Tiversa dominated an emerging online market—before it was accused of fraud, extortion, and manipulating the federal government.
Tag: security
Bosstown Dynamics
Bosstown Dynamics has a new robot in town. You’ll see it in the army soon!
Encryption Over Backdoors
In an extraordinary essay, the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors: In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities — including law enforcement — to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.
Intel Secure Enclave Attack
Our SGX-ROP attack uses new TSX-based memory-disclosure primitive and a write-anything-anywhere primitive to construct a code-reuse attack from within an enclave which is then inadvertently executed by the host application. With SGX-ROP, we bypass ASLR, stack canaries, and address sanitizer. We demonstrate that instead of protecting users from harm, SGX currently poses a security threat, facilitating so-called super-malware with ready-to-hit exploits.
Easy VPN
Wouldn’t it be nice though? If you could have servers, like you did in the 1990s, with the same simple architectures as you used in the 1990s, and the same sloppy security policies developer freedom as you had in the 1990s, but somehow reach them from anywhere? Like… a network, but not the Internet. One that isn’t reachable from the Internet, or even addressable on the Internet. One that uses the Internet as a substrate, but not as a banana. That’s what we’re working on.
Minimizing pointer privilege
We have adapted a complete C, C++, and assembly-language software stack, including the open source FreeBSD OS (nearly 800 UNIX programs and more than 200 libraries including OpenSSH, OpenSSL, and bsnmpd) and PostgreSQL database, to employ ubiquitous capability-based pointer and virtual-address protection.
Reading body language
Joe Navarro was a body language expert for the FBI. His job was to catch spies. In this video, he shares some tips. He also busts some myths. For instance, a lot of people think that crossed arms are a blocking behavior. “That’s just nonsense.”
Synthetic Biology Security
On July 11, 2002, the researchers revealed that they had synthesized the polio virus, which had been wiped out in the US in 1979. It was the first time a virus had been created from scratch with synthetic DNA. The work was funded by the Pentagon in part to establish whether terrorists could pull off such a feat. The answer was yes.
Info Ops Kill Chain
it’s time to conceptualize the “information operations kill chain.” Information attacks against democracies, whether they’re attempts to polarize political processes or to increase mistrust in social institutions, also involve a series of steps. And enumerating those steps will clarify possibilities for defense.
SS7 Bank Account Attacks
while the attacks were originally only surmised to be within the reach of intelligence operators (perhaps part of the reason intelligence-tied telcos have been so slow to address the issue), hackers have increasingly been using the flaw to siphon money out of targets’ bank accounts, thus far predominately in Europe
Gregor J. Rothfuss 