Menu

Blog

Archive for the ‘security’ category: Page 94

Sep 19, 2019

Researchers Think It’s a Good Idea to Secure Your Phone Using the One Thing You Perpetually Lose

Posted by in categories: mobile phones, privacy, security

Apple’s FaceID authentication system started moving smartphone users away from relying on fingerprints to secure their mobile devices, which are arguably less secure. But researchers think they’ve come up with an even better biometric tool for protecting a device that uses a part of the body that’s nearly impossible to spoof: a user’s ear canals.

A team of researchers led by Zhanpeng Jin, an associate professor in the Department of Computer Science and Engineering in the University of Buffalo’s School of Engineering and Applied Sciences, created a new authentication tool called EarEcho, which is somewhat self-explanatory. The team modified a set of off the shelf earbuds with a tiny microphone that points inside the wearer’s ear, not out towards the world around them. It’s not there to pick up ambient sounds to facilitate a noise-canceling or feature, or even the wearer’s voice for making calls; the tiny mic is instead tuned to listen to the echo of sounds as they’re played and then propagate through the ear canal.

Sep 16, 2019

Was SHA-256 cracked? Don’t buy into retraction!

Posted by in categories: bitcoin, cryptocurrencies, encryption, government, hacking, internet, mathematics, military, privacy, security, software

SHA-256 is a one way hashing algorithm. Cracking it would have tectonic implications for consumers, business and all aspects of government including the military.

It’s not the purpose of this post to explain encryption, AES or SHA-256, but here is a brief description of SHA-256. Normally, I place reference links in-line or at the end of a post. But let’s get this out of the way up front:

One day after Treadwell Stanton DuPont claimed that a secret project cracked SHA-256 more than one year ago, they back-tracked. Rescinding the original claim, they announced that an equipment flaw caused them to incorrectly conclude that they had algorithmically cracked SHA-256.

All sectors can still sleep quietly tonight,” said CEO Mike Wallace. “Preliminary results in this cryptanalytic research led us to believe we were successful, but this flaw finally proved otherwise.

Continue reading “Was SHA-256 cracked? Don’t buy into retraction!” »

Sep 16, 2019

EU agency starts space sustainability initiative

Posted by in categories: business, security, space, sustainability

PARIS — The European Union’s equivalent of a foreign ministry is starting a new effort to promote the need for sustainable space operations, but that effort will not initially include any new regulation of European satellite operators.

Carine Claeys, special envoy for space and head of the Space Task Force for the European External Action Service, said in a Sept. 13 panel discussion at Euroconsult’s World Satellite Business Week that the Safety, Security and Sustainability of Outer Space (3SOS) public diplomacy initiative will promote “ethical conduct” in space amid concerns about orbital debris.

The acronym, she noted, has a second meaning. “It is also three times SOS,” she said, “to create the case and a sense of urgency.”

Sep 13, 2019

Researchers Have Issued A Serious Bitcoin Security Warning

Posted by in categories: bitcoin, cryptocurrencies, security

Bitcoin and cryptocurrency adoption has failed to live up to expectations over recent years and fears around scams, fraud, and theft have not helped.

The bitcoin price, after its epic 2017 bull run, slumped last year– though has rebounded in 2019, climbing back above $10,000 per bitcoin.

Now, researchers have warned a staggering four out of the first five results returned when asking Google for a “bitcoin qr generator” led to scam websites–potentially furthering negative public perception around bitcoin and cryptocurrency.

Sep 11, 2019

This AI Uses Echolocation to Follow Your Every Move

Posted by in categories: robotics/AI, security, surveillance

Would you consent to a surveillance system that watches without video and listens without sound?

If your knee-jerk reaction is “no!”, then “huh?” I’m with you. In a new paper in Applied Physics Letters, a Chinese team is wading into the complicated balance between privacy and safety with computers that can echolocate. By training AI to sift through signals from arrays of acoustic sensors, the system can gradually learn to parse your movements—standing, sitting, falling—using only ultrasonic sound.

To study author Dr. Xinhua Guo at the Wuhan University of Technology, the system may be more palatable to privacy advocates than security cameras. Because it relies on ultrasonic waves—the type that bats use to navigate dark spaces—it doesn’t capture video or audio. It’ll track your body position, but not you per se.

Sep 9, 2019

Microsoft Vision AI Developer Kit Simplifies Building Vision-Based Deep Learning Projects

Posted by in categories: information science, robotics/AI, security, transportation

Computer vision is one of the most popular applications of artificial intelligence. Image classification, object detection and object segmentation are some of the use cases of computer vision-based AI. These techniques are used in a variety of consumer and industrial scenarios. From face recognition-based user authentication to inventory tracking in warehouses to vehicle detection on roads, computer vision is becoming an integral part of next-generation applications.

Computer vision uses advanced neural networks and deep learning algorithms such as Convolutional Neural Networks (CNN), Single Shot Multibox Detector (SSD) and Generative Adversarial Networks (GAN). Applying these algorithms requires a thorough understanding of neural network architecture, advanced mathematics and image processing techniques. For an average ML developer, CNN remains to be a complex branch of AI.

Apart from the knowledge and understanding of algorithms, CNNs demand high end, expensive infrastructure for training the models, which is out of reach for most of the developers.

Sep 6, 2019

How the United States Is Developing Post-Quantum Cryptography

Posted by in categories: computing, encryption, government, information science, internet, quantum physics, security

When practical quantum computing finally arrives, it will have the power to crack the standard digital codes that safeguard online privacy and security for governments, corporations, and virtually everyone who uses the Internet. That’s why a U.S. government agency has challenged researchers to develop a new generation of quantum-resistant cryptographic algorithms.

Many experts don ’t expect a quantum computer capable of performing the complex calculations required to crack modern cryptography standards to become a reality within the next 10 years. But the U.S. National Institute of Standards and Technology (NIST) wants to stay ahead by getting new cryptographic standards ready by 2022. The agency is overseeing the second phase of its Post-Quantum Cryptography Standardization Process to narrow down the best candidates for quantum-resistant algorithms that can replace modern cryptography.

“Currently intractable computational problems that protect widely-deployed cryptosystems, such as RSA and Elliptic Curve-based schemes, are expected to become solvable,” says Rafael Misoczki, a cryptographer at the Intel Corporation and a member of two teams (named Bike and Classic McEliece) involved in the NIST process. “This means that quantum computers have the potential to eventually break most secure communications on the planet.”

Aug 29, 2019

Tesla rolls out Key Fob security update for Model S to address risks of cloning

Posted by in categories: biotech/medical, security, sustainability

As part of continuing efforts to ensure their vehicles are the safest cars on the road, Tesla’s “Bug Bounty” program gives awards to security researchers that uncover vulnerabilities in the company’s various product systems. Perhaps one of the most impressive parts of that program, however, is Tesla’s ability to remedy the flaws quickly. In the most recent example of their dedication to security, a Bug Bounty find from April this year is now being patched via an over-the-air (OTA) update in 2019.32.

Last year, a Tesla Model S key fob was hacked by a team led by Lennert Wouters of Katholieke Universiteit Leuven in Belgium (KU Leuven). The security flaw enabled would-be car thieves to clone a fob in less than two seconds, after which the vehicle could be driven off. Tesla subsequently offered a multi-part fix: PIN to Drive, a software update, and a new fob. Wouters again found a very similar flaw in the new fob, but this time the fix only required an OTA update which patched both the vehicle software and the fob’s configuration via radio waves.

Aug 28, 2019

Android 10 coming soon, with important privacy upgrades

Posted by in categories: computing, mobile phones, security

It’s official: Android 10, the next version of the Android operating system, ships 3 September 2019. Well, it’s semi-official, at least.

Mobile site PhoneArena reports that Google’s customer support staff let the date slip to a reader during a text conversation. Expect the operating system, also known as Android Q, to hit Google’s Pixel phones first before rolling out to other models. It will include a range of privacy and security improvements that should keep Android users a little safer.

Aug 23, 2019

Employees connect nuclear plant to the internet so they can mine cryptocurrency

Posted by in categories: cryptocurrencies, internet, nuclear energy, security

Ukrainian authorities are investigating a potential security breach at a local nuclear power plant after employees connected parts of its internal network to the internet so they could mine cryptocurrency.

The investigation is being led by the Ukrainian Secret Service (SBU), who is looking at the incident as a potential breach of state secrets due to the classification of nuclear power plants as critical infrastructure.

Investigators are examining if attackers might have used the mining rigs as a pivot point to enter the nuclear power plant’s network and retrieve information from its systems, such as data about the plant’s physical defenses and protections.

Page 94 of 148First9192939495969798Last