research | Smart Thinking Solutions

21 June 202223 June 2022

If Mega cannot decrypt your files, don’t worry hackers can…

Mega is a popular cloud storage service – with over 250million users. A minimum requirement for any cloud storage service is that the data at rest in their data centres must be encrypted. It seems that Mega’s is not, even though their own publicity states your data will be safely …

Continue reading “If Mega cannot decrypt your files, don’t worry hackers can…”

17 June 202216 June 2022

CPU vulnerabilities – and it does not matter if you are team Intel, team AMD or team Apple!

There have been two pieces of recent research that are pointing to serious issues with a lot of the silicon we use to power our computers. Some of which may be irreparable. The Apple M1 attack is called PACMAN, as it exploits the Pointer Authentication Code (PAC). This attack bypasses …

Continue reading “CPU vulnerabilities – and it does not matter if you are team Intel, team AMD or team Apple!”

10 June 202210 June 2022

Another example of using Bluetooth for something it was not intended for

Earlier this week, I wrote about the Bluetooth weaknesses that would allow someone to drive off with your Tesla: How to unlock a Tesla that does not belong to you! – Smart Thinking Solutions Here is a research paper, from UC San Diego, that examines how the cryptographic anonymity that …

Continue reading “Another example of using Bluetooth for something it was not intended for”

6 June 20226 June 2022

What is it about politicians and privacy?

Before we go any further Smart Thinking and Octagon Technology support any effective and legal means to protect the vulnerable and minors. Politicians, they want privacy to cloak their personal, business and political lives – but seem to hate it when private law abiding citizens want the same as them! …

Continue reading “What is it about politicians and privacy?”

6 June 20226 June 2022

Ransomware via IoT

I have written before about the security limitations of “Internet of Things” (IoT) devices. Many of them are simple devices, possibly based on older tech, they tend to lack the hardware to allow for regular security updates, etc, etc etc. At least the UK Government is enacting laws to make …

Continue reading “Ransomware via IoT”

18 May 202219 May 2022

Research that shows it is possible to hack an iPhone when it is turned off and drive off in your Tesla – UPDATED 18 May 2022 with real world examples of Bluetooth vulnerabilities

This is theoretical research that shows it may be possible to run malware on an iPhone that is still active even when the phone is powered off, by abusing a lack of authentication in the Bluetooth system and the fact that the Bluetooth is used in the Apple “find my…” …

Continue reading “Research that shows it is possible to hack an iPhone when it is turned off and drive off in your Tesla – UPDATED 18 May 2022 with real world examples of Bluetooth vulnerabilities”

17 May 202215 May 2022

Your expectations of privacy

You you start to order that holiday, and part way through completing the online form, your partner finds a better deal on their phone – so you stop and close that web page and go to the next one. I am sure that every reasonable thinking person (that will be …

Continue reading “Your expectations of privacy”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.