New authenticated encryption algorithm is resistant to multiple misuse

Nippon Telegraph and Telephone Corporation, Mitsubishi Electric Corporation and the University of Fukui have jointly developed an authenticated encryption algorithm offering robust resistance to multiple misuse.

via New authenticated encryption algorithm is resistant to multiple misuse.

Share

What doxxing is, and why it matters

The term “dox” also spelt “doxx”, and short for “[dropping] documents” first came into vogue as a verb around a decade ago, referring to malicious hackers’ habit of collecting personal and private information, including home addresses and national identity numbers. The data are often released publicly against a person’s wishes. It is a practice frowned upon by users of Reddit, a popular online forum, and many others.

via The Economist explains: What doxxing is, and why it matters | The Economist.

Share

ACM interview with Eugene H. Spafford

As a pioneering Internet security researcher and a well-known skeptic about achieving truly secure systems, are you optimistic about efforts to build a more secure network? No, I’m not. I see two problems associated with this approach. First, any significant network that is developed will need to accommodate existing (legacy) systems in some manner, and be operated by some of the same people we have now — there is simply too much invested in legacy systems. This will lead to participating organizations continuing to make poor choices about their priorities for security (and privacy). Many security problems come about because of user error, misconfiguration, poor patching, indirect attacks, and a failure to properly prioritize and fund appropriate safeguards — it isn’t only the design of the networks. A new set of network protocols and connections will not address the full range of issues.

via March 11, 2014: People of ACM: Eugene H. Spafford — Association for Computing Machinery.

Share

Hackers take control of 300,000 home routers

A world-spanning network of hijacked home routers has been uncovered by security researchers. The network involves more than 300,000 routers in homes and small businesses that have been taken over through loopholes in their core software. Discovered by researchers at Team Cymru, the network is thought to be one of the biggest involving such devices.

via BBC News – Hackers take control of 300,000 home routers.

Share

Automatic Exploit Generation – Communications of the ACM

Attackers commonly exploit buggy programs to break into computers. Security-critical bugs pave the way for attackers to install trojans, propagate worms, and use victim computers to send spam and launch denial-of-service attacks. A direct way, therefore, to make computers more secure is to find security-critical bugs before they are exploited by attackers.

via Automatic Exploit Generation | February 2014 | Communications of the ACM.

Share

Contagious wi-fi virus created by Liverpool researchers

A computer virus that can spread via wi-fi like a “common cold” has been created by researchers in Liverpool. In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses. Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable.

via BBC News – ‘Contagious’ wi-fi virus created by Liverpool researchers.

Share

French Team Invents Faster Code-Breaking Algorithm

A team of French mathematicians and computer scientists has made an important advancement in the field of algorithms for breaking cryptographic codes. In a certain class of problem, the new algorithm is able to efficiently solve the discrete logarithm problem that underlies several important types of modern cryptosystems.”Problem sizes, which did not seem even remotely accessible before, are now computable with reasonable resources,” says Emmanuel Thomé, a researcher at the French Institute for Research in Computer Science and Control INRIA and one of four researchers reporting the advance. However, he notes, the new algorithm poses no immediate threat to most existing cryptosystems, including the RSA-based cryptography used in credit cards and much of e-commerce.

via French Team Invents Faster Code-Breaking Algorithm | January 2014 | Communications of the ACM.

uf1

Share

Chinese Internet Traffic Redirected to Small Wyoming Building

In one of the more bizarre twists in recent Internet memory, much of the Internet traffic in China was redirected to a mysterious company in Cheyenne, Wyo., on Tuesday.A large portion of China’s 500 million Internet users were unable to load websites ending in .com, .net or .org for nearly eight hours in most regions of China, according to Compuware, a Detroit-based technology company.The China Internet Network Information Center, a state-run agency that deals with Internet affairs, said it had traced the problem to the country’s domain name system. And one of China’s biggest antivirus software vendors, Qihoo 360 Technology, said the problems affected roughly three-quarters of the country’s domain name system servers.

via Chinese Internet Traffic Redirected to Small Wyoming Building – NYTimes.com.

Share

Quantum computer that could crack most types of encryption

The development of a quantum computer has long been a goal of many in the scientific community, with revolutionary implications for fields such as medicine as well as for the NSA’s code-breaking mission. With such technology, all current forms of public key encryption would be broken, including those used on many secure Web sites as well as the type used to protect state secrets.

via NSA seeks to build quantum computer that could crack most types of encryption – The Washington Post.

Share

Cracked encryption by listening to computer’s CPU

An interesting article pointed out to me by Zhizhao Qian:

Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening – yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. The repercussions for the average computer user are minimal, but if you’re a secret agent, power user, or some other kind of encryption-using miscreant, you may want to reach for the Rammstein when decrypting your data.

via Researchers crack the world’s toughest encryption by listening to the tiny sounds made by your computer’s CPU | ExtremeTech.

Share