Eavesdropping On Computers From Afar
When I teach Learning Tree’s Cyber Security introduction, participants are often amazed at the ways bad actors can eavesdrop on computers. Most of them are aware of software that can be planted by bad actors that can capture keystrokes, for instance, but few are aware that noises from keystrokes, the vibration of a notebook, and […]
Practical Steps Toward Compliance With OpenSCAP
In this blog I described some of the logical problems with vulnerability scanners. False positive and false negative errors. Additionally, the worry that problems exist but our tool hasn’t even tried looking for them. Let’s try to make this practical! I’m working on a consulting job as a sub-sub-contractor on a U.S. Department of Defense […]
What Is a GAN And Is It Dangerous?
I enjoy being deceived sometimes. The magicians Penn and Teller do a great job of deceiving audiences. The website https://www.thispersondoesnotexist.com/ demonstrates a different kind of deception: computer-generated images that look incredibly realistic. This is different than the deepfake videos where one person’s face is attached to another’s body. The method the site uses is called […]
Facial Recognition Is Now Easy to Implement: What Does That Imply?
Movies and television shows are full of scenes where individuals are recognized in huge crowds using facial recognition software. Until recently, some of those seemed far-fetched or maybe prohibitively expensive. That is no longer the case. Sahil Chinoy described a facial recognition demonstration in The New York Times. He and his team built a sub-100 […]
Shut Off The Engine! Default Passwords Can Disable Your Car!
Abuse of default passwords has gotten worse since I first posted about it here five years ago. Threatpost recently posted an article discussing the issue of passwords for IoT (Internet of Things) devices. Because, for example, networked doorbells don’t have a way for the owner to enter a unique, secure password and often communicate unencrypted, […]