Lifeboat Foundation

Researchers from Yale University have unveiled CertiKOS, the world’s first operating system that runs on multi-core processors and shields against cyber-attacks. Scientists believe this could lead to a new generation of reliable and secure systems software.

Led by Zhong Shao, professor of computer science at Yale, the researchers developed an operating system that incorporates formal verification to ensure that a program performs precisely as its designers intended — a safeguard that could prevent the hacking of anything from home appliances and Internet of Things (IoT) devices to self-driving cars and digital currency. Their paper on CertiKOS was presented at the 12th USENIX Symposium on Operating Systems Design and Implementation held Nov. 2–4 in Savannah, Ga.

Computer scientists have long believed that computers’ operating systems should have at their core a small, trustworthy kernel that facilitates communication between the systems’ software and hardware. But operating systems are complicated, and all it takes is a single weak link in the code — one that is virtually impossible to detect via traditional testing — to leave a system vulnerable to hackers.

Continue reading “CertiKOS: A Step Toward Hacker-Resistant Operating Systems” »

Wonder how Tim Cook, Satya & Bill, and Eric and Sergey will respond.

Overseas critics of the law argue it threatens to shut foreign technology companies out of various sectors. PHOTO: REUTERS

BEIJING: China adopted a controversial cybersecurity law on Monday to counter what Beijing says are growing threats such as hacking and terrorism, although the law has triggered concern from foreign business and rights groups.

Continue reading “China adopts cybersecurity law in face of overseas opposition” »

https://youtube.com/watch?v=gM_TckeBZNY

China and now Russia. Looks like a cold war to me.

As concerns about the Kremlin’s involvement in cyber attacks against the West deepen, Moscow is taking aim at Microsoft, Oracle and IBM. Are these efforts symbolic or strategic?

Continue reading “Russia Tightens Grip on Tech Infrastructure, Cuts Ties With US Firms” »

Google has built machine learning systems that can create their own cryptographic algorithms — the latest success for AI’s use in cybersecurity. But what are the implications of our digital security increasingly being handed over to intelligent machines?

Google Brain, the company’s California-based AI unit, managed the recent feat by pitting neural networks against each other. Two systems, called Bob and Alice, were tasked with keeping their messages secret from a third, called Eve. None were told how to encrypt messages, but Bob and Alice were given a shared security key that Eve didn’t have access too.

Continue reading “Battle of the Bots: How AI Is Taking Over the World of Cybersecurity” »

Whenever cybersecurity is discussed, the topic of biometric authentication rises alongside it as a better, more effective, more secure method of security. But is it? Do biometrics actually provide a safer way to complete purchase transactions online?

“Biometrics are a device-specific authentication method,” said Madeline Aufseeser, CEO of online fraud prevention company Tender Armor, of the ways biometric authentication is presently used to secure a digital purchase transaction (as opposed to logging into a bank’s web site, to view an account or transfer money). “Typically the same biometric method does not work across multiple purchasing channels today. The fingerprint used to make a purchase with a smartphone cannot necessarily be used to authenticate a phone order purchase or purchase made with a computer. When you confirm [a purchase transaction] with your fingerprint on a smartphone, all that’s saying is that’s the same fingerprint that’s allowed to use this phone, or the specific application on the phone. Because the fingerprint is only resident and stored on the phone, the phone is authenticating itself, not the cardholder conducting the transaction.”

This sounds a little odd compared to what we might have heard about the capabilities of biometrics previously, mainly because it goes against a core assumption: that a biometric identifier (like a fingerprint) goes with transactional data, from the phone or device, to the payment processor, to the merchant.

Continue reading “Biometric Security Gains Popularity, But Is Far from Foolproof” »

The dark web is associated with drug dealing, criminal schemes and hacking. But there are legitimate reasons why people use…

Fortifying cybersecurity is on everyone’s mind after the massive DDoS attack from last week. However, it’s not an easy task as the number of hackers evolves the same as security. What if your machine can learn how to protect itself from prying eyes? Researchers from Google Brain, Google’s deep Learning project, has shown that neural networks can learn to create their own form of encryption.

According to a research paper, Martín Abadi and David Andersen assigned Google’s AI to work out how to use a simple encryption technique. Using machine learning, those machines could easily create their own form of encrypted message, though they didn’t learn specific cryptographic algorithms. Albeit, compared to the current human-designed system, that was pretty basic, but an interesting step for neural networks.

To find out whether artificial intelligence could learn to encrypt on its own or not, the Google Brain team built an encryption game with its three different entities: Alice, Bob and Eve, powered by deep learning neural networks. Alice’s task was to send an encrypted message to Bob, Bob’s task was to decode that message, and Eve’s job was to figure out how to eavesdrop and decode the message Alice sent herself.

Continue reading “Google’s neural networks created their own encryption method” »

For my CISO/ CSO friends.

It is believed that Russia has the Internet that is considered as impenetrable. Such technology protects Russia from hacking attempts.

The World Wide Web (WWW) is prone to hacking, as shown in the recent cyber attacks on the US which led to outages on giants including Twitter, Amazon and Spotify, for which Russia has been largely blamed, so the Eastern European powerhouse has upped its security measures.

Continue reading “Russian military build impenetrable closed internet – and mocks US technology” »

A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S. on Friday.

Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities by infecting the devices and using them to launch huge distributed denial-of service attacks, including Friday’s outage.

Continue reading “Chinese firm admits its hacked products were behind Friday’s massive DDOS attack” »