Re: Physical security rather than crypto---but perhaps of interest
Since we are on this topic: "You don’t need to be a crowned Ranger class master hacker to sneak into someone’s email or facebook account these days. Which means that you’re not simply being a nervous nellie if you’re worried about security. In fact, users of public WiFi should be worried. If you use WiFi to access some of the most popular email and social networking services, like, gmail, yahoo mail, hotmail, and facebook, your account information floats around in the air, often completely unsecured. You want some more fear with your coffee? Chris Soghoian, a fellow at the Berkman Center for Internet and Society, took a look into WiFi and account security to find out just how scary the situation is." Listen to the audio at: http://blogs.law.harvard.edu/mediaberkman/2009/07/16/radio-berkman-126-the-g-fail/ saqib http://www.capital-punishment.us - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Re: Physical security rather than crypto---but perhaps of interest
Charles Jackson wrote: http://news.bbc.co.uk/2/hi/technology/8147534.stm Chuck [Moderator's note: It is helpful, when posting a link, to give enough information that people can know whether they want to go and read the article. In this case, the title and first few sentences are: Snooping through the power socket When I first read the article title I assumed it was going to be about Ethernet over Powerlines and how they had weak or non existent crypto. Power sockets can be used to eavesdrop on what people type on a computer. Security researchers found that poor shielding on some keyboard cables means useful data can be leaked about each character typed. By analysing the information leaking onto power circuits, the researchers could see what a target was typing. The attack has been demonstrated to work at a distance of up to 15m, but refinement may mean it could work over much longer distances. When I read this and my first thought was: "exactly how is this new research or news ?" This is exactly the type of threat that TEMPEST protection is intended to provide risk reduction for. So yeah not new or news to some people but certainly scary for the masses. Now to bring it back to crypto this shows the danger of assuming that local "links" don't need to be encrypted and that cables are "more secure" than wireless links (eg Bluetooth, WiFi etc). -- Darren J Moffat - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Physical security rather than crypto---but perhaps of interest
http://news.bbc.co.uk/2/hi/technology/8147534.stm Chuck [Moderator's note: It is helpful, when posting a link, to give enough information that people can know whether they want to go and read the article. In this case, the title and first few sentences are: Snooping through the power socket Power sockets can be used to eavesdrop on what people type on a computer. Security researchers found that poor shielding on some keyboard cables means useful data can be leaked about each character typed. By analysing the information leaking onto power circuits, the researchers could see what a target was typing. The attack has been demonstrated to work at a distance of up to 15m, but refinement may mean it could work over much longer distances. --Perry] - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
