Anonymity networks protect people living under repressive regimes from surveillance of their Internet use. But the recent discovery of vulnerabilities in the most popular of these networks — Tor — has prompted computer scientists to try to come up with more secure anonymity schemes. At the Privacy Enhancing Technologies Symposium in July, researchers at MIT’s Computer Science…
Q&A: Oscar Winner Gibney on Cyberwarfare in ‘Zero Days’
Oscar-winning documentary filmmaker Alex Gibney believes the first atomic bomb of the cyberwarfare age has already been dropped. That bomb was Stuxnet, a computer virus that’s the subject of Gibney’s latest movie, “Zero Days.” Stuxnet disrupted an Iranian uranium-enrichment facility beginning in 2010 and set back Iran’s nuclear ambitions. Iran considers Stuxnet part of a…
UW Project Highlights Liability of Internet ‘Intermediaries’ in Developing Countries
Wireless, Wearable Toxic-Gas Detector
MIT researchers have developed low-cost chemical sensors, made from chemically altered carbon nanotubes, that enable smartphones or other wireless devices to detect trace amounts of toxic gases. Using the sensors, the researchers hope to design lightweight, inexpensive radio-frequency identification (RFID) badges to be used for personal safety and security. Such badges could be worn by…
Researchers Expose Risks of Free Livestreaming Websites
Debugging Method Finds 23 Undetected Security Flaws in 50 Popular Web Applications
By exploiting some peculiarities of the popular Web programming framework Ruby on Rails, MIT researchers have developed a system that can quickly comb through tens of thousands of lines of application code to find security flaws. In tests on 50 popular Web applications written using Ruby on Rails, the system found 23 previously undiagnosed security…
Long-range Secure Quantum Communication Transmits Signals 250+ Kilometers
A group of scientists has developed a novel approach to the construction of quantum communication systems for secure data exchange. The experimental device based on the results of the research is capable of transmitting single-photon quantum signals across distances of 250 kilometers or more, which is on par with other cutting-edge analogs. The research paper…
DNS Redirection Security Strategy Easily Bypassed
Cloud-based security providers commonly use DNS redirection to protect customers’ Web sites. The success of this strategy depends on shielding the Web site’s original IP address. Computer scientists have now revealed that the IP address can be retrieved in more than 70 percent of the cases, meaning that the DNS redirection security mechanism can easily be…
Laser Technique Promises Super-fast, Super-secure Quantum Cryptography
A new method of implementing an ‘unbreakable’ quantum cryptographic system is able to transmit information at rates more than 10 times faster than previous attempts. Researchers have overcome one of the main issues in implementing a quantum cryptography system, raising the prospect of a useable method for sending sensitive information hidden inside particles of light.…
Hard Mathematical Problems Provide Basis for Virtually Unbreakable Cryptographic Techniques
Cryptographic methods are typically created following the ad-hoc principle: somebody comes up with an algorithm; others attempt to break it — if they don’t succeed, it means that the algorithm is secure. The team headed by Prof. Dr. Eike Kiltz, who holds the Chair for Cryptography at the Ruhr-Universität Bochum, opted for a different approach.…
Optical Quantum Technology Breakthrough to Improve Cyber Security
With enough computing effort most contemporary security systems will be broken. But a research team at the University of Sydney has made a major breakthrough in generating single photons (light particles), as carriers of quantum information in security systems. The collaboration involving physicists at the Centre for Ultrahigh bandwidth Devices for Optical Systems (CUDOS), an…
Nations Ranked on Vulnerability to Cyberattack
Damaging cyberattacks on a global scale continue to surface every day. Some nations are better prepared than others to deal with online threats from criminals, terrorists and rogue nations. Data-mining experts from the University of Maryland and Virginia Tech recently co-authored a book that ranked the vulnerability of 44 nations to cyberattacks. Lead author…
College Hackers Compete to Shine Spotlight on Cybersecurity
BOSTON (AP) — Students from MIT and Britain’s University of Cambridge will spend the weekend hacking one another’s computers, with the blessing of their national leaders. The two schools are competing in a hacking contest that U.S. President Barack Obama and British Prime Minister David Cameron announced last year among other joint cybersecurity projects between…
Is Zero-effort Computer Security a Dream? Breaking a New User Verification System
Researchers from the University of Alabama at Birmingham and Aalto University have found vulnerabilities in a recently proposed user-verification security system for computers. This new security system, developed by Dartmouth College researchers, was created in response to a need for easy-to-use systems that determine whether someone is, in fact, who he or she is declaring…
Cyberwar is Here to Stay
Last week, The New York Times revealed that the Obama administration had prepared a cyberattack plan to be carried out against Iran in the event diplomatic negotiations failed to limit that country’s nuclear weapons development. The plan, code-named Nitro Zeus, was said to be capable of disabling Iran’s air defenses, communications system and parts of…
Cybersecurity Rosetta Stone Celebrates Two Years of Success
Two years ago this month, the National Institute of Standards and Technology (NIST) released a document designed to help strengthen cybersecurity at organizations that manage critical national infrastructure, such as banking and the energy supply. Produced after a year of intensive collaboration with industry, the Cybersecurity Framework is now a tool used by a wide…
IBM Unveils New Mainframe for Encrypted Hybrid Clouds
ARMONK, NY — IBM unveiled a new mainframe, bringing the security of data encryption without slowing down system performance to mid-sized organizations. The new system, IBM z13s, is enabled and optimized for hybrid cloud environments and can help secure critical information and transactions better than before. IBM also announced new security partnerships and highly integrated…
A Night at the Malware Museum
Offering a glimpse of an important part of computer history, the new Malware Museum is an online collection featuring emulated versions of MS-DOS viruses from a simpler time. Assembled by Mikko Hermanni Hyppönen, the chief resource officer at Finnish security firm F-secure, the programs can be found on the non-profit Internet Archive, which is dedicated to…
Hack-proof RFID Chips could secure Credit Cards, Key Cards, Pallets of Goods
Researchers at MIT and Texas Instruments have developed a new type of radio frequency identification (RFID) chip that is virtually impossible to hack. If such chips were widely adopted, it could mean that an identity thief couldn’t steal your credit card number or key card information by sitting next to you at a café, and…
10 Stories You Shouldn’t Miss — January 8-14
Here they are ― the 10 most-visited stories from the past week. New formal methods for software development, a novel toolkit for computational bio-design and an international computational sustainability network; an animation of a tropical cyclone unfolding; green, dirt-cheap storage for life sciences; energy-time entanglement’s vulnerability to attack; 5 supercomputing predictions for 2016; why you’ll…
Images, Codes Provide Alternative to Multiple Device Password Systems
A system using images and a one-time numerical code could provide a secure and easy-to-use alternative to multi-factor methods dependent on hardware or software and one-time passwords, a study by Plymouth University suggests. Researchers from the Centre for Security Communication and Network Research (CSCAN) believe their new multi-level authentication system GOTPass could be effective in…
Protecting Data against the Threats of Tomorrow
Engineers have developed encryption technologies for practical applications to protect microdevices from hacker attacks conducted by quantum computers. The Hardware Security Group at the Ruhr-Universität Bochum (RUB) is currently working toward protecting the data against threats of tomorrow with the devices available today, the science magazine Rubin reports. Devices with a long service life have…
WiFi Signals can be Exploited to Detect Attackers
Physical attacks on devices connected to the Internet can be detected by analyzing WiFi signals, computer scientists have discovered. Wireless devices are increasingly used for critical roles, such as security systems or industrial plant automation. Although wireless transmissions can be encrypted to protect transmitted data, it is hard to determine if a device — such…
Protecting Data against the Threats of Tomorrow
Engineers have developed encryption technologies for practical applications to protect microdevices from hacker attacks conducted by quantum computers. The Hardware Security Group at the Ruhr-Universität Bochum (RUB) is currently working towards protecting the data against threats of tomorrow with the devices available today, the science magazine Rubin reports. Devices with a long service life have…
Roadmap to Safer Cyberspace: A Vision for Next-gen Experimental Cybersecurity Research
How do cybersecurity experts discover how to properly defend a system or build a network that’s secure? As in other domains of science, this process involves hypothesis, experimentation and analysis — or at least it should. In reality, cybersecurity research can happen in an ad hoc fashion, often in crisis mode in the wake of…