Researchers go hunting for Netflix’s Bandersnatch

A new research paper from the Indian Institute of Technology Madras explains how popular Netflix interactive show Bandersnatch could fall victim to a side-channel attack. In 2016, Netflix began adding TLS (Transport Layer Security) to their video content to ensure strangers couldn’t eavesdrop on viewer habits. Essentially, now the videos on Netflix are hidden away behind HTTPS—encrypted and … [Read more...]

HTTPS: why the green padlock is not enough

When goods get sold in large quantities, the price goes down. This might not be the first law of economics, but it’s applicable. An extrapolation of this is that if there are practically no production costs and no raw materials involved, prices of such goods will drop to zero. Usually, they will be offered as free gifts to promote the sale of other, more costly goods. Something like this has … [Read more...]

A week in security (March 26 – April 01)

Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one can protect their P2P payment apps. Other news “Lone wolf” sextortionists pose as hot … [Read more...]

TLS 1.3 is nearly here

TLS stands for “Transport Layer Security” and it’s rather important. Why’s that? Oh, I’m glad you asked. Here’s me, yelling my password across the office to you: “PASSWORD!!!” You heard me loud and clear, right? But so did basically anyone else nearby. Now let’s work in a little TLS love and attention, and yell again: “Large pile of … [Read more...]