Skip to main content

Home/ Future of the Web/ Group items tagged vulnerabilities

Rss Feed Group items tagged

Paul Merrell

Alexa and Siri Can Hear This Hidden Command. You Can't. - The New York Times - 0 views

  • Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio.
  • Researchers can now send secret audio instructions undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant.
Paul Merrell

The Spectre of an Advertising Meltdown: What You Need to Know - Lawfare - 0 views

  • The information security world is focused on two new security vulnerabilities, “Spectre” and “Meltdown”, that represent vulnerabilities embedded in computer hardware. Lawfare readers should respond in two ways: keep their operating systems up to date and, critically, install an ad-blocker for your web browser. (Here are guides on how to do so in Chrome and Firefox.) In fact, a proper response to Spectre should involve ad-blocking on all government computers. Other than that, don’t worry. Readers who just wanted to know what to do can stop reading. But for those curious about some of the technical background on these vulnerabilities and why ad-blocking is an essential security measure for a modern computer, read on.
Gonzalo San Gil, PhD.

TCP Flaw Opens Linux Systems to Hijackers | Software | LinuxInsider - 0 views

  •  
    "By Richard Adhikari Aug 11, 2016 4:09 PM PT A flaw in the RFC 5961 specification the Internet Engineering Task Force developed to protect TCP against blind in-window attacks could threaten Android smartphones, as well as every Linux computer on the planet. [*Correction - Aug. 12, 2016]"
Paul Merrell

NSA's use of software flaws to hack foreign targets posed risks to cybersecurity - The ... - 0 views

  • To penetrate the computers of foreign targets, the National Security Agency relies on software flaws that have gone undetected in the pipes of the Internet. For years, security experts have pressed the agency to disclose these bugs so they can be fixed, but the agency hackers have often been reluctant. Now with the mysterious release of a cache of NSA hacking tools over the weekend, the agency has lost an offensive advantage, experts say, and potentially placed at risk the security of countless large companies and government agencies worldwide. Several of the tools exploited flaws in commercial firewalls that remain unpatched, and they are out on the Internet for all to see. Anyone from a basement hacker to a sophisticated foreign spy agency has access to them now, and until the flaws are fixed, many computer systems may be in jeopardy. The revelation of the NSA cache, which dates to 2013 and has not been confirmed by the agency, also highlights the administration’s little-known process for figuring out which software errors to disclose and which to keep secret.
Gonzalo San Gil, PhD.

Cracking Linux with the backspace key? [LWN.net] - 0 views

  •  
    "Anybody who has been paying attention to the net over the last week or so will certainly have noticed an abundance of articles with titles like "How to hack any Linux machine just using backspace". All this press does indeed highlight an important vulnerability, but it may not be the one that they think they are talking about."
  •  
    "Anybody who has been paying attention to the net over the last week or so will certainly have noticed an abundance of articles with titles like "How to hack any Linux machine just using backspace". All this press does indeed highlight an important vulnerability, but it may not be the one that they think they are talking about."
Gonzalo San Gil, PhD.

Security wares like Kaspersky AV can make you more vulnerable to attacks | Ars Technica UK - 0 views

  •  
    "Products often open computers to hacks they otherwise wouldn't be vulnerable to. by Dan Goodin (US) - Sep 23, 2015 10:00pm CEST"
1 - 6 of 6
Showing 20 items per page