December 21, 2024

Archives for June 2018

Against privacy defeatism: why browsers can still stop fingerprinting

In this post I’ll discuss how a landmark piece of privacy research was widely misinterpreted, how this misinterpretation deterred the development of privacy technologies rather than spurring it, how a recent paper set the record straight, and what we can learn from all this. The research in question is about browser fingerprinting. Because of differences […]

Fast Web-based Attacks to Discover and Control IoT Devices

By Gunes Acar, Danny Y. Huang, Frank Li, Arvind Narayanan, and Nick Feamster Two web-based attacks against IoT devices made the rounds this week. Researchers Craig Young and Brannon Dorsey showed that a well known attack technique called “DNS rebinding” can be used to control your smart thermostat, detect your home address or extract unique […]

Exfiltrating data from the browser using battery discharge information

Modern batteries are powerful – indeed they are smart, and have a privileged position enabling them to sense device utilization patterns. A recent research paper has identified a potential threat: researchers (from Technion, University of Texas Austin, Hebrew University) devise a scenario where malicious batteries are supplied to user devices (e.g. via compromised supply chains): An […]