Stego for Skrillex: hiding data in dubstep drops

Ben Cartwright-Cox observed that he could modulate the bass frequencies in electronic dance music/dubstep in a way that was easy to detect with a signal processor and inaudible to his unaided ears, so he wrote some code to hide messages in the wubwubwub. Read the rest

Cities' emergency sirens will play anything you send them over an unencrypted radio protocol

It's been a year since someone hacked all 156 of Dallas's emergency tornado sirens, setting them off in the middle of the night, and the security picture for cities' emergency PA systems keeps getting uglier. Read the rest

You can unscramble the hashes of humanity's 5 billion email addresses in ten milliseconds for $0.0069

Marketing companies frequently "anonymize" their dossiers on internet users using hashes of their email addresses -- rather than the email addresses themselves -- as identifiers in databases that are stored indefinitely, traded, sold, and leaked. Read the rest

Even if governments backdoor crypto, they still won't be able to spy on terrorists

In a paper published by the International Association for Cryptologic Research, a group of Harvard and MIT cryptographers demonstrate that even if the government were to backdoor encryption and lock up anyone who used non-backdoored systems, people could still hide undetectable, secure, private messages within the messages sent over the compromised systems. Read the rest

Cloudflare's 1.1.1.1: an encrypted, privacy-protecting DNS service

Cloudflare, a company with a history of resisting surveillance and censorship orders (albeit imperfectly and sometimes with undesirable consequences) has announced a new DNS service, hosted at the easy-to-remember address of 1.1.1.1, which accepts connections under the still-novel DNS-over-HTTPS protocol, and which has privacy designed in, with all logs written only to RAM (never to disk) and flushed every 24 hours. Read the rest

How to evaluate secure messengers and decide which one is for you

The Electronic Frontier Foundation is running an excellent series on the potential and pitfalls of secure messaging app -- this is very timely given the ramping up of state surveillance and identity theft, not to mention anyone looking to #DeleteFacebook and transition away from Facebook Messenger. Read the rest

Cops routinely unlock phones with corpses' fingers

Since 2016, when an FBI agent first used a dead suspect's finger to unlock his phone, police forces across the USA have made a routine practice of unlocking phones using suspects and victims' dead fingers, saving big on buying cyberwar tools like Cellebrite's $1500-$3000 unlocker, or Grayshift's $30k/year Graykey. Read the rest

Attacks that unmask anonymous blockchain transactions can be used against everyone who ever relied on the defective technique

In An Empirical Analysis of Traceability in the Monero Blockchain, a group of eminent computer scientists analyze a longstanding privacy defect in the Monero cryptocurrency, and reveal a new, subtle flaw, both of which can be used to potentially reveal the details of transactions and identify their parties. Read the rest

Teen's devastating bug-report on a "tamper-proof" cryptocurrency wallet shows why companies can't be left in charge of bad news about their products

Saleem Rashid is a 15 year old self-taught British programmer who discovered a fatal defect in the Ledger Nano S, an offline cryptocurrency wallet that is marketed as being "tamper-proof." Read the rest

Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

A crypto primer in the form of Ikea instructions

"Idea-instructions" bills itself as "An ongoing series of nonverbal algorithm assembly instructions", with a half-dozen illustrations of popular computer science concepts covered to date; the latest covers Public-Key Crypto, one of the most important and elusive concepts from modern crypto. Read the rest

SEC to scrutinize public companies getting overnight bitcoin makeovers to cash in on cryptocurrency hype

The U.S. Securities and Exchange Commission today pledged to aggressively scrutinize publicly-traded companies that suddenly change their name or their business model to try to profit from the nutty hype surrounding cryptocurrency. SEC Chairman Jay Clayton threw this wet towel on the blockchain bubble Monday.

Read the rest

Using structured encryption to search protected photos in the cloud

In a recent presentation at the Real World Crypto symposium, researchers affiliated with Brown University and a startup called Pixek presented their work developing an app that encrypts photos at the moment they're taken and uploads them in encrypted form to a cloud server, in such a way that the keys remain on the user's device, meaning the service provider can't view the photos. Read the rest

Just look at this banana-futures-speculation cryptocurrency

Just look at it. Read the rest

NERD HARDER! FBI Director reiterates faith-based belief in working crypto that he can break

Working cryptography's pretty amazing: because of its fundamental theoretical soundness, we can trust it to secure the firmware updates to our pacemakers; the conversations we have with our loved ones, lawyers and business colleagues; the financial transactions the world depends on; and the integrity of all sorts of data, communications and transactions. Read the rest

Financial consultancy says that Bitcoin's value is speculative, and as a currency, it should be worth $810

Wall Street consultants Quinlan & Associates have published "Fool's Gold: Unearthing The World of Cryptocurrency," a $5000, 156-page report that predicts that Bitcoin will drop to $1800 by next December, and down to $810 by 2020 (it is currently trading in the $14,000 range). Read the rest

A Japanese promoter has launched Kasotsuka Shojo, a cryptocurrency-themed all-woman "cryptopop" group

The latest launch from Japanese entertainment corporation Cinderella Academy is Kasotsuka Shojo "Virtual Currency Girls," who are billed as the first cryptopop band. Read the rest

More posts