Reproducing keys from distant and angled photographs: Abstract:The access control provided by a physical lock is based on the assumption that the information content of the corresponding key is private --- that duplication should require either possession of the key or a priori knowledge of how it was cut. However, the ever-increasing capabilities and prevalence of digital imaging technologies present...

During a daring bank robbery in Sweden that involved a helicopter, the criminals disabled a police helicopter by placing a package with the word "bomb" near the helicopter hangar, thus engaging the full caution/evacuation procedure while they escaped. I wrote about this exact sort of thing in Beyond Fear....

New experiment demonstrates what we already knew: That's because people tend to view their immediate emotions, such as their perceptions of threats or risks, as more intense and important than their previous emotions. In one part of the study focusing on terrorist threats, using materials adapted from the U.S. Department of Homeland Security, Van Boven and his research colleagues presented...

Crypteto has a 49,152-bit symmetric key: The most important issue of any encryption product is the 'bit key strength'. To date the strongest known algorithm has a 448-bit key. Crypteto now offers a 49,152-bit key. This means that for every extra 1 bit increase that Crypteto has over its competition makes it 100% stronger. The security and privacy this offers...

The average American commits three felonies a day: the title of a new book by Harvey Silverglate. More specifically, the problem is the intersection of vague laws and fast-moving technology: Technology moves so quickly we can barely keep up, and our legal system moves so slowly it can't keep up with itself. By design, the law is built up over...

Turns out "gaydar" can be automated: Using data from the social network Facebook, they made a striking discovery: just by looking at a person's online friends, they could predict whether the person was gay. They did this with a software program that looked at the gender and sexuality of a person's friends and, using statistical analysis, made a prediction. The...

In computer security, a lot of effort is spent on the authentication problem. Whether it's passwords, secure tokens, secret questions, image mnemonics, or something else, engineers are continually coming up with more complicated—and hopefully more secure—ways for you to prove you are who you say you are over the Internet. This is important stuff, as anyone with an online bank...

Nobody tell the TSA, but last month someone tried to assassinate a Saudi prince by exploding a bomb stuffed in his rectum. He pretended to be a repentant militant, when in fact he was a Trojan horse: The resulting explosion ripped al-Asiri to shreds but only lightly injured the shocked prince -- the target of al-Asiri's unsuccessful assassination attempt. Other...

Nice....

First one sighted in the Gulf since 1954: The new specimen, weighing 103 pounds, was found during a preliminary survey of the Gulf during which scientists hope to identify the types of fish and squid that sperm whales feed on. The squid, like other deep catches, was dead when brought to the surface because the animals can't survive the rapid...

Texas Instruments' calculators use RSA digital signatures to authenticate any updates to their operating system. Unfortunately, their signing keys are too short: 512-bits. Earlier this month, a collaborative effort factored the moduli and published the private keys. Texas Instruments responded by threatening websites that published the keys with the DMCA, but it's too late. So far, we have the operating-system...

"Authorities Called in to Examine Suspicious-Looking Ham."...

It's not just hackers who steal financial and medical information: Between April 2007 and January 2008, visitors to the Kmart and Sears web sites were invited to join an "online community" for which they would be paid $10 with the idea they would be helping the company learn more about their customers. It turned out they learned a lot more...

I already blogged about this; there's more information in this new article: Included in the items the German army allowed humanitarian groups to distribute in care packages to imprisoned soldiers, the game was too innocent to raise suspicion. But it was the ideal size for a top-secret escape kit that could help spring British POWs from German war camps. The...

This is a good thing: An Illinois district court has allowed a couple to sue their bank on the novel grounds that it may have failed to sufficiently secure their account, after an unidentified hacker obtained a $26,500 loan on the account using the customers' user name and password. [...] In February 2007, someone with a different IP address than...

This is an important development: Shor's algorithm was first demonstrated in a computing system based on nuclear magnetic resonance -- manipulating molecules in a solution with strong magnetic fields. It was later demonstrated with quantum optical methods but with the use of bulk components like mirrors and beam splitters that take up an unwieldy area of several square meters. Last...

Back in 2005, I wrote about the failure of two-factor authentication to mitigate banking fraud: Here are two new active attacks we're starting to see: Man-in-the-Middle attack. An attacker puts up a fake bank website and entices user to that website. User types in his password, and the attacker in turn uses it to access the bank's real website. Done...

Interesting: For nine months, Eagle's team recorded data from the phones of 94 students and staff at MIT. By using blue-tooth technology and phone masts, they could monitor the movements of the participants, as well as their phone calls. Their main goal with this preliminary study was to compare data collected from the phones with subjective self-report data collected through...

Good essay on "terrorist havens" -- like Afghanistan -- and why they're not as big a worry as some maintain: Rationales for maintaining the counterinsurgency in Afghanistan are varied and complex, but they all center on one key tenet: that Afghanistan must not be allowed to again become a haven for terrorist groups, especially al-Qaeda. [...] The debate has largely...

Interview with Jonathan Coulton....