I have written many articles describing how the first steps in any cyber security plan has to be the recognition that you and your team need to be able to keep a secret. For instance the first secret is of course to keep any passwords you have been given access …
BrutePrint. I wrote about the Android risk last week…
…and I am going to start the week off with the Android risk! BrutePrint! This is only research at the moment but what starts off in the lab can migrate to the wild once threat actors know what to look for! A new brute force attack on Android fingerprint biometric …
Continue reading “BrutePrint. I wrote about the Android risk last week…”
Poisoning AI output
We all know (unless you have had your head under a pillow) that ChatGPT is an artificial intelligence system that among its capabilities it can write a love poem, and academic paper, computer code or even your homework. It can also answer your questions – just ask Bing! ChatGPT AI …
Breaking encryption
Encryption is a fundamental element of our security and privacy online. Without it you could not shop online using your credit card or have a private conversation. Encryption is is encoding of your information using computational methods – the more complicated the computations the more secure the encryption is. But …
Reflections
Here is a threat that is being actively researched, but probably is not that big a deal – that is of course until we get to reality resolution screens and webcams… [2205.03971] Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing (arxiv.org) However… The …
Air gapping – not as secure as you think – enter Gairoscope and EtherLED
I have reported on other air gap exploits by Mordechai Guri, from Ben-Gurion University in Israel – here are two more ways that the secure air gapped system can be exploited: GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes (arxiv.org) ETHERLED: Sending Covert Morse Signals from Air-Gapped Devices via …
Continue reading “Air gapping – not as secure as you think – enter Gairoscope and EtherLED”