Topic: Computing/Computer Security (Page 2)
You are looking at all articles with the topic "Computing/Computer Security". We found 23 matches.
Hint:
To view all topics, click here. Too see the most popular topics, click here instead.
π SHA-3 NIST announcement controversy
SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like structure of SHA-1 and SHA-2.
SHA-3 is a subset of the broader cryptographic primitive family Keccak (), designed by Guido Bertoni, Joan Daemen, MichaΓ«l Peeters, and Gilles Van Assche, building upon RadioGatΓΊn. Keccak's authors have proposed additional uses for the function, not (yet) standardized by NIST, including a stream cipher, an authenticated encryption system, a "tree" hashing scheme for faster hashing on certain architectures, and AEAD ciphers Keyak and Ketje.
Keccak is based on a novel approach called sponge construction. Sponge construction is based on a wide random function or random permutation, and allows inputting ("absorbing" in sponge terminology) any amount of data, and outputting ("squeezing") any amount of data, while acting as a pseudorandom function with regard to all previous inputs. This leads to great flexibility.
NIST does not currently plan to withdraw SHA-2 or remove it from the revised Secure Hash Standard. The purpose of SHA-3 is that it can be directly substituted for SHA-2 in current applications if necessary, and to significantly improve the robustness of NIST's overall hash algorithm toolkit.
The creators of the Keccak algorithms and the SHA-3 functions suggest using the faster function KangarooTwelve with adjusted parameters and a new tree hashing mode without extra overhead for small message sizes.
Discussed on
- "SHA-3 NIST announcement controversy" | 2014-07-20 | 77 Upvotes 33 Comments
π Post-quantum cryptography: just in case
Post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer. As of 2019, this is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently strong quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current, publicly known, experimental quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing.
In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. See section on symmetric-key approach below.
Discussed on
- "Post-quantum cryptography" | 2018-11-12 | 20 Upvotes 14 Comments
- "Post-quantum cryptography" | 2015-08-22 | 50 Upvotes 21 Comments
π Warchalking
Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi network. Inspired by hobo symbols, the warchalking marks were conceived by a group of friends in June 2002 and publicised by Matt Jones who designed the set of icons and produced a downloadable document containing them. Within days of Jones publishing a blog entry about warchalking, articles appeared in dozens of publications and stories appeared on several major television news programs around the world.
The word is formed by analogy to wardriving, the practice of driving around an area in a car to detect open Wi-Fi nodes. That term in turn is based on wardialing, the practice of dialing many phone numbers hoping to find a modem.
Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. Those offering Wi-Fi service might also draw such a symbol to advertise the availability of their Wi-Fi location, whether commercial or personal.
Discussed on
- "Warchalking" | 2023-12-31 | 60 Upvotes 33 Comments
π Evercookie
Evercookie is a JavaScript-based application created by Samy Kamkar that produces zombie cookies in a web browser that are intentionally difficult to delete. In 2013, a top-secret NSA document was leaked by Edward Snowden, citing Evercookie as a method of tracking Tor users.
Discussed on
- "Evercookie" | 2011-04-05 | 75 Upvotes 17 Comments
π Stuxnet
Stuxnet is a malicious computer worm, first uncovered in 2010, thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel.
Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet's design and architecture are not domain-specific and it could be tailored as a platform for attacking modern supervisory control and data acquisition (SCADA) and PLC systems (e.g., in factory assembly lines or power plants), most of which are in Europe, Japan, and the US. Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges. Targeting industrial control systems, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade.
Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, to prevent detection of Stuxnet. It is typically introduced to the target environment via an infected USB flash drive, thus crossing any air gap. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users.
In 2015, Kaspersky Lab noted that the Equation Group had used two of the same zero-day attacks prior to their use in Stuxnet and commented that "the similar type of usage of both exploits together in different computer worms, at around the same time, indicates that the Equation Group and the Stuxnet developers are either the same or working closely together".
π PhotoDNA
PhotoDNA is a proprietary image-identification and content filtering technology widely used by online service providers.
Discussed on
- "PhotoDNA" | 2024-10-17 | 41 Upvotes 37 Comments
π Kensington Security Slot
A Kensington Security Slot (also called a K-Slot or Kensington lock) is part of an anti-theft system designed in the early 1990s and patented by Kryptonite in 1999β2000, assigned to Schlage in 2002, and since 2005 owned and marketed by Kensington Computer Products Group, a division of ACCO Brands.
Discussed on
- "Kensington Security Slot" | 2010-06-08 | 26 Upvotes 19 Comments
π Domain Fronting
Domain fronting is a technique for Internet censorship circumvention that uses different domain names in different communication layers of an HTTPS connection to discreetly connect to a different target domain than is discernable to third parties monitoring the requests and connections.
Due to quirks in security certificates, the redirect systems of the content delivery networks (CDNs) used as 'domain fronts', and the protection provided by HTTPS, censors are typically unable to differentiate circumvention ("domain-fronted") traffic from overt non-fronted traffic for any given domain name. As such they are forced to either allow all traffic to the domain frontβincluding circumvention trafficβor block the domain front entirely, which may result in expensive collateral damage and has been likened to "blocking the rest of the Internet".
Domain fronting does not conform to HTTP standards that require the SNI extension and HTTP Host header to contain the same domain. Many large cloud service providers, including Amazon, Microsoft, and Google, actively prohibit domain fronting, which has limited it as a censorship bypass technique. Pressure from censors in Russia and China is thought to have contributed to these prohibitions, but domain fronting can also be used maliciously.
A newer variant of domain fronting, domain hiding, passes an encrypted request for one resource (say, a website), concealed behind an unencrypted (plaintext) request for another resource whose DNS records are stored in the same cloud. It has much the same effect. Refraction networking is an application of the broader principle.
π 2024 CrowdStrike incident: The largest IT outage in history
On 19 July 2024, a faulty update to security software produced by CrowdStrike, an American cybersecurity company, caused innumerable computers and virtual machines running Microsoft Windows to crash. Businesses and governments around the globe were affected by what one expert called the "largest IT outage in history".
Among the industries that were disrupted were airlines, airports, banks, hotels, hospitals, stock markets, and broadcasting; governmental services such as emergency numbers and websites were also affected. The error was discovered and a fix was made on the same day, but the outage continued to delay airline flights, cause problems in processing electronic payments, and disrupt emergency services.
Discussed on
- "2024 CrowdStrike incident: The largest IT outage in history" | 2024-07-19 | 24 Upvotes 4 Comments
π Download Valley
Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.
Although the term references Silicon Valley, it does not refer to a specific valley or any geographical area. Many of the companies are located in Tel Aviv and the surrounding region. It has been used by Israeli media as well as in other reports related to IT business.
Download managers from Download Valley companies have been used by major download portals and software hosts, including Download.com by CNET, Softonic.com and SourceForge.