Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

ANN ARBOR—A new computer processor architecture developed at the University of Michigan could usher in a future where computers proactively defend against threats, rendering the current electronic security model of bugs and patches obsolete.

Called MORPHEUS, the chip blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second—infinitely faster than a human hacker can work and thousands of times faster than even the fastest electronic hacking techniques.

“Today’s approach of eliminating security bugs one by one is a losing game,” said Todd Austin, U-M professor of computer science and engineering and a developer of the system. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities.

Read more

Southwest Research Institute has developed a cyber security system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing.

“This is a legal way for us to improve the cyber resilience of autonomous vehicles by demonstrating a transmission of spoofed or manipulated GPS signals to allow for analysis of system responses,” said Victor Murray, head of SwRI’s Cyber Physical Systems Group in the Intelligent Systems Division.

GPS spoofing is a malicious attack that broadcasts incorrect signals to deceive GPS receivers, while GPS manipulation modifies a real GPS signal. GPS satellites orbiting the Earth pinpoint physical locations of GPS receivers embedded in everything from smartphones to and aircraft. SwRI designed the new tool to meet United States federal regulations. Testing for GPS vulnerabilities in a mobile environment had previously been difficult because federal law prohibits over-the-air re-transmission of GPS signals without prior authorization.

Read more

A new way to store information in molecules could preserve the contents of the New York Public Library in a teaspoon of protein, without energy, for millions of years.

Books can burn. Computers get hacked. DVDs degrade. Technologies to store information–ink on paper, computers, CDs and DVDs, and even DNA–continue to improve. And yet, threats as simple as water and as complex as cyber-attacks can still corrupt our records.

As the data boom continues to boom, more and more information gets filed in less and less space. Even the cloud–whose name promises opaque, endless space–will eventually run out of space, can’t thwart all hackers, and gobbles up energy. Now, a new way to store information could stably house data for millions of years, lives outside the hackable internet, and, once written, uses no energy. All you need is a chemist, some cheap molecules, and your precious information.

Read more

THIS WEEK, I interviewed Yuval Noah Harari, the author of three best-selling books about the history and future of our species, and Fei-Fei Li, one of the pioneers in the field of artificial intelligence. The event was hosted by the Stanford Center for Ethics and Society, the Stanford Institute for Human-Centered Artificial Intelligence, and the Stanford Humanities Center. A transcript of the event follows, and a video is posted below.

Historian Yuval Noah Harari and computer scientist Fei-Fei Li discuss the promise and perils of the transformative technology with WIRED editor in chief Nicholas Thompson.

Read more

Researchers from North Carolina State University and the University of Texas at Austin have developed a technique for detecting types of malware that use a system’s architecture to thwart traditional security measures. The new detection approach works by tracking power fluctuations in embedded systems.

“Embedded systems are basically any computer that doesn’t have a physical keyboard – from smartphones to Internet of Things devices,” says Aydin Aysu, co-author of a paper on the work and an assistant professor of electrical and computer engineering at NC State. “Embedded systems are used in everything from the voice-activated virtual assistants in our homes to industrial control systems like those used in . And that targets those systems can be used to seize control of these systems or to steal information.”

At issue are so-called micro-architectural attacks. This form of malware makes use of a system’s , effectively hijacking the hardware in a way that gives outside users control of the system and access to its data. Spectre and Meltdown are high-profile examples of micro-architectural malware.

Read more

The goal of a worldwide “quantum internet” could be one step closer thanks to new experiments by researchers in Japan and Canada who have made the first ever quantum repeaters that work using an all-photonic protocol. The scheme importantly allows for the time-reversed adaptive Bell measurement, which is a key component for all-photonic quantum repeaters. It is based on optical devices alone and does not require any quantum memories or quantum error correction.

The Internet as we know it was not designed to be secure, and hacking, break-ins and espionage are unfortunately par for the course today. A quantum internet would be much more secure – as well as being much faster – since it exploits key features of quantum physics such as quantum entanglement.

Entanglement and quantum memories.

Read more

With new advances in technology it all comes down to simple factoring. Classical factoring systems are outdated where some problems would take 80 billion years to solve but with new technologies such as the dwave 2 it can bring us up to speed to do the same problems in about 2 seconds. Shores algorithm shows us also we can hack anything with it simply would need the technology and code simple enough and strong enough. Basically with new infrastructure we can do like jason…

RSA is the standard cryptographic algorithm on the Internet. The method is publicly known but extremely hard to crack. It uses two keys for encryption. The public key is open and the client uses it to encrypt a random session key. Anyone intercepts the encrypted key must use the second key, the private key, to decrypt it. Otherwise, it is just garbage. Once the session key is decrypted, the server uses it to encrypt and decrypt further messages with a faster algorithm. So, as long as we keep the private key safe, the communication will be secure.

RSA encryption is based on a simple idea: prime factorization. Multiplying two prime numbers is pretty simple, but it is hard to factorize its result. For example, what are the factors for 507,906,452,803? Answer: 566,557 × 896,479.

Based on this asymmetry in complexity, we can distribute a public key based on the product of two prime numbers to encrypt a message. But without knowing the prime factors, we cannot decrypt the message to its original intention. In 2014, WraithX used a budget of $7,600 on Amazon EC2 and his/her own resources to factorize a 696-bit number. We can break a 1024-bit key with a sizeable budget within months or a year. This is devasting because SSL certificates holding the public key last for 28 months. Fortunately, the complexity of the prime factorization problem grows exponentially with the key length. So, we are pretty safe since we switch to 2048-bit keys already.

Read more