Northeastern researchers wanted to find out how free web browsers and apps compare with respect to protecting user’s privacy.

The team investigated the degree to which each platform leaks personal information (things like passwords, locations, birthdates, genders, etc) to data analytics companies and advertisers. Not surprisingly, they found that overall apps leak more identifiers, as they have more access to that information. However, what’s interesting is that apps typically leak just one more identifier than a website for the same service. “In fact, we found that in 40 percent of cases, websites leak more types of information than apps,” said David Choffnes, who lead the research.

The types of information that get leaked vary. For example, the research showed that websites more frequently leak names and locations, but only apps leak a device’s unique identifying number.

In other words, both websites and apps leak information but to varying degrees. For this reason, the researchers think that there’s no one answer to which platform is best for everybody.

The goal of the study was not to scare people, but to issue a call to action. “Part of that action could be that users start requesting or even demanding the privacy and transparency considerations they want from the companies they interact with,” explains Choffnes.

Source: Northeastern University via ScienceDaily (https://www.sciencedaily.com/releases/2016/09/160912151632.htm)

Designing and fabricating microchips worldwide is a serious, $350 billion business. But because it is such a huge industry, there are many opportunities for attacks: certain employees along the supply the chain can easily install malicious circuitry in chips if they want to. These harmful circuitries can sabotage various electronics, public infrastructure, health-care devices, etc.

The good news is that the researchers from the NYU Tandon School of Engineering are developing a new, fantastic solution: a chip with an embedded module, as well as an external module. This chip can prove its calculations are correct with the embedded module, and validate those proofs with its external module. In other words, the new chip can check for sabotage, and then, with its external verification unit, validate those calculations.

The new chip is also faster, smaller, and more power-efficient. So, not only will it provide more secure computations and electronics, it will also reduce time, energy, and chip area needed to produce proofs.

Source: NYU Tandon School of Engineering via ScienceDaily (https://www.sciencedaily.com/releases/2016/08/160823083321.htm)

A team of researchers from the University of Aberdeen and the Xian University of Technology has found and demonstrated that chaos can be used to transmit information over a wireless physical channel with increased efficiency and security.

Chaos has unpredictable behavior that can provide wide-range advantages in wireless communications. This is because the physical restraints of wireless physical media (like multi-path propagation, interference, etc) can prevent quick transmission of information. Chaotic signals, on the other hand, are irregular and offer broadband spectrum that is easy to generate and difficult to predict over time, which makes them quite desirable for communication applications.

The team demonstrated numerically and experimentally that chaos can be used to create a reliable and efficient wireless communication system. In the experiment, the information was successfully transmitted over a wireless channel in a chaotic signal even when the received chaotic communication signal was severely distorted by the wireless channel constraints. “We also demonstrated that it can be decoded to provide an efficient framework for the modern communication systems,” said H.P. Ren, one of the researchers.

Importantly, the chaotic signal that the researchers used as a basis for their communication system was able to encode any binary source of information in an energy-efficient way.

The team plans to use these methods to develop prototypes for real world wireless communication systems.

Source: American Institute of Physics via Phys.org (phys.org/news/2016-08-chaos-key-wireless.html)

A new study finds that people ignore computer security warnings up to 90% of the time, due to poor timing of the pop up (software security) messages.

Google Chrome engineers and Brigham Young University researchers conducted a study that showed that the time security messages pop up is incredibly important: a security message that appears while people are watching a video, typing a message, uploading files etc, is more than likely going to be disregarded. These times are less effective because of “dual task interference”. In other words, our brains cannot handle multitasking very well.

In the study, 74% of people ignored security messages that appeared while they were on the way to close a web page window; 79% ignored the messages when they were watching a video; 87% ignored the messages while they were uploading files.

For this reason, researchers suggest that developers and others pay attention to the timing of the security warnings. For example, the study found that people paid the most attention to security messages when they popped up in lower dual task times, like after watching a video, or after interacting with a website, or while they were waiting for a page to load.

While timing security warnings like this might seem like common sense, this actually isn’t a priority in the software industry, but as the study shows, it should become.

Since 1960, the potential of world development has kept growing exponentially, which allow computers to get smaller and more powerful at the same time. However, this process is about to meet physical limits, and it is time to invent a new type of computer. The ultimate solution for this problem is Quantum Computers.

People, nowadays, starts to rely their life on computers. Even though technology of computers have exponential development growth, the massive amount of processing power generated by computer manufactures has not yet been able to quench our thirst for speed and computing capacity. Furthermore, after the invention of Artificial Intelligence, also known as AI, has been announced to the world, computer software engineering companies required better quality of hardware. For instance, AlphaGo, computer program which is developed by Google DeepMind in London to play the board game Go, requires around 1,200 computers in a row arrangement. In those reasons, however, the cryptography part plays one of the most important reason for development of quantum computers.

So far, unbreakable cryptography has not been invented yet. However, the ultimate encryption system that human species invented so far is unfortunately breakable. In fact, with Bruce Force Attack, a trial-and-error method used to obtain information such as a user password or personal identification number with generating a large number of consecutive guesses as a value of the desired data, every single encryption system is useless.

Even though Quantum computer is remain as a theory, the time that quantum computer become part of our life is not that far away. In fact, lots of computer companies, including Google, start to take a first step.

You don’t have to be an internet expert in order to know we’re increasingly relying on the Internet when it comes to… well, pretty much everything. However, recent studies suggest that this ease of access to the vast resource of information is affecting our memory and thought processes for problem-solving and learning.

A thing called ‘cognitive offloading’ is the tendency to rely on things such as the Internet as a sort of aide-memoire, and researchers have now found that this tendency increases after each use. So while it might seem logical that memory is something that happens inside the head, it’s now clear that it’s slowly but surely becoming something that happens with the help of things outside the head.

In the study, researchers conducted experiments to determine our likelihood to reach for the Internet to answer questions. Participants of the experiment were divided into two groups to answer some difficult trivia questions. One group used only their memory, while the other used Google, and then the participants were given the choice of answering subsequent easier questions by the method of their choice.

Interestingly, the participants who previously used the Internet to answer questions were significantly more likely to revert to Google for easier questions than those who used just their memory. In fact, 30% of the participants who firstly consulted the Google failed to even attempt to answer a single easy question from the memory.

This is quite worrying if we take into account that a lot of the things we read on the Internet are simply not true, half-true or plain wrong. With new technologies our memory will continue to change, so it’s just as important to think about Internet security as it is about the sources of information we read.

Here’s an important update: a new study shows serious security threat to many Internet users, as communications involving Linux systems can be easily and quickly compromised remotely.

There is a serious weakness in the Transmission Control Protocol, or TCP, of all Linux operating systems that enables hackers to hijack users’ internet communications from anywhere. Here’s how: Linux (and other operating systems) uses TCP to package and send data, as well as the Internet Protocol (IP) to ensure the information gets to its destination. So, when two people communicate by email, TCP groups their message into a series of data packets that are identified by unique sequence numbers. These packets are then transmitted, received, and reassembled into the original message. These numbers can be useful to attackers, however, with about 4 billion possible sequences, it’s impossible to identify the sequence number associated with any particular communication by pure chance.

But the researchers at the University of California who led the study didn’t rely on chance: they found a subtle flaw in the Linux software that enables attackers to infer the TCP sequence numbers that are associated with a particular connection with only IP address of the communicating parties.

What does this mean? Given any two random machines on the Internet, a remote blind attacker can track users’ online activity, cancel connections with others and add false material into their communications. Additionally, this weakness could allow hackers to degrade the privacy of many anonymity networks (e.g. Tor), by forcing the connections to route through certain relays. Even worse, the attack is fast and reliable, and often takes less than a minute with a success rate of about 90 percent.

Linux is alerted and is working on fixing this weakness.

Cryptography has many areas. However, for the 5 most famous topics, there are Symmetric Encryption, Asymmetric Encryption, Hybrid Encryption, Password-based Encryption – which is also called PBE- and Clocked Encryption. To give further information about those types of encryption with wise known examples, for symmetric, there are AES, Twofish, Triple-DES; for asymmetric, there are RSA, ElGamal; for Hashes, there are SHA, Whirlpol; for Password to Key derivation, there are PBKDF2.

With those kind of Cryptography, we usually utilize those algorithms to encrypt the files. For the world-wide known file encryption types, there are OpenPGP, ZIP, and CrococryptFile. While OpenPGP has disadvantage that it only can encrypt single files with weak defaults, ZIP can encrypt multiple files with multiple directories. But, ZIP file also have disadvantage, which can’t encrypt file headers such as date, file sizes, number of files, and file names.  CrococryptFile, however, can encrypt multiple files with various directories and encrypt file headers with secure key derivation and strong defaults.

In order to use Crococryptfile to encode your data, you first have to make sure that there is JAVA in your computer. If there is no JAVA, then you have to download JAVA app file from official java website for free. Then, when JAVA file is successfully installed, you have to download Crococryptfile Installation File from sourceforge.com. When that file downloaded, then open file and finish installation. After those two file has downloaded completely, you can encrypt any file in your computer easily by just clicking right button on your mouse and choose “Encrypt via Crococryptfile”.

New research shows that a feature of HTML5 that allows websites to find out how much battery power a visitor has left on their device (smartphone or a laptop) can be used to track their presence online.

If you’re wondering why HTML5 has a feature like that in the first place, it’s because it allows websites to serve you a “low power” version of the website when your battery is low. However, security researchers warned last year that this functionality could also be used to write code to track visitor’s online activity, and that’s exactly what is happening now.

Princeton University researchers found two cases where code used the information about the visitor’s device’s life battery to track them across the site where it was found. So now, even though HTML5 is not sending a unique identifier with the information that’s sending about your battery, unique combinations of the numbers could indeed give websites a way to match your battery information with your IP address.

This information could be used in all sorts of way, none of which are good.

HTML5 developers are aware of this problem and are in contact with security researchers, but it’s not clear if they can actually do anything about it, since it seems that the only way to fix this vulnerability is to remove it completely.

Your online browser has a unique fingerprint, which means that, in extension, you have a digital fingerprint that you can (and usually do) leave behind at each location you visit on your internet browser. Digital fingerprints are similar to regular fingerprints – they are often unique to the individual and can be monitored and abused.

In fact, there are companies who are already using fingerprinting on computers in order to learn more information about individuals –their interests and habits. This can be powerful information to have if it’s used to tailor advertising to people.

Actually, I’m sure most people already have had an experience like this: you want to install a grammar and/or a spellchecker for example. You start browsing for free grammar checkers and maybe install one. Suddenly, every other commercial on YouTube is that exact grammar checker you installed. Even Facebook is suggesting you like the grammar’s page.

The problem is, in some countries fingerprinting on computers can be used to spy on people. Although computer users are generally growing in awareness of privacy issues, currently there’s not much that can be done to stop fingerprinting.

That’s why researchers at the University of Adelaide are working on developing new methods for protecting against the fingerprinting of personal computers. Currently, they are seeking the public’s help to better understand which fingerprinting techniques are the most powerful. In order to do this, they have to analyze about 10,000 of online fingerprints, and right now, they have 2500. They say that no personal information will be retained for their project and any data they obtain will be rendered anonymous. The goal is to enable people to protect themselves against being fingerprinted without their consent.