Lifeboat Foundation

Typically abbreviated as TLS, Transport Layer Security uses strong encryption to prove that an end user is connected to an authentic server belonging to a specific service (such as Google or Bank of America) and not an impostor masquerading as that service. TLS also encrypts data as it travels between an end user and a server to ensure that people who can monitor the connection can’t read or tamper with the contents. With millions of servers relying on it, TLS is a cornerstone of online security.

In a research paper published on Wednesday, Brinkmann and seven other researchers investigated the feasibility of using what they call cross-protocol attacks to bypass TLS protections. The technique involves an MitM attacker redirecting cross-origin HTTP requests to servers that communicate over SMTP, IMAP, POP3, or FTP, or another communication protocol.

The main components of the attack are the client application used by the targeted end user, denoted as C; the server the target intended to visit, denoted as S_int; and the substitute server, a machine that connects using SMTP, FTP, or another protocol that’s different from the one server_int uses but with the same domain listed in its TLS certificate.

REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research.

Researchers from security firm Sophos detected the new ransomware, called Epsilon Red, in an investigation of an attack on a U.S.-based company in the hospitality sector, Sophos Principal Researcher Andrew Brandt wrote in a report published online.

FragAttacks let hackers inject malicious code or commands into encrypted Wi-Fi traffic.

Although universal fault-tolerant quantum computers – with millions of physical quantum bits (or qubits) – may be a decade or two away, quantum computing research continues apace. It has been hypothesized that quantum computers will one day revolutionize information processing across a host of military and civilian applications from pharmaceuticals discovery, to advanced batteries, to machine learning, to cryptography. A key missing element in the race toward fault-tolerant quantum systems, however, is meaningful metrics to quantify how useful or transformative large quantum computers will actually be once they exist.

To provide standards against which to measure quantum computing progress and drive current research toward specific goals, DARPA announced its Quantum Benchmarking program. Its aim is to re-invent key quantum computing metrics, make those metrics testable, and estimate the required quantum and classical resources needed to reach critical performance thresholds.

“It’s really about developing quantum computing yardsticks that can accurately measure what’s important to focus on in the race toward large, fault-tolerant quantum computers,” said Joe Altepeter, program manager in DARPA’s Defense Sciences Office. “Building a useful quantum computer is really hard, and it’s important to make sure we’re using the right metrics to guide our progress towards that goal. If building a useful quantum computer is like building the first rocket to the moon, we want to make sure we’re not quantifying progress toward that goal by measuring how high our planes can fly.”

A few weeks back we brought word that Reddit users [derekcz] and [Xerbot] had managed to receive the 2232.5 MHz telemetry downlink from a Falcon 9 upper stage and pull out some interesting plain-text strings. With further software fiddling, the vehicle’s video streams were decoded, resulting in some absolutely breathtaking shots of the rocket and its payload from low Earth orbit.

Unfortunately, it looks like those heady days are now over, as [derekcz] reports the downlink from the latest Falcon 9 mission was nothing but intelligible noise. Since the hardware and software haven’t changed on his side, the only logical conclusion is that SpaceX wasn’t too happy about radio amateurs listening in on their rocket and decided to employ some form of encryption.

Continue reading “Fun While It Lasted, Falcon 9 Telemetry Now Encrypted” »

A team of researchers at Shanghai Jiao Tong University, has found that the human hand can be used as a powerless infrared radiation (IR) source in multiple kinds of applications. In their paper published in Proceedings of the National Academy of Sciences, the group notes that the human hand naturally emits IR and they demonstrate that the radiation can be captured and used.

The human body emits light in the invisible IR range, including the hands. This source of radiation, the researchers noted, could potentially be captured and used in applications ranging from signal generation to encryption systems. They further noted that because the hand has multiple fingers, the IR that it emits could be considered to be multiplexed.

IR is a form of electromagnetic radiation —its wavelengths are longer than those of visible light, which is why humans cannot see them. Prior research has shown that the human body emits such radiation due to body heat. Electromagnetic radiation carries with it radiant energy, and its behavior is classified as both a quantum particle and a wave. Prior research has also shown that electromagnetic radiation can be used in a variety of applications, including microwaves, radios and medical imaging devices. And infrared light, in particular, enables night vision goggles, spectroscopy devices and medical devices used to treat burn victims. In this new effort, the researchers have found that the very small amount of IR emitted by the human hand is sufficient to use in various devices.

What’s New: Intel today announced that it has signed an agreement with Defense Advanced Research Projects Agency (DARPA) to perform in its Data Protection in Virtual Environments (DPRIVE) program. The program aims to develop an accelerator for fully homomorphic encryption (FHE). Microsoft is the key cloud ecosystem and homomorphic encryption partner leading the commercial adoption of the technology once developed by testing it in its cloud offerings, including Microsoft Azure and the Microsoft JEDI cloud, with the U.S. government. The multiyear program represents a cross-team effort across multiple Intel groups, including Intel Labs, the Design Engineering Group and the Data Platforms Group, to tackle “the final frontier” in data privacy, which is computing on fully encrypted data without access to decryption keys.

“Fully homomorphic encryption remains the holy grail in the quest to keep data secure while in use. Despite strong advances in trusted execution environments and other confidential computing technologies to protect data while at rest and in transit, data is unencrypted during computation, opening the possibility of potential attacks at this stage. This frequently inhibits our ability to fully share and extract the maximum value out of data. We are pleased to be chosen as a technology partner by DARPA and look forward to working with them as well as Microsoft to advance this next chapter in confidential computing and unlock the promise of fully homomorphic encryption for all.” – Rosario Cammarota, principal engineer, Intel Labs, and principal investigator, DARPA DPRIVE program

A single “super photon” made up of many thousands of individual light particles: About ten years ago, researchers at the University of Bonn produced such an extreme aggregate state for the first time and presented a completely new light source. The state is called optical Bose-Einstein condensate and has captivated many physicists ever since, because this exotic world of light particles is home to its very own physical phenomena.

Researchers led by Prof. Dr. Martin Weitz, who discovered the super photon, and theoretical physicist Prof. Dr. Johann Kroha have returned from their latest “expedition” into the quantum world with a very special observation. They report of a new, previously unknown phase transition in the optical Bose-Einstein condensate. This is a so-called overdamped phase. The results may in the long term be relevant for encrypted quantum communication. The study has been published in the journal Science.

A “self-portrait” by humanoid robot Sophia, who “interpreted” a depiction of her own face, has sold at auction for over $688000.

A hand-painted “self-portrait” by the world-famous humanoid robot, Sophia, has sold at auction for over $688000.

The work, which saw Sophia “interpret” a depiction of her own face, was offered as a non-fungible token, or NFT, an encrypted digital signature that has revolutionized the art market in recent months.

Continue reading “Sophia the Robot ‘self-portrait’ NFT sells for almost $700K” »