Secure Multi-Key Homomorphic Encryption with Application to Privacy-Preserving Federated Learning

Whitepaper called Secure Multi-Key Homomorphic Encryption With Application To Privacy-Preserving Federated Learning...

Evaluating Apple Intelligence'S Writing Tools for Privacy against Large Language Model-Based Inference Attacks: Insights from Early Datasets

The misuse of Large Language Models LLMs to infer emotions from text for malicious purposes, known as emotion inference attacks, poses a significant threat to user privacy. In this paper, we investigate the potential of Apple Intelligence's writing tools, integrated across iPhone, iPad, and...

Seventh Sense Unveils Revolutionary Privacy-Preserving Face-Based Public Key Infrastructure and eID Solution

Singapore, SG, 10th September 2024, CyberNewsWire...

Zama Secures $73M Series A Lead for Homomorphic Encryption

By cyberwire Company Open Sources FHE Libraries to Build Privacy-Preserving Blockchain and AI Applications for the First Time. This is a post from HackRead.com Read the original post: Zama Secures $73M Series A Lead for Homomorphic Encryption...

Front-Running

Lines of code Vulnerability details Impact Visible computed input amounts could be susceptible to front-running by malicious actors. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used...

Running Signal Will Soon Cost $50 Million a Year

Signal’s president reveals the cost of running the privacy-preserving platform—not just to drum up donations, but to call out the for-profit surveillance business models it competes against...

CVE-2023-41882

vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/id/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version...

Design/Logic Flaw

vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources such as tasks from that collaboration should be deleted. This is partly to manage data properly, but also to prevent a potential but unlikely side-effect that affects versions...

Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies

Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it's news, a how-to-guide, or a fun video,"...

CVE-2023-23929

Vantage6 CVE-2023-23929 describes a token‑refresh flaw: refresh tokens were allowed to remain valid indefinitely, enabling long‑term access. The issue is fixed in version 3.8.0. Documented CVSSv3.1 metrics indicate high impact (Confidentiality/Integrity/Availability: High) with network access, un...

Researchers Demonstrate New Side-Channel Attack on Homomorphic Encryption

A group of academics from the North Carolina State University and Dokuz Eylul University have demonstrated what they say is the "first side-channel attack" on homomorphic encryption that could be exploited to leak data as the encryption process is underway. "Basically, by monitoring power...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Ill be part of a European Internet Forum virtual debate on June 17, 2021. The topic is "Decrypting the encryption debate: How to ensure public safety with a privacy-preserving and secure Internet?" I’m speaking at the all-online...

Google Will Use 'FLoC' for Ad Targeting Once 3rd-Party Cookies Are Dead

Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022. "Instead, our...

CVE-2020-8276

The implementation of Brave Desktop's privacy-preserving analytics system P3A between 1.1 and 1.18.35 logged the timestamp of when the user last opened an incognito window, including Tor windows. The intended behavior was to log the timestamp for incognito windows excluding Tor windows. Note that...

CVE-2020-15957

An issue was discovered in DP3T-Backend-SDK before 1.1.1 for Decentralised Privacy-Preserving Proximity Tracing DP3T. When it is configured to check JWT before uploading/publishing keys, it is possible to skip the signature check by providing a JWT token with alg=none...

CVE-2020-15957

An issue was discovered in DP3T-Backend-SDK before 1.1.1 for Decentralised Privacy-Preserving Proximity Tracing DP3T. When it is configured to check JWT before uploading/publishing keys, it is possible to skip the signature check by providing a JWT token with alg=none...