LLMs’ Data-Control Path Insecurity
May 13 2024Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed...
Read moreFriday Squid Blogging: Squid Mating Strategies
May 11 2024Some squids are “consorts,” others are “sneakers.” The species is healthiest when individuals have different strategies randomly. As usual, you can also use this squid post to talk about the...
Read moreNew Attack Against Self-Driving Car AI
May 11 2024This is another attack that convinces the AI to ignore road signs:
Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used...
Read more
How Criminals Are Using Generative AI
May 10 2024There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of...
Read moreNew Attack on VPNs
May 7 2024This attack has been feasible for over two decades:
Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some...
Read more
Lots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision—and an even more obscure typo. Read this.
Read moreFriday Squid Blogging: Squid Purses
May 4 2024Squid-shaped purses for sale. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
Read moreMy TED Talks
May 4 2024I have spoken at several TED conferences over the years. TEDxPSU 2010: “Reconceptualizing Security” TEDxCambridge 2013: “The Battle for Power on the Internet” TEDMed 2016: “Who Controls Your Medical Data?” I’m...
Read moreThe Polish Embassy has posted a series of short interview segments with Marian Rejewski, the first person to crack the Enigma. Details from his biography.
Read moreThe UK Bans Default Passwords
May 2 2024The UK is the first country to ban default passwords on IoT devices.
On Monday, the United Kingdom became the first country in the world to ban default guessable...
Read more
Recent Comments