Posts Categorized: Bruce Schneier

  • Bruce Schneier, English-Italian Translations

    Evercookies

    Posted on by

    Extremely persistent browser cookies: evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others. evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that… Read more »

  • Bruce Schneier, English-Italian Translations

    Prepaid Electricity Meter Fraud

    Posted on by

    New attack: Criminals across the UK have hacked the new keycard system used to top up pre-payment energy meters and are going door-to-door, dressed as power company workers, selling illegal credit at knock-down prices. The pre-paid power meters use a key system. Normally people visit a shop to put credit on their key, which they… Read more »

  • Bruce Schneier, English-Italian Translations

    Skeletal Identification

    Posted on by

    And you thought fingerprints were intrusive. The Wright State Research Institute is developing a ground-breaking system that would scan the skeletal structures of people at airports, sports stadiums, theme parks and other public places that could be vulnerable to terrorist attacks, child abductions or other crimes. The images would then quickly be matched with potential… Read more »

  • Bruce Schneier, English-Italian Translations

    Identifying People by their Bacteria

    Posted on by

    A potential new forensic: To determine how similar a person’s fingertip bacteria are to bacteria left on computer keys, the team took swabs from three computer keyboards and compared bacterial gene sequences with those from the fingertips of the keyboard owners. Today in the Proceedings of the National Academy of Sciences, they conclude that enough… Read more »

  • Bruce Schneier, English-Italian Translations

    Online Credit/Debit Card Security Failure

    Posted on by

    Ross Anderson reports: Online transactions with credit cards or debit cards are increasingly verified using the 3D Secure system, which is branded as “Verified by VISA” and “MasterCard SecureCode”. This is now the most widely-used single sign-on scheme ever, with over 200 million cardholders registered. It’s getting hard to shop online without being forced to… Read more »

  • Bruce Schneier, English-Italian Translations

    Privacy Violations by Facebook Employees

    Posted on by

    I don’t know if this is real, but it seems perfectly reasonable that all of Facebook is stored in a huge database that someone with the proper permissions can access and modify. And it also makes sense that developers and others would need the ability to assume anyone’s identity. Rumpus: You’ve previously mentioned a master… Read more »

  • Bruce Schneier, English-Italian Translations

    German TV on the Failure of Full-Body Scanners

    Posted on by

    The video is worth watching, even if you don’t speak German. The scanner caught a subject’s cell phone and Swiss Army knife — and the microphone he was wearing — but missed all the components to make a bomb that he hid on his body. Admittedly, he only faced the scanner from the front and… Read more »

  • Bruce Schneier, English-Italian Translations

    Reproducing Keys from Photographs

    Posted on by

    Reproducing keys from distant and angled photographs: Abstract: The access control provided by a physical lock is based on the assumption that the information content of the corresponding key is private — that duplication should require either possession of the key or a priori knowledge of how it was cut. However, the ever-increasing capabilities and… Read more »

  • Bruce Schneier, English-Italian Translations

    Hacking Two-Factor Authentication

    Posted on by

    Back in 2005, I wrote about the failure of two-factor authentication to mitigate banking fraud: Here are two new active attacks we’re starting to see: Man-in-the-Middle attack. An attacker puts up a fake bank website and entices user to that website. User types in his password, and the attacker in turn uses it to access… Read more »

  • Bruce Schneier, English-Italian Translations

    File Deletion

    Posted on by

    File deletion is all about control. This used to not be an issue. Your data was on your computer, and you decided when and how to delete a file. You could use the delete function if you didn’t care about whether the file could be recovered or not, and a file erase program — I… Read more »