http://cubist.cs.washington.edu/Security Tue, 17 Mar 2009 01:02:40 +0000 http://backend.userland.com/rss092 en Wireless access points are a great technology - allowing a user the convenience of accessing the same wired network without wires.  But the vulnerabilites and weak points that they produce can often be overlooked.  Most people install these devices to extend their network to laptop or other wireless users, and ... http://cubist.cs.washington.edu/Security/2009/03/16/current-event-a-broader-look-on-wireless-access-point-vulnerabilities/ A move over scanning the keyboard with infra-red cameras for heat signatures, listening to keystrokes and simple shoulder surfing. Say hello to hacking through thin air or electromagnetic waves, rather. Apparently, all keyboards generate unique electromagnetic waves for every single key pressed and these are really easy to pick up even ... http://cubist.cs.washington.edu/Security/2009/03/13/current-event-keyboard-hacking-from-thin-air/ Chicken coops form the heart of many urban farmers' livelihoods. Providing sustenance directly through eggs, indirectly through fertilization of soil, and supplementing any waste management system through the digestion of otherwise unusable organic matter, the occupants of these structures play a vital role in small-scale subsistence living. Yet with such ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-urban-chicken-coops/ Google has been scanning whole books and archiving them since at least 2004.  More recently, it settled a lawsuit that will allow it to legally copy copyrighted books and making them available online.  Google allows users to search their book archive at Google Book Search, and view samples or in ... http://cubist.cs.washington.edu/Security/2009/03/13/google%e2%80%99s-online-library/ The use of performance enhancing drugs and medical techniques is a serious problem in every sport, but no sport is as notorious for doping scandals as is professional cycling. While Olympic athletes, baseball players, and body builders are often caught boosting, the effect of their “cheating” on the sport, ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-new-weapons-in-the-fight-against-doping/ The Technology The technology being evaluated is the Helios Online Voting Booth, usable at http://www.heliosvoting.org and outlined in the 2008 Usenix Secuirty paper available at the same site. The election system does not create novel cryptographic tools or algorithms, rather it provides a protocol for using existing cryptography to make an ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-helios-online-voting/ For the last couple of years, I have done my taxes online.  Compared to doing them by hand on paper, the online method takes far less time to fill out.  However, it also brings with it the host of security risks associated with entering sensitive data over the internet.  To ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-online-taxes/ Eye-Fi "The Eye-Fi Card stores photos & videos like a normal memory card. When you turn your camera on within range of a configured Wi-Fi network, it wirelessly transfers your photos & videos. To your computer. Or to your favorite photo sharing web site. Or both." The Eye-Fi card is an SD ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-eye-fi/ Big Hollywood parties have big time guest lists, so it's no wonder that many people want to be there.  These include both (mostly) benign fans and some people of the less benign variety.  Hence, security at these events is a big deal.  In 2000, the event's security made national headlines ... http://cubist.cs.washington.edu/Security/2009/03/13/security-review-hollywood-awards-presentations/ Although thanks to Sarah Connor from The Terminator, 1997 wasn't quite the day machines went out of control, autonomous systems become more and more integrated into our lives. Although AI might take many years to get developed to the level of human intelligence, it is also possible that breakthrough is ... http://cubist.cs.washington.edu/Security/2009/03/13/security-reviews-ai/