New browser-tracking hack works even when you flush caches or go incognito

New browser-tracking hack works even when you flush caches or go incognito

Researchers from the University of Illinois, Chicago said in a new paper that most browsers cache the images in a location that’s separate from the ones used to store site data, browsing history, and cookies.

This tech makes your online photograph difficult for Facial Recognition Software to recognize

This tech makes your online photograph difficult for Facial Recognition Software to recognize

Researchers develop a new technique that will keep your online photos safe from facial recognition algorithms.The research, which has been ongoing for more than six months, is targeted at countering the facial-recognition algorithms of big tech firms such as Facebook and Google.

Spies can eavesdrop by watching a light bulb’s variations

Spies can eavesdrop by watching a light bulb’s variations

They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that's hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside.

5 Common Social Engineering Techniques to Avoid During Lockdown

5 Common Social Engineering Techniques to Avoid During Lockdown

Social engineering is the practice of psychological techniques that are used on people with the intention of eliciting sensitive information from them in order to gain access to secure systems.Described below are some of the 5 most common social engineering techniques that attackers like to use.

How Apple personalizes Siri without hoovering up your data

How Apple personalizes Siri without hoovering up your data

Though Apple has been using differential privacy since 2017, it’s been combined with federated learning only as of iOS 13, which rolled out to the public in September of this year.

China is using DNA samples to try to re-create the faces of Uighurs

China is using DNA samples to try to re-create the faces of Uighurs

The news: Chinese researchers are using blood taken from Uighurs to try to work out how to use a DNA sample to re-create an image of a person’s face, according to an investigation by the New York Times.

Is your Airbnb host spying on you with a hidden camera? Use this simple trick to find out.

Is your Airbnb host spying on you with a hidden camera? Use this simple trick to find out.

Alex Heid, chief research and development officer at SecurityScorecard, has developed a simple method for detecting whether an Airbnb host is watching guests live on a hidden camera.Here's how to find out if your Airbnb host is discreetly watching you on a live security camera.

Researchers ID People Through Walls Using WiFi Signals & Walking Style

Researchers ID People Through Walls Using WiFi Signals & Walking Style

A group of researchers from UC Santa Barbara has developed a new way to identify people behind the walls using off-the-shelf Wi-Fi transceivers and analyzing their walking gait.

Academics steal data from air-gapped systems via a keyboard's LEDs

Academics steal data from air-gapped systems via a keyboard's LEDs

The research team behind this exfiltration method says it tested the CTRL-ALT-LED technique with various optical capturing devices, such as a smartphone camera, a smartwatch's camera, security cameras, extreme sports cameras, and even high-grade optical/light sensors.

A new camera can photograph you from 45 kilometers away

A new camera can photograph you from 45 kilometers away

Their technique uses single-photon detectors combined with a unique computational imaging algorithm that achieves super-high-resolution images by knitting together the sparsest of data points. The big advantage of this kind of active imaging is that the photons reflected from the subject return to the detector within a specific time window that depends on the distance.

Facebook Senior Staff Knew about Privacy Busting ‘Bug’ Five Years Ago

Facebook Senior Staff Knew about Privacy Busting ‘Bug’ Five Years Ago

The email proves that Facebook has been aware for five years of a technique called “sniper-targeting” that bypasses its anonymity safeguards and enables customized ads to reach just a few or even a single person.

Google's Sensorvault Can Tell Police Where You've Been

Google's Sensorvault Can Tell Police Where You've Been

The data Google is turning over to law enforcement is so precise that one deputy police chief said it “shows the whole pattern of life.” It’s collected even when people aren’t making calls or using apps, which means it can be even more detailed than data generated by cell towers.

Google Helps Police Identify Devices Close to Crime Scenes Using Location Data

Google Helps Police Identify Devices Close to Crime Scenes Using Location Data

It's no surprise that law enforcement seeks help from tech companies during criminal investigations, but the use of location history databases like Sensorvault has raised concerns...

Tracking Phones, Google Is a Dragnet for the Police

Tracking Phones, Google Is a Dragnet for the Police

Often, Google employees said, the company responds to a single warrant with location information on dozens or hundreds of devices. After receiving a warrant, Google gathers location information from its database, Sensorvault, and sends it to investigators, with each device identified by an anonymous ID code.

Now sites can fingerprint you online even when you use multiple browsers

Now sites can fingerprint you online even when you use multiple browsers

"From the negative perspective, people can use our cross-browser tracking to violate users' privacy by providing customized ads," Yinzhi Cao, the lead researcher who is an assistant professor in the Computer Science and Engineering Department at Lehigh University, told Ars.

Firefox to add Tor Browser anti-fingerprinting technique called letterboxing

Firefox to add Tor Browser anti-fingerprinting technique called letterboxing

Firefox users will first need to visit the about:config page, enter " privacy.resistFingerprinting " in the search box, and toggle the browser's anti-fingerprinting features to " true ." Image: ZDNet Firefox's letterboxing support doesn't only work when resizing a browser window but also works when users are maximizing the browser window, or entering in fullscreen mode.

Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data

Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data

The practice is ongoing according to the sources, and court documents and an audio recording obtained by Motherboard also detail a previously prosecuted case in which one debt collector tricked T-Mobile by fabricating cases of child kidnapping to convince the telco to hand over location data.

The FBI Wants Your Spit

The FBI Wants Your Spit

While many people are enjoying the genealogical research aided by companies such as 23andMe, Ancestry.com , and MyHeritage, they are also unaware that law enforcement is using them as “genetic informants.” In fact, Family Tree DNA has been allowing the Federal Bureau of Investigation (FBI) to submit suspects’ DNA in order to investigate unsolved violent crimes.

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data

"The people who are doing that are getting a lot of money and are doing that [full time]." Dubbed "AirHopper" by the researchers at Cyber Security Labs at Ben Gurion University , the proof-of-concept technique allows hackers and spies to surreptitiously siphon passwords and other data from an infected computer using radio signals generated and transmitted by the computer and received by a mobile phone.

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

It's thus not as serious as a remote attack technique that allows the execution of arbitrary code or exposes kernel memory, but Oren and Yarom speculate that there may be ways their browser fingerprinting method could be adapted to compromise computing secrets like encryption keys or vulnerable installed software.

Schneier on Security

Schneier on Security

We project that about 60% of the searches for individuals of European-descent will result in a third cousin or closer match, which can allow their identification using demographic identifiers. We demonstrate that the technique can also identify research participants of a public sequencing project.

Fake fingerprints can imitate real ones in biometric systems – research

Fake fingerprints can imitate real ones in biometric systems – research

Based on those insights, the researchers used a common machine learning technique, called a generative adversarial network, to artificially create new fingerprints that matched as many partial fingerprints as possible.

New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds

New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds

But at the Usenix conference held in Baltimore last week, a seven-man team from Georgia State University (GSU) detailed a new technique that recovers RSA encryption keys within seconds.