Seriously, Put Away The Foil

I was scanning the headlines this morning, as I do, and came across this article by YLE Uutiset (News). — “Finnish police: Keep your car keys in the fridge” From YLE’s article: “These so-called smart keys work by emitting a signal when the driver touches the door handle. The lock opens when it recognises the… Read more »

Hacking Your Computer Monitor

Here’s an interesting hack against a computer’s monitor: A group of researchers has found a way to hack directly into the tiny computer that controls your monitor without getting into your actual computer, and both see the pixels displayed on the monitor — effectively spying on you — and also manipulate the pixels to display… Read more »

Decrypting the WhatsApp Database

INTRODUCTION WhatsApp Messenger is an application used across various Mobile Platforms for instant messaging. It uses the internet to send and receive audios, videos, documents, location details, messages etc. WhatsApp saves all the message of user onto a database file in crypt form, which means no one could read anyone’s private messages. WhatsApp uses crypt2,… Read more »

Why you can’t trust things you copy and paste from web pages

Put away your wget and curl, your SOAP clients and WSDLs, WebDAV servers, REST APIs and JSON callbacks; when it comes to moving data off websites and on to your computer the sticky stuff that greases the wheels is copy and paste. This side of haptic gloves, Ctrl+C and Ctrl+V is as close as we… Read more »

Cheating in Marathon Running

Story of Julie Miller, who cheated in multiple triathlon races: The difference between cheating in 1980 and cheating today is that it’s much harder to get away with now. What trips up contemporary cheaters, Empfield said, is their false assumption that the only thing they have to worry about is their timing chip, the device… Read more »

Petya key decoder

I made a decoder for key of Petya ransomware. It works for Stage 1 of encryption – if the system was not rebooted after the infection. Research about a possibility to decrypt Stage 2 is in progress. UPDATE: 8-th April 2016 Petya at Stage 2 has been cracked by leo-stone. Read more: https://petya-pay-no-ransom.herokuapp.com/ and https://github.com/leo-stone/hack-petya…. Read more »

Petya: Disk Encrypting Ransomware

Updated 2016-04-03: Edited to add more details about the encryption scheme. Petya is a new ransomware with an evil twist: instead of encrypting files on disk, it will lock the entire disk, rendering it pretty much useless. Specifically, it will encrypt the filesystem’s master file table (MFT), which means the operating system is not able… Read more »

Mousejacking – what you need to know

US startup Bastille Networks boldly claims to be “the first and only company to completely secure the Enterprise,” even though it doesn’t have any products on its website yet. But it is nevertheless making waves with a vulnerability it’s calling Mousejacking, caused by a raft of security problems the company says it’s found in numerous… Read more »

The Fundamental Insecurity of USB

p>This is pretty impressive: Most of us learned long ago not to run executable files from sketchy USB sticks. But old-fashioned USB hygiene can’t stop this newer flavor of infection: Even if users are aware of the potential for attacks, ensuring that their USB’s firmware hasn’t been tampered with is nearly impossible. The devices don’t… Read more »

Clear Your Cookies? You Can’t Escape Canvas Fingerprinting

So tracking is getting even trickier, it seems canvas fingerprinting would work in any browser that supports HTML5 and is pretty hard to stop as a user, as it’s a basic feature (a website instructing your browser to draw an image using canvas). And it turns out, every single browser will draw the image slightly… Read more »

  • English-Italian Translations

    Seriously, Put Away The Foil

    Posted on by

    I was scanning the headlines this morning, as I do, and came across this article by YLE Uutiset (News). — “Finnish police: Keep your car keys in the fridge” From YLE’s article: “These so-called smart keys work by emitting a signal when the driver touches the door handle. The lock opens when it recognises the… Read more »

  • Bruce Schneier, English-Italian Translations

    Hacking Your Computer Monitor

    Posted on by

    Here’s an interesting hack against a computer’s monitor: A group of researchers has found a way to hack directly into the tiny computer that controls your monitor without getting into your actual computer, and both see the pixels displayed on the monitor — effectively spying on you — and also manipulate the pixels to display… Read more »

  • Android Forensics, English-Italian Translations

    Decrypting the WhatsApp Database

    Posted on by

    INTRODUCTION WhatsApp Messenger is an application used across various Mobile Platforms for instant messaging. It uses the internet to send and receive audios, videos, documents, location details, messages etc. WhatsApp saves all the message of user onto a database file in crypt form, which means no one could read anyone’s private messages. WhatsApp uses crypt2,… Read more »

  • English-Italian Translations

    Why you can’t trust things you copy and paste from web pages

    Posted on by

    Put away your wget and curl, your SOAP clients and WSDLs, WebDAV servers, REST APIs and JSON callbacks; when it comes to moving data off websites and on to your computer the sticky stuff that greases the wheels is copy and paste. This side of haptic gloves, Ctrl+C and Ctrl+V is as close as we… Read more »

  • Bruce Schneier, English-Italian Translations

    Cheating in Marathon Running

    Posted on by

    Story of Julie Miller, who cheated in multiple triathlon races: The difference between cheating in 1980 and cheating today is that it’s much harder to get away with now. What trips up contemporary cheaters, Empfield said, is their false assumption that the only thing they have to worry about is their timing chip, the device… Read more »

  • English-Italian Translations

    Petya key decoder

    Posted on by

    I made a decoder for key of Petya ransomware. It works for Stage 1 of encryption – if the system was not rebooted after the infection. Research about a possibility to decrypt Stage 2 is in progress. UPDATE: 8-th April 2016 Petya at Stage 2 has been cracked by leo-stone. Read more: https://petya-pay-no-ransom.herokuapp.com/ and https://github.com/leo-stone/hack-petya…. Read more »

  • English-Italian Translations

    Petya: Disk Encrypting Ransomware

    Posted on by

    Updated 2016-04-03: Edited to add more details about the encryption scheme. Petya is a new ransomware with an evil twist: instead of encrypting files on disk, it will lock the entire disk, rendering it pretty much useless. Specifically, it will encrypt the filesystem’s master file table (MFT), which means the operating system is not able… Read more »

  • English-Italian Translations

    Mousejacking – what you need to know

    Posted on by

    US startup Bastille Networks boldly claims to be “the first and only company to completely secure the Enterprise,” even though it doesn’t have any products on its website yet. But it is nevertheless making waves with a vulnerability it’s calling Mousejacking, caused by a raft of security problems the company says it’s found in numerous… Read more »

  • Bruce Schneier, English-Italian Translations

    The Fundamental Insecurity of USB

    Posted on by

    p>This is pretty impressive: Most of us learned long ago not to run executable files from sketchy USB sticks. But old-fashioned USB hygiene can’t stop this newer flavor of infection: Even if users are aware of the potential for attacks, ensuring that their USB’s firmware hasn’t been tampered with is nearly impossible. The devices don’t… Read more »

  • English-Italian Translations

    Clear Your Cookies? You Can’t Escape Canvas Fingerprinting

    Posted on by

    So tracking is getting even trickier, it seems canvas fingerprinting would work in any browser that supports HTML5 and is pretty hard to stop as a user, as it’s a basic feature (a website instructing your browser to draw an image using canvas). And it turns out, every single browser will draw the image slightly… Read more »