Long a theoretical threat, the observation of typing patterns has been refined into a "a highly practical attack" aimed at user anonymity over the internet.
Dan Goodin reports on a devilish profiling technique
The gathering of unique keystroke characteristics is an example of what's known as behavioral biometrics, or the measurement of something a person does, such as speaking, walking, or typing. So far, Thorsheim and Moore say, several banking websites appear to be using keystroke profiling to perform an additional layer of authentication on site users. In theory, such an approach could allow the sites to detect account hijackings, even when the attacker enters the correct username and password. … To be fair, behavioral biometrics is by no means a new field of study. As evidenced by this Slashdot thread from 2007, people have long recognized the potential of using it to identify people behind a keyboard. There's also a huge library of research papers showing how to profile and de-anonymize browsers connecting over Tor. Still, if banks and other sites can use the technique to create reliable and accurate profiles of customers, it stands to reason that governments around the world can and do profile people of interest.
Keyboard Privacy is a Chrome plugin that subtly randomizes the rate your keyboard actions are injected into the browser environment.
Security consultant Paul Moore writes about Behavioral Profiling: The password you can't change.
Dropbox has published a set of guidelines for how companies can "encourage, support, and celebrate independent open security research" -- and they're actually pretty great, a set of reasonable commitments to take bug reports seriously and interact respectfully with researchers.
Many people worry that 3D printers will usher in an epidemic of untraceable "ghost guns," particularly guns that might evade some notional future gun control regime that emerges out of the current movement to put sensible, minimal curbs on guns, particularly anti-personnel guns.
Saleem Rashid is a 15 year old self-taught British programmer who discovered a fatal defect in the Ledger Nano S, an offline cryptocurrency wallet that is marketed as being "tamper-proof."
The Nintendo Switch is king when it comes to gaming on the go, but it’s tough to lose yourself in Zelda: Breath of the Wild or Skyrim if your battery dies out. That’s where this Nintendo Switch Battery Charger Case comes into play. Built exclusively for Nintendo Switch, this pack allows for uninterrupted charging while you play, […]
Creative designers play a pivotal role in engaging target audiences and customers, and while companies are eager to bring more of these professionals on board, you’ll have a hard time getting your foot in the door if you’re not using the industry’s best tools. From Adobe to Maya, the eduCBA Design & Multimedia Lifetime Subscription Bundle […]
As more companies aim to reel in costs and boost productivity, project managers are becoming an essential part of many operations, and they’re paid handsomely for their expertise. But, while demand is high, you’ll have a hard time getting your foot in the door if you’re not toting the right certifications. The Official Lean Six Sigma […]