Lifeboat Foundation

It comes 3 years after Amazon debuted its ‘handy’ authentication service for consumers.

Amazon’s cloud computing subsidiary AWS (Amazon Web Services) has lifted the lid on a new palm-scanning identity service that allows companies to authenticate people when entering physical premises.

The announcement comes as part of AWS’s annual Re: Invent conference, which is running in Las Vegas for the duration of this week.

Continue reading “AWS brings Amazon One palm-scanning authentication to the enterprise” »

Zero-knowledge proof (ZKP) is a cryptographic tool that allows for the verification of validity between mutually untrusted parties without disclosing additional information. Non-interactive zero-knowledge proof (NIZKP) is a variant of ZKP with the feature of not requiring multiple information exchanges. Therefore, NIZKP is widely used in the fields of digital signature, blockchain, and identity authentication.

Since it is difficult to implement a true random number generator, deterministic pseudorandom number algorithms are often used as a substitute. However, this method has potential security vulnerabilities. Therefore, how to obtain true random numbers has become the key to improving the security of NIZKP.

In a study published in PNAS, a research team led by Prof. Pan Jianwei and Prof. Zhang Qiang from the University of Science and Technology of China (USTC) of the Chinese Academy of Sciences, and the collaborators, realized a set of random number beacon public services with device-independent quantum random number generators as entropy sources and post-quantum cryptography as identity authentication.

https://www.hdiac.org/podcast/neuroweapons-part-1/

In part one of this two-part podcast, HDIAC analyst Mara Kiernan interviews Dr. James Giordano, a Professor in the department of Neurology and Biochemistry at Georgetown University Medical Center. The discussion begins with Dr. Giordano defining neuroweapons and explaining their applied technologies. He provides insight into the manner in which international weapons conventions govern the use neuroweapons and discusses the threats presented by neuroweapons in today’s environment. Dr. Giordano goes on to review the need for continuous monitoring, including his views regarding challenges and potential solutions for effectively understanding global developments in neuroweapon technologies.

Continue reading “HDIAC Podcast — Weaponizing Brain Science: Neuroweapons — Part 1 of 2” »

Cloudflare, the leading content delivery network and cloud security platform, wants to make AI accessible to developers.

While developers can use JavaScript to write AI inference code and deploy it to Cloudflare’s edge network, it is possible to invoke the models through a simple REST API using any language. This makes it easy to infuse generative AI into web, desktop and mobile applications that run in diverse environments.

In September 2023, Workers AI was initially launched with inference capabilities in seven cities. However, Cloudflare’s ambitious goal was to support Workers AI inference in 100 cities by the end of the year, with near-ubiquitous coverage by the end of 2024.

Continue reading “The Future Of AI Is At The Edge: Cloudflare Leads The Way” »

As connectivity continues to expand and the number of devices on a network with it, IoT’s ambition of creating a world of connected things grows. Yet, with pros, comes the cons, and the flip side of this is the growing security challenges that come with it too.

Security has been a perennial concern for IoT since it’s utilisation beyond its use for basic functions like tallying the stock levels of a soda machine. However, for something of such interest to the industry, plans for standardisation remain allusive. Instead, piece meal plans to ensure different elements of security, like zero trust for identity and access management for devices on a network, or network segmentation for containing breaches, are undertaken by different companies according to their needs.

Yet with the advancement of technology, things like quantum computing pose a risk to classic cryptography methods which, among other things, ensures data privacy is secure when being transferred from device to device or even to the Cloud.

In its first 75 years, RAND helped shape how humankind thought about and used space for the benefit of humanity. And it intends to have a similar impact on the next 75 years of space sustainability, security, and governance. Researchers identified concepts worthy of future study.

This is a 1 hour general-audience introduction to Large Language Models: the core technical component behind systems like ChatGPT, Claude, and Bard. What they are, where they are headed, comparisons and analogies to present-day operating systems, and some of the security-related challenges of this new computing paradigm.
As of November 2023 (this field moves fast!).

Context: This video is based on the slides of a talk I gave recently at the AI Security Summit. The talk was not recorded but a lot of people came to me after and told me they liked it. Seeing as I had already put in one long weekend of work to make the slides, I decided to just tune them a bit, record this round 2 of the talk and upload it here on YouTube. Pardon the random background, that’s my hotel room during the thanksgiving break.

Continue reading “[1hr Talk] Intro to Large Language Models” »

Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.

Blackwing Intelligence security researchers discovered vulnerabilities during research sponsored by Microsoft’s Offensive Research and Security Engineering (MORSE) to assess the security of the top three embedded fingerprint sensors used for Windows Hello fingerprint authentication.

Continue reading “Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops” »

Good technologies disappear.

In the company’s cloud market study, almost all organizations say that security, reliability and disaster recovery are important considerations in their AI strategy. Also key is the need to manage and support AI workloads at scale. In the area of AI data rulings and regulation, many firms think that AI data governance requirements will force them to more comprehensively understand and track data sources, data age and other key data attributes.

“AI technologies will drive the need for new backup and data protection solutions,” said Debojyoti ‘Debo’ Dutta, vice president of engineering for AI at Nutanix. “[Many companies are] planning to add mission-critical, production-level data protection and Disaster Recovery (DR) solutions to support AI data governance. Security professionals are racing to use AI-based solutions to improve threat and anomaly detection, prevention and recovery while bad actors race to use AI-based tools to create new malicious applications, improve success rates and attack surfaces, and improve detection avoidance.”

Continue reading “How AI Became A Cloud ‘Workload’” »