arxiv.org | Smart Thinking Solutions

18 March 202418 March 2024

It is hard to keep a secret

I have written many articles describing how the first steps in any cyber security plan has to be the recognition that you and your team need to be able to keep a secret. For instance the first secret is of course to keep any passwords you have been given access …

Continue reading “It is hard to keep a secret”

23 June 202322 June 2023

Freaky Leaky

With a name like ‘Freaky Leaky SMS’ I had to cover this research. Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings (arxiv.org) At the moment this a research paper, the “attack” has only be carried out in the lab and it takes a large amount of preparatory work. …

Continue reading “Freaky Leaky”

22 May 202323 May 2023

BrutePrint. I wrote about the Android risk last week…

…and I am going to start the week off with the Android risk! BrutePrint! This is only research at the moment but what starts off in the lab can migrate to the wild once threat actors know what to look for! A new brute force attack on Android fingerprint biometric …

Continue reading “BrutePrint. I wrote about the Android risk last week…”

7 March 20237 March 2023

Poisoning AI output

We all know (unless you have had your head under a pillow) that ChatGPT is an artificial intelligence system that among its capabilities it can write a love poem, and academic paper, computer code or even your homework. It can also answer your questions – just ask Bing! ChatGPT AI …

Continue reading “Poisoning AI output”

4 January 20236 January 2023

Breaking encryption

Encryption is a fundamental element of our security and privacy online. Without it you could not shop online using your credit card or have a private conversation. Encryption is is encoding of your information using computational methods – the more complicated the computations the more secure the encryption is. But …

Continue reading “Breaking encryption”

26 September 202223 September 2022

Reflections

Here is a threat that is being actively researched, but probably is not that big a deal – that is of course until we get to reality resolution screens and webcams… [2205.03971] Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing (arxiv.org) However… The …

Continue reading “Reflections”

28 August 202224 August 2022

Air gapping – not as secure as you think – enter Gairoscope and EtherLED

I have reported on other air gap exploits by Mordechai Guri, from Ben-Gurion University in Israel – here are two more ways that the secure air gapped system can be exploited: GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes (arxiv.org) ETHERLED: Sending Covert Morse Signals from Air-Gapped Devices via …

Continue reading “Air gapping – not as secure as you think – enter Gairoscope and EtherLED”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.