Invisible world
空间首页 | 博客 | 好友分享 | 日记 | 书签 | 存档 | 朋友和群组 | 个人资料 | 留言

  • Invisible world

  • grinder
    Can I do something for you?

文章分类

缺省  
make money  
manage money  
technology  
events  
health  
Twitter  

搜 索

 

最新日志

洪湖赤卫队背后真相骇人听闻
随着AI的强大和成熟,碳基人和碳基人的交流会逐渐减少
试了一下,吃草真的不行
死去的人知道自己已经死了吗?
如果发生战争,海外五毛粉红会争先恐后上战场,感人
疫苗是个好东西
许家印传
文明人的复仇
毋庸置疑,疫情已经变成一个划时代的事件了
你保守秘密的能力如何?

最新访客

carbohydra...
刘大妈
adamhales487
Hewett
lost_way
退休大妈
温西大娘
被禁用户
pws07
中华龙		    

友情链接

加拿大家庭旅馆列表
加拿大理财秘密
个人私家收藏
北美免费二手买卖网站
Today's Amazon deals
更多...

统计信息

  • 点击: 1606153
    帖子数量: 8993
    开辟个人空间: 2009-01-03
    最后更新: 2025-06-15
  •  
  •  
     
     
     
     

All your computer security precautions are worthless

 
文章内容
[ 2009-11-06 22:25:53 | By: grinder ]
 
All your computer security precautions are worthless
By Christopher Null
.Install your Windows Updates. Update your antivirus software. Scan your system regularly. Keep religious backups. It's all good advice -- and it's advice that I give to readers on a near-daily basis.

And maybe it's all meaningless.

MIT researchers are warning that it doesn't matter much what security measures you take with your computer. If someone wants in, they're getting in.

The latest concern/attack involves data "leakage," the idea that no matter how secure your data might be in storage (even if it's encrypted), once it's in actual use, it's fair game. One area of research involves cached data: Say you decrypt your secret spreadsheet outlining your plans for world domination and have it open on your desktop. Other programs running in the background uses that same working area (the cache) on the machine... and, coded properly, one such program could relatively easily "steal" what else is going on in the cache at that time.

A variation on such an attack has been used to break otherwise rock-solid AES encryption keys. Called "cache timing," the attack determines which specific portions of a computer's memory are used during a decryption process, and can rebuild the key -- in seconds -- just by looking at the pattern of those memory accesses.

Up next: Researchers are investigating whether these attacks can be applied to so-called cloud computing situations. It's one thing to get a piece of malicious software installed on your personal computer (where you might find it easily), but what if you're sharing time on a server on the net? Attackers could run programs on shared servers that watch the cache on that server for other people's data. Just watch for busy servers and run your app when something good is going on, and you're none the wiser... Kind of scary stuff.

How you feeling about your spyware security system now?
 
 
QR Code
请用微信 扫一扫 扫描上面的二维码,然后点击页面右上角的 ... 图标,然后点击 发送给朋友分享到朋友圈,谢谢!
分享:
分享到微信

文章评论

nessus		 无题
这个我觉得根本没什么。进入电脑时代不知道为什么大家反而觉得安全性理所当然的就要做到天衣无缝一样。可是想想现实生活中,又有啥安全可言?一脚就把门踢开进家里,21世纪了,开得车还是玻璃车窗,一敲就碎...。钱包里几乎有一个人的所有信息,我们怎么保护?就放在裤子兜里而已...

人或者每时每刻就是在和probability做“斗争”,仅此而已,怕啥。
2009-11-07 10:39:34 | 引用

发表评论

The images, logos, trademarks used on this site and all forwarded content are the property of their respective owners.
We are not responsible for comments posted by our visitors, as they are the property of the poster.
All other content of this website is copyrighted by 加西网
Private Policy | skin designed by WWW.BLOGWORLD.COM.CN

加西网为北美中文网传媒集团旗下网站