Cargo Cult AI
Is the ability to think scientifically the defining essence of intelligence? CACM Sept. 2023, by Edlyn V. Levine.Quantum-Resistant Cryptography
An overview on post-quantum cryptography: Quantum-Resistant Cryptography, John P Mattsson, Ben Smeets, Erik Thormarker, 1 Dec. 2021.Super Immunity
NPR, 7 Sept. 2021: some good news for a change: "... it looks like the immune system is eventually going to have the edge over this virus," says Bieniasz, of Rockefeller University. "And if we're lucky, SARS-CoV-2 will eventually fall into that category of viruses that gives us only a mild cold."Quantum mechanics is immune to the butterfly effect
Economist, 15 Aug. 2020: ... quantum-mechanical systems seem to be more resilient than classical ones. Strangely, they seem to have the capacity to repair damage done in the past as time unfolds. Research article: Recovery of Damaged Information and the Out-of-Time-Ordered Correlators, Bin Yan & Nikolai A. Sinitsyn, 24 July 2020, https://arxiv.org/abs/2003.07267Top Programming Languages
IEEE Spectrum, 22 July 2020. Rankings: Python, Java, C, C++, Javascript, ...
How to Break PDF Signatures
Announcement from Ruhr University, 24 Feb. 2019: ... we reveal three novel attack classes for spoofing a digitally signed PDF document. We present our evaluation of 22 different PDF viewers and show 21 of them to be vulnerable. We additionally evaluated 8 online validation services and found 6 to be vulnerable.The Cybersecurity Workforce Gap
From the Center for Strategic and International Studies (CSIS), January 29, 2019, a report by William Crumpler and James A. Lewis: What organizations are truly desperate for are graduates who can design secure systems, create new tools for defense, and hunt down hidden vulnerabilities in software and networks.Disappointed with Reality
From Floating Voxels Provide New Hope for 3D Displays, CACM Oct. 2018: The general public has for 40 years been seeing cinematic depictions of physically impossible things, and when they do see what's possible, they are disappointedClick Here to Kill Everybody
New book by Bruce Schneier, Sept. 2018: The internet is powerful, but it is not safe. As "smart" devices proliferate the risks will get worse, unless we act now.Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
Foreshadow is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds. Foreshadow has two versions, the original attack designed to extract data from SGX enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory.USENIX Security Symposium, August 2018.
Computer algorithms can test the dodginess of published results
The Economist, June 2018: As they describe in a paper in PsyArXiv Preprints, Sean Wilner and his colleagues at the University of Illinois at Urbana-Champaign have come up with a way of reconstructing, given the mean, standard deviation and number of data points in a result (all three of which are usually stated as part of such a result), all the possible data sets which could have given rise to that result.The PsyArXiv paper is Complete recovery of values in Diophantine systems (CORVIDS), Sean Wilner, Katherine Wood, and Daniel Simons, July 02, 2018. The software is available at github.com/katherinemwood/corvids. It uses a version of Diophantine by Thomas G. Close for finding small solutions of systems of diophantine equations, which is based on the LLL algorithm from Extended gcd and Hermite normal form algorithms via lattice basis reduction, G. Havas, B.S. Majewski, and K.R. Matthews, Experimental Mathematics, Vol 7 (1998) 125-136. A related heuristic method is described in Recovering data from summary statistics: Sample Parameter Reconstruction via Iterative TEchniques (SPRITE), James A Heathers, Jordan Anaya, Tim van der Zee, and Nicholas JL Brown, PeerJ Preprints, May 30, 2018.
Hacker of the Future
Already planning attacks on quantum computers which do not yet exist. In An entangling-probe attack on Shor's algorithm for factorization, Hiroo Azuma shows that an attacker can steal an exact solution of Shor's algorithm outside an institute where the quantum computer is installed if he replaces its initialized quantum register with entangled qubits.Spectre and Meltdown Attacks Against Microprocessors
Bruce Schneier writes in Crypto-Gram, January 2018: It shouldn't be surprising that microprocessor designers have been building insecure hardware for 20 years. What's surprising is that it took 20 years to discover it. More from February 2018: Unpatchable vulnerabilities in the deepest recesses of the world's computer hardware is the new normal.No such thing as war in cyber
At Fifth Domain, August 11, 2017: General John Hyten, head of US Strategic Command, told an audience at the annual Space and Missile Symposium in Huntsville, Alabama last week that "there's no such thing as war in cyber; there's just war," and that "we have to figure out how to defeat our adversaries, not to defeat the domains where they operate."Spyware that can identify what films you are watching
At The Economist, April, 2017: By planting a small amount of JavaScript code in a web browser on a personal computer or smartphone that is merely attached to the same Wi-Fi network as the viewer's device, the film being watched can be identified ...Birthday attacks on 64-bit block ciphers
At https://sweet32.info/, October, 2016. Affects ciphers which use 64-bit data blocks, like Triple-DES and Blowfish, not AES. Requires analysis of billions of queries, but can be done in just hours: The attacker runs malicious JavaScript code on the victim's browser that repeatedly sends HTTP queries to the target website server, each containing the session cookie. If he sends close to 232 queries, a collision is expected....The paper contains succinct derivations of the collision probability formulas for n-bit data block size.
When We are No More
How Digital Memory Will Shape Our Future, by Abby Smith Rumsey, 2016. Excerpt: When distracted ... we fail to build the vital repertoire of knowledge and experience that may be of use to us in the future. And it is the future that is at stake. For memory is not about the past. It is about the future.
Physical Key Extraction Attacks on PCs
Article by Daniel Genkin, et. al., CACM, June 2016 - Computers broadcast their secrets via inadvertent physical emanations that are easily measured and exploited.Security Through Simplicity
Article by Boaz Barak, CACM, March 2016. Mainly about software obfuscation and homomorphic encryption. This excerpt summarizes the development of modern cryptography.Don't Expect Encrypted E-mail in 2016
Article by David Schneider, IEEE Spectrum, Jan. 2016.But people have been using encrypted email with IMAP client software such as Thunderbird and Outlook for over 20 years, and that works with gmail too.
Attacking the Network Time Protocol
Article by Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, and Sharon Goldberg. "Time is a fundamental building block for computing applications, and is heavily utilized by many cryptographic protocols. ..." Oct. 21, 2015.Cryptography Today
Announcement by the NSA regarding the transition to quantum resistant algorithms. Aug 19, 2015.Comments from Bruce Schneier, Crypto-Gram, Sept. 15, 2015.
Followup by Matthew Green, with reference to a new paper by Neal Koblitz and Alfred J. Menezes, Oct. 21, 2015.
Followup by Tony Arcieri, Oct. 23, 2015.