel project to the Global Seed Vault (opens in new tab), which keeps the seeds of today’s trees and plants safe for the future, just in case we need to rebuild agriculture for any reason. The vault is located on the island of Spitsbergen, Norwegian territory, within the Arctic circle. It lacks tectonic activity, is permanently frozen, is high enough above sea level to stay dry even if the polar caps melt, and even if the worst happens, it won’t thaw out fully for 200 years. Just to be on the safe side, the main vault is built 120m into a sandstone mountain, and its security systems are said to be robust. As of June 2021, the seed vault had conserved 1,081,026 different crop samples.

The music is to be stored in a dedicated vault in the same mountain used by the seed vault. The glass used is an inert material, shaped into platters 75mm (3 inches) across and 2mm (less than 1/8th of an inch) thick. A laser encodes data in the glass by creating layers of three-dimensional nanoscale gratings and deformations. Machine learning algorithms read the data back by decoding images and patterns created as polarized light shines through the glass. The silica glass platters are fully resistant to electromagnetic pulses and the most challenging of environmental conditions. It can be baked, boiled, scoured and flooded without degradation of the data written into the glass. Tests to see if it really does last many thousands of years, however, can be assumed to be ongoing.

Jurgen Willis, Vice President of Program Management at Microsoft, said, “In this proof of concept, Microsoft and Elire Group worked together to demonstrate how Project Silica can help achieve the goal of preserving and safeguarding the world’s most valuable music for posterity, on a medium that will stand the test of time, using innovative archival storage in glass.”

Read more | >

Microsoft has released security updates with the June 2022 cumulative Windows Updates to address a critical Windows zero-day vulnerability known as Follina and actively exploited in ongoing attacks.

“Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action,” Microsoft said in an update to the original advisory.

“Microsoft recommends installing the updates as soon as possible,” the company further urged customers in a post on the Microsoft Security Response Center.

Read more | >

Online platforms like Twitter 0, Facebook and Tiktok will be required to register and open offices in Nigeria and appoint contact persons with the government, draft regulations from the information technology development agency show. The code of practice for “interactive computer service platforms/internet intermediaries” was meant to curb online abuse, including disinformation and misinformation, the National Information Technology Development Agency (NITDA) said in the regulations posted on its website.

A statement from the agency’s spokesperson dated June 13 said the regulations were developed with input from Twitter, Facebook, WhatsApp, Instagram, Google and TikTok, among others. The platforms are popular in Nigeria, Africa’s most populous nation with more than 200 million people.

NIDTA said the platforms would be required to provide to users or authorised government agencies relevant information, including for purposing of preserving security and public order. They would also have to file annual reports to NITDA with the number of registered users in Nigeria, number of complaints received and content taken down due to disinformation and misinformation.

Read more | >

Security researchers have uncovered a large-scale malicious operation that uses trojanized mobile cryptocurrency wallet applications for Coinbase, MetaMask, TokenPocket, and imToken services.

The malicious activity has been identified earlier this year in March. Researchers at Confiant named this activity cluster SeaFlower and describe it as “the most technically sophisticated threat targeting web3 users, right after the infamous Lazarus Group.”

In a recent report, Confiant notes that the malicious cryptocurrency apps are identical to the real ones but they come with a backdoor that can steal the users’ security phrase for accessing the digital assets.

Read more | >

The will help you find new opportunities to use and further develop your machine learning skills.

Machine learning has proven to be a tool that performs well in a variety of application fields. From educational and training companies to security systems like facial recognition and online transaction prevention, it is used to improve the quality and accuracy of existing techniques.

Choosing the best tools for machine learning and navigating the space of tools for machine learning isn’t as simple as Google searching “machine learning tools”.

There are many factors to consider when choosing a tool for your needs: types of data you’re working with, type of analysis you need to perform, integration with other software packages you’re using, and more.

Read more | >