Vulnerability Acquisition Companies are Stockpiling 0-days and Selling Them to Governments Rather Than Allowing Them to be Patched

Last week, a so-called vulnerability acquisition company by the name of Zerodium disclosed a Tor Browser 0-day vulnerability to the public, in an apparent PR stunt. As you may know, 0-days are security bugs which have been discovered but not yet revealed to the developers responsible for patching. The 0-day disclosed by Zerodium was for … Continue reading “Vulnerability Acquisition Companies are Stockpiling 0-days and Selling Them to Governments Rather Than Allowing Them to be Patched”

0

  • Sep 5, 2018
  • Derek Zimmer
  • Networking, Open Source, Privacy, Security,

The Current Status of WireGuard VPNs – Are We There Yet?

In security circles, WireGuard is an exciting proposition. It is a modern, open-source VPN client and server system that is highly streamlined, lean, and easy to review due to its simplicity. Conceptually, this is something we have been seeing a hard push for in both cryptography and security circles. Code needs to be simple, have … Continue reading “The Current Status of WireGuard VPNs – Are We There Yet?”

8

  • Sep 1, 2018
  • Glyn Moody
  • Privacy, Programming, Security,

How putting artificial intelligence in Google Glass-like systems could both help and harm our privacy

Remember Google Glass? Five years ago, it was the hot new accessory for those who wanted to live at the bleeding edge of technology. But once Google Glasses started being used in public, people realized that they represented a massive intrusion into the private lives of everyone nearby. As Wikipedia puts it: “The headset received … Continue reading “How putting artificial intelligence in Google Glass-like systems could both help and harm our privacy”

0

  • Aug 29, 2018
  • Derek Zimmer
  • Networking, Privacy, Security,

Hardware Acceleration is Here for Routers Using OpenVPN

One of the most popular privacy uses for a VPN is setting up the service on a VPN router. The router protects the entire network behind it by routing all of the devices through your preferred VPN service by default. There’s a few big advantages to using a VPN router: -For network users, the VPN … Continue reading “Hardware Acceleration is Here for Routers Using OpenVPN”

6

How to See What Your Router is Exposing to the Internet

Is your home router a sitting duck with ports open to the world just waiting to be hacked? Let’s go over how you can check. First, it’s important to start with implementing basic defenses to secure your router. Keeping the firmware up to date on your router, changing the default password and turning off remote … Continue reading “How to See What Your Router is Exposing to the Internet”

0

Behavioral biometrics: Websites and apps are learning from how you type, hold your phone, and use your mouse

How often do you hold your phone in your left hand?  How big are your hands?  Do your hands shake when you type or move a mouse?  If your pointer disappears from your screen, what do you do?  You might not know the answers to these questions – but chances are, your bank does.  These details … Continue reading “Behavioral biometrics: Websites and apps are learning from how you type, hold your phone, and use your mouse”

0

  • Aug 18, 2018
  • Glyn Moody
  • Governments, News, Privacy, Programming, Security,

After call to implant microchips in people awaiting trial, are they about to become the next threat to our privacy?

Last year, Privacy News Online wrote about the Swedish SJ Railways allowing customers to use under-the-skin microchip implants for “easy” ticket purchases. That might have seemed a one-off bad idea, but such implants have a surprisingly long history. More worryingly, they seem to be gaining in popularity, and cropping up increasingly in everyday situations, with … Continue reading “After call to implant microchips in people awaiting trial, are they about to become the next threat to our privacy?”

0

  • Aug 15, 2018
  • Derek Zimmer
  • Governments, Networking, Privacy, Security,

TLS 1.3 is Coming – an Opportunity for Amazon, Google and Microsoft to End Censorship

A new standard for cryptography is on the horizon, called Transport Level Security 1.3 (TLS 1.3). TLS 1.3 is a major update to cryptography, and fundamentally changes how websites and services will handle negotiating and executing encrypted services. Among the big improvements are faster handshakes with websites (meaning faster page load times), new ciphers (new … Continue reading “TLS 1.3 is Coming – an Opportunity for Amazon, Google and Microsoft to End Censorship”

0

PMKID Dumping: WiFi Password Attacks are Easier Than Previously Thought

It’s a little easier to attack some wireless networks than previously thought. That’s because Jens Steube, the developer of the popular password cracking tool hashcat, has found a new way to make the process easier, under the right conditions. We've developed a new attack on WPA/WPA2. There's no more complete 4-way handshake recording required. Here's … Continue reading “PMKID Dumping: WiFi Password Attacks are Easier Than Previously Thought”

0