Forwarded from BlackBox (Security) Archiv
DeepPrivacy: A Generative Adversarial Network for Face Anonymization
We propose a novel architecture which is able to automatically anonymize faces in images while retaining the original data distribution. We ensure total anonymization of all faces in an image by generating images exclusively on privacy-safe information. Our model is based on a conditional generative adversarial network, generating images considering the original pose and image background. The conditional information enables us to generate highly realistic faces with a seamless transition between the generated face and the existing background. Furthermore, we introduce a diverse dataset of human faces, including unconventional poses, occluded faces, and a vast variability in backgrounds. Finally, we present experimental results reflecting the capability of our model to anonymize images while preserving the data distribution, making the data suitable for further training of deep learning models. As far as we know, no other solution has been proposed that guarantees the anonymization of faces while generating realistic images.
👉🏼 PDF:
https://arxiv.org/pdf/1909.04538.pdf
👉🏼 GitHub:
https://github.com/hukkelas/DeepPrivacy
👉🏼 Story on Motherboard:
https://www.vice.com/en_us/article/ne87pg/deepprivacy-fake-face-anonymized-algorithm
#DeepPrivacy #privacy #anonymization #research #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
We propose a novel architecture which is able to automatically anonymize faces in images while retaining the original data distribution. We ensure total anonymization of all faces in an image by generating images exclusively on privacy-safe information. Our model is based on a conditional generative adversarial network, generating images considering the original pose and image background. The conditional information enables us to generate highly realistic faces with a seamless transition between the generated face and the existing background. Furthermore, we introduce a diverse dataset of human faces, including unconventional poses, occluded faces, and a vast variability in backgrounds. Finally, we present experimental results reflecting the capability of our model to anonymize images while preserving the data distribution, making the data suitable for further training of deep learning models. As far as we know, no other solution has been proposed that guarantees the anonymization of faces while generating realistic images.
👉🏼 PDF:
https://arxiv.org/pdf/1909.04538.pdf
👉🏼 GitHub:
https://github.com/hukkelas/DeepPrivacy
👉🏼 Story on Motherboard:
https://www.vice.com/en_us/article/ne87pg/deepprivacy-fake-face-anonymized-algorithm
#DeepPrivacy #privacy #anonymization #research #study #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
The Eye on the Nile
Phishing attack on government opponents in Egypt - with apps from the Play Store
Specialists reveal a sophisticated phishing attack in Egypt. Android apps that made it into the Play Store without catching the eye were involved.
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords. https://www.amnesty.org/en/latest/research/2019/03/phishing-attacks-using-third-party-applications-against-egyptian-civil-society-organizations/
According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather utilized a stealthier and more efficient way of accessing the victims’ inboxes: a technique known as “OAuth Phishing”. By abusing third-party applications for popular mailing services such as Gmail or Outlook, the attackers manipulated victims into granting them full access to their e-mails.
Recently, we were able to find previously unknown or undisclosed malicious artifacts belonging to this operation. A new website we attributed to this malicious activity revealed that the attackers are going after their prey in more than one way, and might even be hiding in plain sight: developing mobile applications to monitor their targets, and hosting them on Google’s official Play Store.
After we notified Google about the involved applications, they quickly took them off of the Play Store and banned the associated developer.
👉🏼 Read more:
https://research.checkpoint.com/the-eye-on-the-nile/
#Egypt #pishing #attacks #research #android #apps #playstore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Phishing attack on government opponents in Egypt - with apps from the Play Store
Specialists reveal a sophisticated phishing attack in Egypt. Android apps that made it into the Play Store without catching the eye were involved.
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords. https://www.amnesty.org/en/latest/research/2019/03/phishing-attacks-using-third-party-applications-against-egyptian-civil-society-organizations/
According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather utilized a stealthier and more efficient way of accessing the victims’ inboxes: a technique known as “OAuth Phishing”. By abusing third-party applications for popular mailing services such as Gmail or Outlook, the attackers manipulated victims into granting them full access to their e-mails.
Recently, we were able to find previously unknown or undisclosed malicious artifacts belonging to this operation. A new website we attributed to this malicious activity revealed that the attackers are going after their prey in more than one way, and might even be hiding in plain sight: developing mobile applications to monitor their targets, and hosting them on Google’s official Play Store.
After we notified Google about the involved applications, they quickly took them off of the Play Store and banned the associated developer.
👉🏼 Read more:
https://research.checkpoint.com/the-eye-on-the-nile/
#Egypt #pishing #attacks #research #android #apps #playstore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
TikTok: Cheerfulness and censorship
Never before has a #platform grown as fast as TikTok. We have gained exclusive insight into its content moderation and are publishing excerpts from its moderation rules: TikTok operates a sophisticated system to identify, #control, #suppress and direct content. The platform can throttle videos of #protests and #demonstrations according to its rules.
No #app has been downloaded as often as TikTok in the past year. The video sharing platform is growing rapidly. In November 2019, TikTok broke the 1 billion-user barrier – faster than any other social network ever before. The video app and its culture are currently so popular with children and young people that even the Tagesschau (the major German public TV News programme) now has its own account there.
However, #research by netzpolitik.org shows that TikTok is currently able to #suppress videos of political protests and demonstrations and additionally determine which content is visible, through a variety of means.
☣️ Exclusive insight into content moderation
For this research, netzpolitik.org spoke to a source at #TikTok, looked at moderation criteria and communications, and experimented with specially created accounts to see how well videos with China-critical content are visible on the platform.
TikToks moderation rules, of which netzpolitik.org was able to see different versions, are remarkably thin and widely interpretable – even for the moderators themselves. The strategy, however, is clear: certain content is given the widest possible reach, while others are systematically suppressed.
The successful platform belongs to the #Chinese #technology company #ByteDance. Already in September, the Guardian reported on leaked documents that detailed how TikTok censored political statements on the #Tiananmen #massacre or the independence of #Tibet. The protests in Hong Kong, which are currently attracting worldwide media attention, are virtually invisible on TikTok between selfies and singalongs, even though the app is available in Hong Kong.
Read more:
https://netzpolitik.org/2019/cheerfulness-and-censorship/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Never before has a #platform grown as fast as TikTok. We have gained exclusive insight into its content moderation and are publishing excerpts from its moderation rules: TikTok operates a sophisticated system to identify, #control, #suppress and direct content. The platform can throttle videos of #protests and #demonstrations according to its rules.
No #app has been downloaded as often as TikTok in the past year. The video sharing platform is growing rapidly. In November 2019, TikTok broke the 1 billion-user barrier – faster than any other social network ever before. The video app and its culture are currently so popular with children and young people that even the Tagesschau (the major German public TV News programme) now has its own account there.
However, #research by netzpolitik.org shows that TikTok is currently able to #suppress videos of political protests and demonstrations and additionally determine which content is visible, through a variety of means.
☣️ Exclusive insight into content moderation
For this research, netzpolitik.org spoke to a source at #TikTok, looked at moderation criteria and communications, and experimented with specially created accounts to see how well videos with China-critical content are visible on the platform.
TikToks moderation rules, of which netzpolitik.org was able to see different versions, are remarkably thin and widely interpretable – even for the moderators themselves. The strategy, however, is clear: certain content is given the widest possible reach, while others are systematically suppressed.
The successful platform belongs to the #Chinese #technology company #ByteDance. Already in September, the Guardian reported on leaked documents that detailed how TikTok censored political statements on the #Tiananmen #massacre or the independence of #Tibet. The protests in Hong Kong, which are currently attracting worldwide media attention, are virtually invisible on TikTok between selfies and singalongs, even though the app is available in Hong Kong.
Read more:
https://netzpolitik.org/2019/cheerfulness-and-censorship/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
Stop complaining about us! - TikTok’s Criticism and Competition Guidelines
Those who complained about the video platform got demoted. We publish excerpts from the moderation rules of #TikTok. They show that not only political content made the video #platform nervous. The naming of #competitors and #criticism of the company were also punished.
„I think TikTok is stupid because it #censors content.“ Until recently, such a sentence in a TikTok video could lead to a situation where it would never reach a large audience. The same was true for clips that contained a screenshot from a #WhatsApp chat. Until at least September of this year, the video platform was demoting content that criticized the company or when somebody mentioned the name of a direct competitor of TikTok. This is documented by the moderation rules that netzpolitik.org was able to see.
For this #research netzpolitik.org spoke with a #source at TikTok, as well as examining moderation criteria and communications. In the article „TikTok: Cheerfulness and censorship“ we examined the moderation processes and the political implications of information control on the Chinese video platform. Now we focus on how the company has dealt with criticism and how it deals with its competitors (PDF). 👉🏼 https://cdn.netzpolitik.org/wp-upload/2019/11/TikTok-Competitors-Attack-on-TikTok.pdf
Criticism of TikTok was unwelcome
One of the rules netzpolitik.org was able to see was „content depicting an attack on TikTok“. It said that „constructive criticism“ and „feedback“ were allowed. For content „attacking, condemning or criticizing TikTok“, the moderators were advised to mark the videos as „Not Recommend“. A classification of „Not Recommend“ greatly limits the possible viewership of a video. It then no longer appears in the algorithmically selected „For You“ feed, which the user sees when opening the app.
👉🏼 Read more:
https://netzpolitik.org/2019/complaints-and-competition-throttling-the-tiktok-feed/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Those who complained about the video platform got demoted. We publish excerpts from the moderation rules of #TikTok. They show that not only political content made the video #platform nervous. The naming of #competitors and #criticism of the company were also punished.
„I think TikTok is stupid because it #censors content.“ Until recently, such a sentence in a TikTok video could lead to a situation where it would never reach a large audience. The same was true for clips that contained a screenshot from a #WhatsApp chat. Until at least September of this year, the video platform was demoting content that criticized the company or when somebody mentioned the name of a direct competitor of TikTok. This is documented by the moderation rules that netzpolitik.org was able to see.
For this #research netzpolitik.org spoke with a #source at TikTok, as well as examining moderation criteria and communications. In the article „TikTok: Cheerfulness and censorship“ we examined the moderation processes and the political implications of information control on the Chinese video platform. Now we focus on how the company has dealt with criticism and how it deals with its competitors (PDF). 👉🏼 https://cdn.netzpolitik.org/wp-upload/2019/11/TikTok-Competitors-Attack-on-TikTok.pdf
Criticism of TikTok was unwelcome
One of the rules netzpolitik.org was able to see was „content depicting an attack on TikTok“. It said that „constructive criticism“ and „feedback“ were allowed. For content „attacking, condemning or criticizing TikTok“, the moderators were advised to mark the videos as „Not Recommend“. A classification of „Not Recommend“ greatly limits the possible viewership of a video. It then no longer appears in the algorithmically selected „For You“ feed, which the user sees when opening the app.
👉🏼 Read more:
https://netzpolitik.org/2019/complaints-and-competition-throttling-the-tiktok-feed/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
Congratulations, YouTube... Now Show Your Work
Earlier this week, #YouTube finally acknowledged their #recommendation #engine suggests harmful content. It’s a small step in the right direction, but YouTube still has a long history of dismissing independent #researchers. We created a #timeline to prove it.
Over the past year and some, it’s been like clockwork.
First: a news story emerges about YouTube’s recommendation engine harming users. Take your pick: The #algorithm has radicalized young adults in the U.S., sowed division in #Brazil, spread state-sponsored #propaganda in #HongKong, and more.
Then: YouTube responds. But not by admitting fault or detailing a solution. Instead, the company issues a statement diffusing blame, criticising the research methodologies used to investigate their recommendations, and vaguely promising that they’re working on it.
In a blog post earlier this week, YouTube acknowledged that their recommendation engine has been suggesting borderline content to users and posted a timeline showing that they’ve dedicated significant resources towards fixing this problem for several years. What they fail to acknowledge is how they have been evading and dismissing journalists and academics who have been highlighting this problem for years. Further, there is still a glaring absence of publicly verifiable data that supports YouTube’s claims that they are fixing the problem.
That’s why today, #Mozilla is publishing an #inventory of YouTube’s responses to external #research into their recommendation engine. Our timeline chronicles 14 responses — all evasive or dismissive — issued over the span of 22 months. You can find them below, in reverse chronological order.
💡 We noticed a few trends across these statements:
‼️ YouTube often claims it’s addressing the issue by tweaking its algorithm, but provides almost no detail into what, exactly, those tweaks are
‼️ YouTube claims to have data that disproves independent research — but, refuses to share that data
‼️ YouTube dismisses independent research into this topic as misguided or anecdotal, but refuses to allow third-party access to its data in order to confirm this
👉🏼 Read more:
https://foundation.mozilla.org/en/blog/congratulations-youtube-now-show-your-work/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Earlier this week, #YouTube finally acknowledged their #recommendation #engine suggests harmful content. It’s a small step in the right direction, but YouTube still has a long history of dismissing independent #researchers. We created a #timeline to prove it.
Over the past year and some, it’s been like clockwork.
First: a news story emerges about YouTube’s recommendation engine harming users. Take your pick: The #algorithm has radicalized young adults in the U.S., sowed division in #Brazil, spread state-sponsored #propaganda in #HongKong, and more.
Then: YouTube responds. But not by admitting fault or detailing a solution. Instead, the company issues a statement diffusing blame, criticising the research methodologies used to investigate their recommendations, and vaguely promising that they’re working on it.
In a blog post earlier this week, YouTube acknowledged that their recommendation engine has been suggesting borderline content to users and posted a timeline showing that they’ve dedicated significant resources towards fixing this problem for several years. What they fail to acknowledge is how they have been evading and dismissing journalists and academics who have been highlighting this problem for years. Further, there is still a glaring absence of publicly verifiable data that supports YouTube’s claims that they are fixing the problem.
That’s why today, #Mozilla is publishing an #inventory of YouTube’s responses to external #research into their recommendation engine. Our timeline chronicles 14 responses — all evasive or dismissive — issued over the span of 22 months. You can find them below, in reverse chronological order.
💡 We noticed a few trends across these statements:
‼️ YouTube often claims it’s addressing the issue by tweaking its algorithm, but provides almost no detail into what, exactly, those tweaks are
‼️ YouTube claims to have data that disproves independent research — but, refuses to share that data
‼️ YouTube dismisses independent research into this topic as misguided or anecdotal, but refuses to allow third-party access to its data in order to confirm this
👉🏼 Read more:
https://foundation.mozilla.org/en/blog/congratulations-youtube-now-show-your-work/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
Project DREAD: White House veterans helped Gulf monarchy build secret surveillance unit
In the years after 9/11, former U.S. counterterrorism czar Richard Clarke warned Congress that the country needed more expansive spying powers to prevent another catastrophe. Five years after leaving government, he shopped the same idea to an enthusiastic partner: an Arab monarchy with deep pockets.
In 2008, Clarke went to work as a consultant guiding the United Arab Emirates as it created a cyber surveillance capability that would utilize top American intelligence contractors to help monitor threats against the tiny nation.
The secret unit Clarke helped create had an ominous acronym: #DREAD, short for #Development #Research #Exploitation and #Analysis #Department. In the years that followed, the #UAE unit expanded its hunt far beyond suspected extremists to include a #Saudi women’s rights activist, diplomats at the United Nations and personnel at #FIFA, the world soccer body. By 2012, the program would be known among its #American operatives by a codename: #Project #Raven.
Reuters reports this year revealed how a group of former National Security Agency operatives and other elite American intelligence veterans helped the UAE spy on a wide range of targets through the previously undisclosed program — from terrorists to human rights activists, journalists and dissidents.
Now, an examination of the origins of DREAD, reported here for the first time, shows how a pair of former senior White House leaders, working with ex-#NSA #spies and #Beltway contractors, played pivotal roles in building a program whose actions are now under scrutiny by federal authorities.
To chart the UAE spying mission’s evolution, #Reuters examined more than 10,000 DREAD program documents and interviewed more than a dozen contractors, intelligence operatives and former government insiders with direct knowledge of the program. The documents Reuters reviewed span nearly a decade of the DREAD program, starting in 2008, and include internal memos describing the project’s logistics, operational plans and targets.
Clarke was the first in a string of former White House and U.S. defense executives who arrived in the UAE after 9/11 to build the spying unit. Utilizing his close relationship to the country’s rulers, forged through decades of experience as a senior U.S. decision-maker, Clarke won numerous security consulting contracts in the UAE. One of them was to help build the secret spying unit in an unused airport facility in Abu Dhabi.
👉🏼 Read more:
https://www.reuters.com/investigates/special-report/usa-raven-whitehouse/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
In the years after 9/11, former U.S. counterterrorism czar Richard Clarke warned Congress that the country needed more expansive spying powers to prevent another catastrophe. Five years after leaving government, he shopped the same idea to an enthusiastic partner: an Arab monarchy with deep pockets.
In 2008, Clarke went to work as a consultant guiding the United Arab Emirates as it created a cyber surveillance capability that would utilize top American intelligence contractors to help monitor threats against the tiny nation.
The secret unit Clarke helped create had an ominous acronym: #DREAD, short for #Development #Research #Exploitation and #Analysis #Department. In the years that followed, the #UAE unit expanded its hunt far beyond suspected extremists to include a #Saudi women’s rights activist, diplomats at the United Nations and personnel at #FIFA, the world soccer body. By 2012, the program would be known among its #American operatives by a codename: #Project #Raven.
Reuters reports this year revealed how a group of former National Security Agency operatives and other elite American intelligence veterans helped the UAE spy on a wide range of targets through the previously undisclosed program — from terrorists to human rights activists, journalists and dissidents.
Now, an examination of the origins of DREAD, reported here for the first time, shows how a pair of former senior White House leaders, working with ex-#NSA #spies and #Beltway contractors, played pivotal roles in building a program whose actions are now under scrutiny by federal authorities.
To chart the UAE spying mission’s evolution, #Reuters examined more than 10,000 DREAD program documents and interviewed more than a dozen contractors, intelligence operatives and former government insiders with direct knowledge of the program. The documents Reuters reviewed span nearly a decade of the DREAD program, starting in 2008, and include internal memos describing the project’s logistics, operational plans and targets.
Clarke was the first in a string of former White House and U.S. defense executives who arrived in the UAE after 9/11 to build the spying unit. Utilizing his close relationship to the country’s rulers, forged through decades of experience as a senior U.S. decision-maker, Clarke won numerous security consulting contracts in the UAE. One of them was to help build the secret spying unit in an unused airport facility in Abu Dhabi.
👉🏼 Read more:
https://www.reuters.com/investigates/special-report/usa-raven-whitehouse/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Core
The world’s largest collection of open access research papers
https://core.ac.uk
#openaccess #research #papers
The world’s largest collection of open access research papers
https://core.ac.uk
#openaccess #research #papers
Forwarded from BlackBox (Security) Archiv
Attack against supercomputers
More than 10 high-performance data centers were hacked, including the one in the city of Garching (Germany). They are used for research on Covid-19 therapies, but those affected suspect other motives behind the attacks.
Dieter Kranzlmüller cannot explain what the hacker wanted. "Someone broke in and manipulated the system. But we don't know exactly what he did," says the head of the Leibniz computer centre in Garching near Munich. The high-performance computer SuperMUC-NG is located there. Kranzlmüller's team had to take it off the Internet this week after a hacker had gained access to the system. The Cybercrime Department of the Bavarian State Office of Criminal Investigation is investigating.
The case has shaken the research community, which depends on the expensive machines for its investigations. They are scattered internationally, but can no longer access the computers online. According to Kranzlmüller, in addition to Garching, more than ten high-performance computer centres in different countries are affected, including those in Freiburg, Stuttgart and Jülich. A "serious problem right across the academic community", is what those responsible for the super computer Archer in Edinburgh call it.
Read more 🇩🇪:
https://www.computerbase.de/2020-05/sicherheitsprobleme-europaeische-rechenzentren-supercomputer/
https://www.sueddeutsche.de/digital/supercomputer-hacker-garching-corona-1.4909397
#attack #hacker #hacked #supercumputers #datacenter #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
More than 10 high-performance data centers were hacked, including the one in the city of Garching (Germany). They are used for research on Covid-19 therapies, but those affected suspect other motives behind the attacks.
Dieter Kranzlmüller cannot explain what the hacker wanted. "Someone broke in and manipulated the system. But we don't know exactly what he did," says the head of the Leibniz computer centre in Garching near Munich. The high-performance computer SuperMUC-NG is located there. Kranzlmüller's team had to take it off the Internet this week after a hacker had gained access to the system. The Cybercrime Department of the Bavarian State Office of Criminal Investigation is investigating.
The case has shaken the research community, which depends on the expensive machines for its investigations. They are scattered internationally, but can no longer access the computers online. According to Kranzlmüller, in addition to Garching, more than ten high-performance computer centres in different countries are affected, including those in Freiburg, Stuttgart and Jülich. A "serious problem right across the academic community", is what those responsible for the super computer Archer in Edinburgh call it.
Read more 🇩🇪:
https://www.computerbase.de/2020-05/sicherheitsprobleme-europaeische-rechenzentren-supercomputer/
https://www.sueddeutsche.de/digital/supercomputer-hacker-garching-corona-1.4909397
#attack #hacker #hacked #supercumputers #datacenter #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
ComputerBase
Sicherheitsprobleme: Rechenzentren fahren Supercomputer herunter
Mehrere europäische Forschungs- und Hochleistungsrechenzentren melden akute Sicherheitsprobleme und fahren ihre Supercomputer herunter.
Forwarded from BlackBox (Security) Archiv
“What about building 7?” A social psychological study of online discussion of 9/11 conspiracy theories
Recent research into the psychology of conspiracy belief has highlighted the importance of belief systems in the acceptance or rejection of conspiracy theories. We examined a large sample of conspiracist (pro-conspiracy-theory) and conventionalist (anti-conspiracy-theory) comments on news websites in order to investigate the relative importance of promoting alternative explanations vs. rejecting conventional explanations for events.
In accordance with our hypotheses, we found that conspiracist commenters were more likely to argue against the opposing interpretation and less likely to argue in favor of their own interpretation, while the opposite was true of conventionalist commenters. However, conspiracist comments were more likely to explicitly put forward an account than conventionalist comments were. In addition, conspiracists were more likely to express mistrust and made more positive and fewer negative references to other conspiracy theories.
The data also indicate that conspiracists were largely unwilling to apply the “conspiracy theory” label to their own beliefs and objected when others did so, lending support to the long-held suggestion that conspiracy belief carries a social stigma. Finally, conventionalist arguments tended to have a more hostile tone. These tendencies in persuasive communication can be understood as a reflection of an underlying conspiracist worldview in which the details of individual conspiracy theories are less important than a generalized rejection of official explanations.
“The Internet was made for conspiracy theory: it is a conspiracy theory: one thing leads to another, always another link leading you deeper into no thing and no place.” (Stewart, 1999, p. 18).
👉🏼 Kent Academic RepositoryFull text document (pdf)
https://kar.kent.ac.uk/36252/1/Wood%20and%20Douglas%202013%20Frontiers.pdf
👉🏼 Read more:
https://www.frontiersin.org/articles/10.3389/fpsyg.2013.00409/full
https://www.forschung-und-wissen.de/nachrichten/psychologie/menschen-die-an-verschwoerungstheorien-glauben-sind-vernuenftiger-13372102
#research #psychological #study #conspiracy #theories #pdf #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Recent research into the psychology of conspiracy belief has highlighted the importance of belief systems in the acceptance or rejection of conspiracy theories. We examined a large sample of conspiracist (pro-conspiracy-theory) and conventionalist (anti-conspiracy-theory) comments on news websites in order to investigate the relative importance of promoting alternative explanations vs. rejecting conventional explanations for events.
In accordance with our hypotheses, we found that conspiracist commenters were more likely to argue against the opposing interpretation and less likely to argue in favor of their own interpretation, while the opposite was true of conventionalist commenters. However, conspiracist comments were more likely to explicitly put forward an account than conventionalist comments were. In addition, conspiracists were more likely to express mistrust and made more positive and fewer negative references to other conspiracy theories.
The data also indicate that conspiracists were largely unwilling to apply the “conspiracy theory” label to their own beliefs and objected when others did so, lending support to the long-held suggestion that conspiracy belief carries a social stigma. Finally, conventionalist arguments tended to have a more hostile tone. These tendencies in persuasive communication can be understood as a reflection of an underlying conspiracist worldview in which the details of individual conspiracy theories are less important than a generalized rejection of official explanations.
“The Internet was made for conspiracy theory: it is a conspiracy theory: one thing leads to another, always another link leading you deeper into no thing and no place.” (Stewart, 1999, p. 18).
👉🏼 Kent Academic RepositoryFull text document (pdf)
https://kar.kent.ac.uk/36252/1/Wood%20and%20Douglas%202013%20Frontiers.pdf
👉🏼 Read more:
https://www.frontiersin.org/articles/10.3389/fpsyg.2013.00409/full
https://www.forschung-und-wissen.de/nachrichten/psychologie/menschen-die-an-verschwoerungstheorien-glauben-sind-vernuenftiger-13372102
#research #psychological #study #conspiracy #theories #pdf #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
Bellingcat's free online open source research toolkit
Version 5.1 (March 09, 2020)
The list includes satellite and map services, photo and video review tools, web archiving sites, and more.
Content (All links lead to GoogleDocs):
💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time
💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks
https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic#h.6igzqqftqvh4
#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Version 5.1 (March 09, 2020)
The list includes satellite and map services, photo and video review tools, web archiving sites, and more.
Content (All links lead to GoogleDocs):
💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time
💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks
https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic#h.6igzqqftqvh4
#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
Introducing Project Freta - Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button — no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button — no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Microsoft Research
Toward trusted sensing for the cloud: Introducing Project Freta - Microsoft Research
“Sunlight is said to be the best of disinfectants.” ―Louis D. Brandeis, 1914 We often think about the field of computer security as a field of walls and barriers that keep intruders out. With Project Freta, we invite readers to…
Forwarded from BlackBox (Security) Archiv
Bellingcat's free online open source research toolkit
Version 5.3 (August 19, 2020)
The list includes satellite and map services, photo and video review tools, web archiving sites, and more.
Content (All links lead to GoogleDocs):
💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time
💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks
https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic#h.6igzqqftqvh4
#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Version 5.3 (August 19, 2020)
The list includes satellite and map services, photo and video review tools, web archiving sites, and more.
Content (All links lead to GoogleDocs):
💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time
💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks
https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic#h.6igzqqftqvh4
#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
Numbers, please! 3.5 billion inhabitants - a database of all cities in the world
Researchers have created a database of all cities in the world. This makes it possible to compare what is otherwise not comparable and shows an exciting picture of the world.
In 2015, more than 3.5 billion (or exactly 3,535,326,299) people lived in cities with at least 50,000 inhabitants, which was 48 percent of the entire human population. Of these cities, there were 13,135 five years ago, by far the most in India (3229), ahead of China (1844), Ethiopia (553) and Nigeria (480). Only 40 years earlier, only 1.8 billion people (43 percent) had lived in cities of this size. The largest cities in the world in 2015 were Guangzhou (40.5 million), Jakarta (36.3 million), Tokyo (33 million), Delhi and Shanghai, in that order. Dortmund (better, the Ruhr area) follows in 118th place with 3.4 million inhabitants as Germany's largest city and here at the latest it should become clear that these figures are somewhat different.
👀 👉🏼 https://public.tableau.com/profile/martin.holland#!/vizhome/CitiesOfTheWorld-Population
👀 👉🏼 https://ec.europa.eu/jrc/en/publication/eur-scientific-and-technical-research-reports/atlas-human-planet-2018
👀 👉🏼 🇩🇪 https://www.heise.de/hintergrund/Zahlen-bitte-3-5-Milliarden-Einwohner-eine-Datenbank-aller-Staedte-der-Welt-4861541.html
#numbers #scientific #research #atlas #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Researchers have created a database of all cities in the world. This makes it possible to compare what is otherwise not comparable and shows an exciting picture of the world.
In 2015, more than 3.5 billion (or exactly 3,535,326,299) people lived in cities with at least 50,000 inhabitants, which was 48 percent of the entire human population. Of these cities, there were 13,135 five years ago, by far the most in India (3229), ahead of China (1844), Ethiopia (553) and Nigeria (480). Only 40 years earlier, only 1.8 billion people (43 percent) had lived in cities of this size. The largest cities in the world in 2015 were Guangzhou (40.5 million), Jakarta (36.3 million), Tokyo (33 million), Delhi and Shanghai, in that order. Dortmund (better, the Ruhr area) follows in 118th place with 3.4 million inhabitants as Germany's largest city and here at the latest it should become clear that these figures are somewhat different.
👀 👉🏼 https://public.tableau.com/profile/martin.holland#!/vizhome/CitiesOfTheWorld-Population
👀 👉🏼 https://ec.europa.eu/jrc/en/publication/eur-scientific-and-technical-research-reports/atlas-human-planet-2018
👀 👉🏼 🇩🇪 https://www.heise.de/hintergrund/Zahlen-bitte-3-5-Milliarden-Einwohner-eine-Datenbank-aller-Staedte-der-Welt-4861541.html
#numbers #scientific #research #atlas #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Tableau Public
Martin Holland - Profile | Tableau Public
Martin Holland's Tableau Public profile. View interactive data visualizations published by this author.
Forwarded from BlackBox (Security) Archiv
What they do in the shadows - examining the far-right networks on Telegram
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using network analysis. The far-right network observed on Telegram is highly decentralized, similarly to the far-right networks found on other social media platforms. The network is divided mostly along the ideological and national lines, with the communities related to 4chan imageboard and Donald Trump’s supporters being the most influential.
The analysis of the network evolution shows that the start of its explosive growth coincides in time with the mass bans of the far-right actors on mainstream social media platforms. The observed patterns of network evolution suggest that the simultaneous migration of these actors to Telegram has allowed them to swiftly recreate their connections and gain prominence in the network thus casting doubt on the effectiveness of deplatforming for curbing the influence of far-right and other extremist actors.
👀 👉🏼 https://www.tandfonline.com/doi/full/10.1080/1369118X.2020.1803946
#telegram #tg #shadow #interconnections #research #analysis #extremist #4chan
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using network analysis. The far-right network observed on Telegram is highly decentralized, similarly to the far-right networks found on other social media platforms. The network is divided mostly along the ideological and national lines, with the communities related to 4chan imageboard and Donald Trump’s supporters being the most influential.
The analysis of the network evolution shows that the start of its explosive growth coincides in time with the mass bans of the far-right actors on mainstream social media platforms. The observed patterns of network evolution suggest that the simultaneous migration of these actors to Telegram has allowed them to swiftly recreate their connections and gain prominence in the network thus casting doubt on the effectiveness of deplatforming for curbing the influence of far-right and other extremist actors.
👀 👉🏼 https://www.tandfonline.com/doi/full/10.1080/1369118X.2020.1803946
#telegram #tg #shadow #interconnections #research #analysis #extremist #4chan
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Taylor & Francis
What they do in the shadows: examining the far-right networks on Telegram
The present paper contributes to the research on the activities of far-right actors on social media by examining the interconnections between far-right actors and groups on Telegram platform using ...
Forwarded from BlackBox (Security) Archiv
So, these asses have been scraping telegram searching for users and groups and building a whole goddamn database containing thousands of records of people talking/connecting/being in groups (which goes against telegram's main premise).
They even admit that governments use them... Which is also something Durov doesn't approve of.
And they cannot even sanitize their input.
👀 👉🏼 https://t.me/BlackBox_Archiv/1166
#telegram #tg #durov #shadow #interconnections #research #analysis #gov #extremist #4chan #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
They even admit that governments use them... Which is also something Durov doesn't approve of.
And they cannot even sanitize their input.
👀 👉🏼 https://t.me/BlackBox_Archiv/1166
#telegram #tg #durov #shadow #interconnections #research #analysis #gov #extremist #4chan #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
The KGB Experience - How to Catch a Spy who Uses Numbers Stations?
Introduction
From 2019 onwards the Latvian National Archive offers access to various KGB documents. The author had already previously shown the very detailed efforts of the Latvian KGB counterintelligence to monitor and study the CIA and BND numbers stations broadcasts, or what they called – “one directional communications”.[1] These are one of the most definitive archival sources which prove that foreign intelligence actively used shortwave in the USSR and that the KGB was aware of it. The documents showed that the KGB had monitored these broadcasts from at least 1978, but the files spoke very vaguely if the monitoring effort led to any apprehension and capture of a foreign agent. We, however, know that there were such cases like Alexander Ogorodnik[2], and others where the use of shortwave signals was determined.
👀 👉🏼 https://www.numbers-stations.com/how-to-catch-a-spy-who-uses-numbers-stations-the-kgb-experience/
#russia #kgb #spy #numbersstations #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Introduction
From 2019 onwards the Latvian National Archive offers access to various KGB documents. The author had already previously shown the very detailed efforts of the Latvian KGB counterintelligence to monitor and study the CIA and BND numbers stations broadcasts, or what they called – “one directional communications”.[1] These are one of the most definitive archival sources which prove that foreign intelligence actively used shortwave in the USSR and that the KGB was aware of it. The documents showed that the KGB had monitored these broadcasts from at least 1978, but the files spoke very vaguely if the monitoring effort led to any apprehension and capture of a foreign agent. We, however, know that there were such cases like Alexander Ogorodnik[2], and others where the use of shortwave signals was determined.
👀 👉🏼 https://www.numbers-stations.com/how-to-catch-a-spy-who-uses-numbers-stations-the-kgb-experience/
#russia #kgb #spy #numbersstations #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Number Stations Research
How to Catch a Spy who Uses Numbers Stations? The KGB Experience
Introduction From 2019 onwards the Latvian National Archive offers access to various KGB documents. The author had already previously shown the very detailed efforts of the Latvian KGB counterintelligence to monitor and study the CIA
Forwarded from BlackBox (Security) Archiv
Internet history can be used for “reidentification” finds study by Mozilla
A recent research paper has reaffirmed that our internet history can be reliably used to identify us. The research was conducted by Sarah Bird, Ilana Segall, and Martin Lopatka from Mozilla and is titled: Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories. The paper was released at the Symposium on Usable Privacy and Security and is a continuation of a 2012 paper that highlighted the same reidentifiability problem.
‼️ Just your internet history can be used to reidentify you on the internet ‼️
Using data from 52,000 consenting Firefox users, the researchers were able to identify 48,919 distinct browsing profiles which had 99% uniqueness.
This is especially concerning because internet history is routinely sold by your internet service provider (ISP) and mobile data provider to third party advertising and marketing firms which are demonstrably able to tie a list of sites back to an individual they already have a profile on – even if the ISP claims to be “anonymizing” the data being sold. This is a legally sanctioned activity ever since 2017 when Congress voted to get rid of broadband privacy and allow the monetization of this type of data collection.
This type of “history-based profiling” is undoubtedly being used to build ad profiles on internet users around the world. Previous studies have shown that an IP address usually stays static for about a month – which the researchers noted: “is more than enough time to build reidentifiable browsing profiles.”
👀 👉🏼 (PDF)
https://www.usenix.org/system/files/soups2020-bird.pdf
👀 👉🏼 https://www.cozyit.com/internet-history-can-be-used-for-reidentification-finds-study-by-mozilla/
#mozilla #study #research #internet #history #reidentification #thinkabout #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
A recent research paper has reaffirmed that our internet history can be reliably used to identify us. The research was conducted by Sarah Bird, Ilana Segall, and Martin Lopatka from Mozilla and is titled: Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories. The paper was released at the Symposium on Usable Privacy and Security and is a continuation of a 2012 paper that highlighted the same reidentifiability problem.
‼️ Just your internet history can be used to reidentify you on the internet ‼️
Using data from 52,000 consenting Firefox users, the researchers were able to identify 48,919 distinct browsing profiles which had 99% uniqueness.
This is especially concerning because internet history is routinely sold by your internet service provider (ISP) and mobile data provider to third party advertising and marketing firms which are demonstrably able to tie a list of sites back to an individual they already have a profile on – even if the ISP claims to be “anonymizing” the data being sold. This is a legally sanctioned activity ever since 2017 when Congress voted to get rid of broadband privacy and allow the monetization of this type of data collection.
This type of “history-based profiling” is undoubtedly being used to build ad profiles on internet users around the world. Previous studies have shown that an IP address usually stays static for about a month – which the researchers noted: “is more than enough time to build reidentifiable browsing profiles.”
👀 👉🏼 (PDF)
https://www.usenix.org/system/files/soups2020-bird.pdf
👀 👉🏼 https://www.cozyit.com/internet-history-can-be-used-for-reidentification-finds-study-by-mozilla/
#mozilla #study #research #internet #history #reidentification #thinkabout #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Forwarded from BlackBox (Security) Archiv
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Phoronix
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their 'VoltPillager' hardware device they assembled for about $30 USD.
Forwarded from BlackBox (Security) Archiv
Social Media Use in 2021
A majority of Americans say they use YouTube and Facebook, while use of Instagram, Snapchat and TikTok is especially common among adults under 30.
To better understand Americans’ use of social media, online platforms and messaging apps, Pew Research Center surveyed 1,502 U.S. adults from Jan. 25 to Feb. 8, 2021, by cellphone and landline phone. The survey was conducted by interviewers under the direction of Abt Associates and is weighted to be representative of the U.S. adult population by gender, race, ethnicity, education and other categories. Here are the questions used for this report, along with responses, and its methodology.
https://www.pewresearch.org/internet/2021/04/07/social-media-use-in-2021/
#socialmedia #facebook #youtube #instagram #snapchat #tiktok #research #usa
📡 @nogoolag 📡 @blackbox_archiv
A majority of Americans say they use YouTube and Facebook, while use of Instagram, Snapchat and TikTok is especially common among adults under 30.
To better understand Americans’ use of social media, online platforms and messaging apps, Pew Research Center surveyed 1,502 U.S. adults from Jan. 25 to Feb. 8, 2021, by cellphone and landline phone. The survey was conducted by interviewers under the direction of Abt Associates and is weighted to be representative of the U.S. adult population by gender, race, ethnicity, education and other categories. Here are the questions used for this report, along with responses, and its methodology.
https://www.pewresearch.org/internet/2021/04/07/social-media-use-in-2021/
#socialmedia #facebook #youtube #instagram #snapchat #tiktok #research #usa
📡 @nogoolag 📡 @blackbox_archiv