Tag Archive for: full

Android full disk encryption can be brute-forced on Qualcomm-based devices

/in

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users’ data and run brute-force attacks against them.

The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm’s implementation of the ARM CPU TrustZone.

The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).

The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user’s PIN, password or swipe pattern.

To read this article in full or to leave a comment, please click here

Network World Security

Company wants full access to your social media accounts to spy for landlords, employers

/in

If a UK startup has its way, then you will hand over full access to your social media accounts – “including entire conversation threads and private messages” – so it can be scraped and analyzed to help potential landlords and employers decide if you are a risk worth taking.

Why in the world would you agree to such a thing? Score Assured co-founder Steve Thornhill told The Washington Post, “People will give up their privacy to get something they want.”

The company launched “Tenant Assured” so landlords can decide if you would be a good tenant. It uses an algorithm to “deep dive” into your social media accounts and give landlords “insights into five main personality traits: extraversion, neuroticism, openness, agreeableness and conscientiousness.”

To read this article in full or to leave a comment, please click here

Network World Security

Computer Security Expert: We May Still Not Know The Full Extent Of The Recent … – WXXI News

/in

WXXI News

Computer Security Expert: We May Still Not Know The Full Extent Of The Recent
WXXI News
We may still not know the extent of how many people potentially were affected by the cyber attack that hit Excellus BlueCross BlueShield and its affiliated companies. That's the feeling of a computer security expert at the University at Buffalo, Arun
Excellus records hacked; 10.5 million records affectedRochester Democrat and Chronicle

all 159 news articles »

“computer security” – read more

Simple Mac bug gives hackers full access to your computer

/in

The days of Mac users taunting Windows users with the claim, “Macs don’t get viruses” is long past. As Macs became more popular, hackers went to work and started discovering security flaws similar to the ones in Windows. Now a new flaw in the latest Mac …
mac hacker – read more