Articles about Privacy and Security

putting this here because it is one of my favourites.

nothing is immune. @shawn you like mr robot (ive only watched seasons 1 and 2) this is real life.

The Athens Affair. (I have loads of stuff like this if people are interested in reading about it - it isn’t your average hack. - its better than mr robot.)

https://spectrum.ieee.org/telecom/security/the-athens-affair

3 Likes
2 Likes

Y’all might remember this, the ledger pin hack https://leveldown.de/blog/tensorflow-sidechannel-analysis/
Be careful out there
https://www.rtl-sdr.com/using-a-hackrf-sdr-to-sniff-rf-emissions-from-a-crytocurrency-hardware-wallet-and-obtain-the-pin/

2 Likes

Yeah, think that’s bad?

@tromer has managed to distract the cats at mistfpga with his shiny mouse shaped toy. - We were just getting to nano side channel attacks. now they are weaponizing this… (despite my best efforts to keep them focused)

His paper called “Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels” - really great read. however not my area. (side channels are, acoustics are not. neither is van eck radiation. However TEMPEST is. Yeah it is confusing to me too. I let others deal with that.

Would love to have a chat with @tromer after all this development fund stuff has died down, if they get the time, there is strong overlap in what we are interested in.

2 Likes

I remember reading about the acoustic side-channel attack around the time when I first got on the Forum here, it still freaks me out!

2 Likes

This video is a great example of why it makes me sad that the ECC talks with China. (btw you get a small glimpse into how I make my money through out the video. and what weaponised exploits are worth :slight_smile: ) I don’t think I have ever worked with zerodium though. Mainly pentest companies.

Sure the iPhone has never been secure. but watch the whole thing. look at who was targeted and how.

Hard encryption is a tool. It can be used for good or for evil. That is just the way it works. There are some parallels with zcash to this video. But it is not the closed source. zcash isn’t, with zcash technology it is the high barrier to entry from both a maths and cryptographic standpoint.

It is also not a completely fair comparison, the iPhone is not disruptive technology. zcash is. bitcoin was for a bit. but that is for another post.

1 Like

Just published this! :smiley:

5 Likes

OpenBazaar / Haven is so cool:

2 Likes

Thank you so much for these links. I found really useful information there!

3 Likes

Excerpt
“To give that power to Russia, China and other authoritarian states is complete dereliction of duty of the U.S. government to protect us.”

Sex offenders breathe air, let’s pass a law against it! That’ll get em maybe right?!
( this is an exaggeration exemplifying the ridiculousness of justifying an overarching infringement on basic rights to distinguish an extremely small minority of individuals
I hope they get all the sickos but its their job and I don’t know why they think it’s my responsibility to give up my basic rights just to help them do that specifically wtf)

1 Like
5 Likes

The 3 consecutive reply limit is a lil bit annoying sometimes I will admit :sweat_smile:

Srsly

1 Like

Thanks for posting these. have a 3 reply reset. :slight_smile:

1 Like

The answer to the Bogatyy Grin research which seems far to be a good research at all after reading the below:

1 Like

Oregon FBI Tech Tuesday: Securing Smart TVs

https://www.fbi.gov/contact-us/field-offices/portland/news/press-releases/tech-tuesdaysmart-tvs/?portland-field-office

Tech Tuesday: Internet of Things (IoT)

https://www.fbi.gov/contact-us/field-offices/portland/news/press-releases/tech-tuesday-internet-of-things-iot

Oregon FBI Tech Tuesday: Building a Digital Defense Against Calendar Fraud

https://www.fbi.gov/contact-us/field-offices/portland/news/press-releases/oregon-fbi-tech-tuesday-building-a-digital-defense-against-calendar-fraud

Oregon FBI’s Tech Tuesday: Building a Digital Defense Using Virtual Private Networks

https://www.fbi.gov/contact-us/field-offices/portland/news/press-releases/oregon-fbis-tech-tuesday-building-a-digital-defense-using-virtual-private-networks

Not sure where else this would be relevant so I thought id post it here.

if either of these was offered to you, would you do it? why? what do you see the positions involving?

The good?

The bad?

If it helps these jobs would be 200k+ (usd)

1 Like

Not an article but my wife works for a dentist office and she was talking to one of her friends today who works for a different dentist office and she was telling my wife about how their system got hacked yesterday and all of their patients information is being held for $17,000 ransom
No backup was made
I’ll letya know if I hear anything else

1 Like

Those jobs are both bad. I would never take a job that would require me to work on things that violate my principles (whether they’re specified in the job advert or not).

5 Likes