Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 55

face_with_colon_three circa 2016.

Two basic types of encryption schemes are used on the internet today. One, known as symmetric-key cryptography, follows the same pattern that people have been using to send secret messages for thousands of years. If Alice wants to send Bob a secret message, they start by getting together somewhere they can’t be overheard and agree on a secret key; later, when they are separated, they can use this key to send messages that Eve the eavesdropper can’t understand even if she overhears them. This is the sort of encryption used when you set up an online account with your neighborhood bank; you and your bank already know private information about each other, and use that information to set up a secret password to protect your messages.

The second scheme is called public-key cryptography, and it was invented only in the 1970s. As the name suggests, these are systems where Alice and Bob agree on their key, or part of it, by exchanging only public information. This is incredibly useful in modern electronic commerce: if you want to send your credit card number safely over the internet to Amazon, for instance, you don’t want to have to drive to their headquarters to have a secret meeting first. Public-key systems rely on the fact that some mathematical processes seem to be easy to do, but difficult to undo. For example, for Alice to take two large whole numbers and multiply them is relatively easy; for Eve to take the result and recover the original numbers seems much harder.

Public-key cryptography was invented by researchers at the Government Communications Headquarters (GCHQ) — the British equivalent (more or less) of the US National Security Agency (NSA) — who wanted to protect communications between a large number of people in a security organization. Their work was classified, and the British government neither used it nor allowed it to be released to the public. The idea of electronic commerce apparently never occurred to them. A few years later, academic researchers at Stanford and MIT rediscovered public-key systems. This time they were thinking about the benefits that widespread cryptography could bring to everyday people, not least the ability to do business over computers.

Read more | >

A team of engineers has developed a new type of camera that can detect radiation in terahertz (THz) wavelengths. This new imaging system can see through certain materials in high detail, which could make it useful for security scanners and other sensors.

Terahertz radiation is that which has wavelengths between microwaves and visible light, and these frequencies show promise in a new class of imaging systems. They can penetrate many materials and capture new levels of detail, and importantly the radiation is non-ionizing, meaning it’s safer than X-rays when used on humans.

The problem is that detectors that pick up THz wavelengths can be bulky, slow, expensive, difficult to run under practical conditions, or some combination of these. But in a new study, researchers at MIT, Samsung and the University of Minnesota have developed a system that can detect THz pulses quickly, precisely and at regular room temperature and pressure.

Read more | >

The invention could enhance the speed of electronic devices and improve security screening technology.

Chinese scientists have conceived of a new method for generating laser-like light that could significantly enhance the communication speed of everyday electronics, according to a report by the South China Morning Post.

The new device that makes this light possible is known as a free-electron laser, and it has been developed by scientists from the Shanghai Institute of Optics and Fine Mechanics under the Chinese Academy of Sciences.

The technology is not entirely new.

The new technology could easily find ready applications for improved security screening by making more efficient body-scanning machines or in the development of more advanced electronics such as smartphones.

Read more | >

A research team based out of the University of Waterloo has developed a drone-powered device that can use Wi-Fi networks to see through walls.

The , nicknamed Wi-Peep, can fly near a building and then use the inhabitants’ Wi-Fi network to identify and locate all Wi-Fi-enabled devices inside in a matter of seconds.

The Wi-Peep exploits a loophole the researchers call polite Wi-Fi. Even if a network is password protected, will automatically respond to contact attempts from any device within range. The Wi-Peep sends several messages to a device as it flies and then measures the response time on each, enabling it to identify the device’s location to within a meter.

Read more | >

A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate ‘pay-per-click’ revenue for the operators.

Some of these sites offer victims to download fake security tools or updates, to trick users into installing the malicious files manually.

At the time of publishing, the apps are still present on Google Play under a developer account called Mobile apps Group, and have a total install count of more than one million.

Read more | >

Scientists including an Oregon State University materials researcher have developed a better tool to measure light, contributing to a field known as optical spectrometry in a way that could improve everything from smartphone cameras to environmental monitoring.

The study, published today in Science, was led by Finland’s Aalto University and resulted in a powerful, ultra-tiny that fits on a microchip and is operated using artificial intelligence.

The research involved a comparatively new class of super-thin materials known as two-dimensional semiconductors, and the upshot is a proof of concept for a spectrometer that could be readily incorporated into a variety of technologies—including quality inspection platforms, security sensors, biomedical analyzers and space telescopes.

Read more | >

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud.

“These droppers continue the unstopping evolution of malicious apps sneaking to the official store,” Dutch mobile security firm ThreatFabric told The Hacker News in a statement.

“This evolution includes following newly introduced policies and masquerading as file managers and overcoming limitations by side-loading the malicious payload through the web browser.”

Read more | >

I guess it’s time for Twitter execs to go home, and for me to start using Twitter again. They killed my chamber of commerce account, then when I opened a personal account, they kept asking for my phone number every time I logged in. If I give you my number once and you send me an sms, I’m not giving it to you again, as that’s not safe.

It ends months of bad blood between the two parties regarding the takeover, with Elon Musk complaining about fake accounts on the platform and claims by a whistleblower that Twitter misled regulators about security risks.

Read more | >

Protecting People, Society & Environment — Lydie Evrard, Deputy Director General; Head, Department of Nuclear Safety & Security, International Atomic Energy Agency (IAEA)

Lydie Evrard (https://www.iaea.org/about/organizational-structure/departme…d-security) is Deputy Director General and Head of the Department of Nuclear Safety and Security at the International Atomic Energy Agency (IAEA).

Ms. Evrard’s department focuses on the protection of people, society and the environment from the harmful effects of ionizing radiation, whether the cause is an unsafe act or a security breach, and her team aims to provide a strong, sustainable and visible global nuclear safety and security framework. Her department was created in 1996 as a response to the Chernobyl nuclear accident.

Prior to joining the IAEA, Ms. Evrard held the role of Commissioner at the French Nuclear Safety Authority (ASN).

Ms. Evrard started her career in the field of engineering, joining the French Ministry of Energy as an engineer and she has worked extensively in the regulatory field over the last 25 years in positions including as Unit Head at the Industry, Research and the Environment Direction of France’s Ministry of the Environment (Paris Region); Deputy Head of the Paris Region Division of the Nuclear Safety Authority (ASN) and subsequently Head of the Authority’s waste, decommissioning, fuel cycle facilities, research facilities and contaminated soils remediation Department. At the ASN, Ms. Evrard handled both radiation protection and nuclear safety issues. In particular, she led, together with counterparts at the Ministry of Energy, the 2013–2015 national plan for the management of radioactive materials and waste and coordinated the stress tests performed on research and fuel cycle facilities, following the Fukushima Daiichi accident.

Continue reading “Lydie Evrard — Deputy Director General, IAEA — Head of the Department of Nuclear Safety and Security” | >