Topic: Computer Security
You are looking at all articles with the topic "Computer Security". We found 27 matches.
Hint:
To view all topics, click here. Too see the most popular topics, click here instead.
🔗 Jonathan James
Jonathan Joseph James (December 12, 1983 – May 18, 2008) was an American hacker who was the first juvenile incarcerated for cybercrime in the United States. The South Florida native was 15 years old at the time of the first offense and 16 years old on the date of his sentencing. He died at his Pinecrest, Florida home on May 18, 2008, of a self-inflicted gunshot wound.
Discussed on
- "Jonathan James" | 2013-01-13 | 366 Upvotes 118 Comments
🔗 Billion laughs attack
In computer security, a billion laughs attack is a type of denial-of-service (DoS) attack which is aimed at parsers of XML documents.
It is also referred to as an XML bomb or as an exponential entity expansion attack.
Discussed on
- "Billion laughs attack" | 2019-01-06 | 110 Upvotes 24 Comments
- "Billion laughs" | 2012-10-20 | 276 Upvotes 63 Comments
🔗 Zip Bomb
A zip bomb, also known as a zip of death or decompression bomb, is a malicious archive file designed to crash or render useless the program or system reading it. It is often employed to disable antivirus software, in order to create an opening for more traditional viruses.
Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (e.g. by a virus scanner in order to scan for viruses) requires inordinate amounts of time, disk space or memory.
Most modern antivirus programs can detect whether a file is a zip bomb, to avoid unpacking it.
Discussed on
- "Zip Bomb" | 2012-10-05 | 342 Upvotes 108 Comments
🔗 _NSAKEY
_NSAKEY was a variable name discovered in an operating system from Microsoft in 1999. The variable contained a 1024-bit public key; such keys are used in cryptography for encryption and authentication. Due to the name it was speculated that the key was owned by the United States National Security Agency (the NSA) which would allow the intelligence agency to subvert any Windows user's security. Microsoft denied the speculation and said that the key's name came from the NSA being the technical review authority for U.S. cryptography export controls.
The key was discovered in a Windows NT 4 Service Pack 5 (which had been released unstripped of its symbolic debugging data) in August 1999 by Andrew D. Fernandes of Cryptonym Corporation.
Discussed on
- "_NSAKEY" | 2022-01-29 | 15 Upvotes 1 Comments
- "_NSAKEY" | 2020-01-14 | 254 Upvotes 109 Comments
- "Microsoft _NSAKEY" | 2019-01-03 | 18 Upvotes 2 Comments
- "_NSAKEY (1999)" | 2013-07-12 | 8 Upvotes 10 Comments
🔗 Zooko's Triangle
Zooko's triangle is a trilemma of three properties that are generally considered desirable for names of participants in a network protocol:
- Human-meaningful: Meaningful and memorable (low-entropy) names are provided to the users.
- Secure: The amount of damage a malicious entity can inflict on the system should be as low as possible.
- Decentralized: Names correctly resolve to their respective entities without the use of a central authority or service.
Discussed on
- "Zooko's Triangle" | 2022-08-17 | 79 Upvotes 40 Comments
- "Zooko's Triangle" | 2021-02-17 | 153 Upvotes 54 Comments
- "Zooko's Triangle" | 2010-08-22 | 23 Upvotes 7 Comments
🔗 PGP released its source code as a book to get around US export law
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.
PGP and similar software follow the OpenPGP, an open standard of PGP encryption software, standard (RFC 4880) for encrypting and decrypting data.
Discussed on
- "PGP released its source code as a book to get around US export law" | 2014-06-12 | 211 Upvotes 47 Comments
🔗 Van Eck Phreaking
Van Eck phreaking (also known as Van Eck Radiation) is a form of eavesdropping in which special equipment is used to pick up side-band electromagnetic emissions from electronic devices that correlate to hidden signals or data for the purpose of recreating these signals or data in order to spy on the electronic device. Side-band electromagnetic radiation emissions are present in (and with the proper equipment, can be captured from) keyboards, computer displays, printers, and other electronic devices.
In 1985, Wim van Eck published the first unclassified technical analysis of the security risks of emanations from computer monitors. This paper caused some consternation in the security community, which had previously believed that such monitoring was a highly sophisticated attack available only to governments; van Eck successfully eavesdropped on a real system, at a range of hundreds of metres, using just $15 worth of equipment plus a television set.
As a consequence of this research, such emanations are sometimes called "van Eck radiation", and the eavesdropping technique van Eck phreaking. Government researchers were already aware of the danger, as Bell Labs had noted this vulnerability to secure teleprinter communications during World War II and was able to produce 75% of the plaintext being processed in a secure facility from a distance of 80 feet (24 metres). Additionally the NSA published Tempest Fundamentals, NSA-82-89, NACSIM 5000, National Security Agency (Classified) on February 1, 1982. In addition, the van Eck technique was successfully demonstrated to non-TEMPEST personnel in Korea during the Korean War in the 1950s.
While Phreaking is the process of exploiting telephone networks, it is used here because of its connection to eavesdropping. Van Eck phreaking of CRT displays is the process of eavesdropping on the contents of a CRT by detecting its electromagnetic emissions.
Discussed on
- "Van Eck Phreaking" | 2021-03-23 | 127 Upvotes 60 Comments
- "Van Eck Phreaking" | 2015-12-06 | 39 Upvotes 16 Comments
🔗 NOBUS (Nobody but Us)
NOBUS ("nobody but us") are security vulnerabilities which the United States National Security Agency (NSA) believes that only it can exploit. As such, NSA sometimes chooses to leave such vulnerabilities open if NSA finds them, in order to exploit them against NSA's targets. More broadly, it refers to the notion that some signals intelligence capabilities are so powerful or otherwise inaccessible that only the NSA will be able to deploy them, though recent analyses suggest that this advantage may be under stress.
Discussed on
- "NOBUS (Nobody but Us)" | 2020-01-15 | 184 Upvotes 55 Comments
🔗 The Morris Worm was released 35 years ago today
The Morris worm or Internet worm of November 2, 1988, is one of the oldest computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student at Cornell University, Robert Tappan Morris, and launched on 8:30 pm November 2, 1988, from the Massachusetts Institute of Technology network.
Clifford Stoll of Harvard wrote that "Rumors have it that [Morris] worked with a friend or two at Harvard's computing department (Harvard student Paul Graham sent him mail asking for 'Any news on the brilliant project')."
Discussed on
- "The Morris Worm was released 35 years ago today" | 2023-11-02 | 134 Upvotes 49 Comments
🔗 Warchalking
Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi network. Inspired by hobo symbols, the warchalking marks were conceived by a group of friends in June 2002 and publicised by Matt Jones who designed the set of icons and produced a downloadable document containing them. Within days of Jones publishing a blog entry about warchalking, articles appeared in dozens of publications and stories appeared on several major television news programs around the world.
The word is formed by analogy to wardriving, the practice of driving around an area in a car to detect open Wi-Fi nodes. That term in turn is based on wardialing, the practice of dialing many phone numbers hoping to find a modem.
Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. Those offering Wi-Fi service might also draw such a symbol to advertise the availability of their Wi-Fi location, whether commercial or personal.
Discussed on
- "Warchalking" | 2023-12-31 | 60 Upvotes 33 Comments