Star Wars and Empire Strikes Back despecialised editions
Reply
Daily Archives: December 21, 2015
Swedish researchers reveal (fixable) security hole in quantum cryptography
The energy-time entanglement technology for quantum encryption studied here is based on testing the connection at the same time as the encryption key is created. Two photons are sent out at exactly the same time in different directions. At both ends of the connection is an interferometer where a small phase shift is added. This provides the interference that is used to compare similarities in the data from the two stations. If the photon stream is being eavesdropped there will be noise, and this can be revealed using a theorem from quantum mechanics – Bell’s inequality.
On the other hand if the connection is secure and free from noise, you can use the remaining data, or photons, as an encryption key to protect your message.
What the LiU researchers Jan-Åke Larsson and his doctoral student Jonathan Jogenfors have revealed about energy-time entanglement is that if the photon source is replaced with a traditional light source, an eavesdropper can identify the key, the code string. Consequently they can also read the message without detection. The security test, which is based on Bell’s inequality, does not react – even though an attack is underway.
Physicists at Stockholm University have subsequently been able to demonstrate in practical experiments that it is perfectly possible to replace the light source and thus also eavesdrop on the message.
But this problem can also be solved.
“In the article we propose a number of countermeasures, from simple technical solutions to rebuilding the entire machine,” said Jonathan Jogenfors.
Source: Swedish researchers reveal security hole
The First Person to Hack the iPhone Built a Self-Driving Car. In His Garage.
George Hotz is taking on Google and Tesla by himself,
Source: The First Person to Hack the iPhone Built a Self-Driving Car. In His Garage.
He’s sticking it to Elon Musk, who isn’t very happy about it!
Which is why they’ve issued a “correction” which sounds highly petulant.
BadWinmail (Flash) Microsoft Outlook Bug Can Give Attackers Control Over PCs
When a user opens an Outlook email or previews the email in one of the Outlook panels, the OLE mechanism will automatically read the embedded Flash object and try to execute it, to provide a preview.
Since most Flash exploits only need to be executed to work, and because there’s a flaw in the Outlook security sandboxing system, an attacker can easily embed malicious Flash objects inside emails and have other malicious code executed via older (Flash) vulnerabilities.
Source: BadWinmail Microsoft Outlook Bug Can Give Attackers Control Over PCs
Some Rainbows Don’t Have Every Color of the Rainbow: there are 12 types
There are at least 12 kinds of rainbows, a new study reveals, and some skip a color or two.
Since the 1950s, rainbow classification has been based on the size of the raindrops that create them. The bigger the drops, the more vivid the colors.
Another attempt organized them by the height of the sun above the horizon. At about 70 degrees, a rainbow is dominated by blues and greens. Closer to the horizon, there are mostly reds and yellows.
“At sunset or sunrise, the color of the sun and the intensity of the incoming light change dramatically,” Ricard said. When the sun is low in the horizon, rays of light must pass through more of the Earth’s atmosphere. “The red manages to go through,” he explained. “Other wavelengths are completely gone.”
Catch the Rainbows
To capture this rainbow diversity, Ricard and his colleagues gathered hundreds of pictures of rainbows, sorting them into 12 categories based on the visibility of the six colors, the strength of the dark band, and whether any supernumerary bands can be seen. One type lacks a band of green, for instance, another is missing blue and violet, and a third type has only red and blue.
The system is so simple that most anyone could look at a picture of a rainbow, put it in a class, and understand what’s going on, he said. A misty red rainbow, for instance, could only be created near sunrise or sunset with tiny raindrops.
Source: Some Rainbows Don’t Have Every Color of the Rainbow
RayZone InterApp: The Gadget That Can Spy on Any Smartphone
InterApp can allow its operators to break into nearby smartphones that have their WiFi connection open, and then, employing a diverse arsenal of security vulnerabilities, gain root permission on devices and exfiltrate information to a tactical server.
According to Rayzone, InterApp can steal a user’s email address password and content, passwords for social networking apps, Dropbox passwords and files, the user’s phone contact list, and his photo gallery.
Additionally, the gadget can also acquire the phone’s previous geographical locations and plot them on a map, IMEI details, MSISDN data, MAC address, device model, OS info, and personal information on the target, such as gender, age, address, education, and more.
Source: InterApp: The Gadget That Can Spy on Any Smartphone
Database leak exposes 3.3 million Hello Kitty fans
A database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters, has been discovered online by researcher Chris Vickery. The database houses 3.3 million accounts, and has ties to a number of other Hello Kitty portals.
The records exposed include first and last names, birthday (encoded, but easily reversible Vickery said), gender, country of origin, email addresses, unsalted SHA-1 password hashes, password hint questions, their corresponding answers, and other data points that appear to be website related.
Source: Database leak exposes 3.3 million Hello Kitty fans