This blog discusses the security of SMS in the context of 5G. In a preceding blog (https://cylab.be/blog/171/sms-based-2-factor-authentication-is-insecure), we already addressed the issue of SMS interception in 2G/3G networks and its potential consequences for 2-Factor Authentication. Here, we analyze the situation within the 5G ecosystem.
ReadInterpreting a 1-D array of pixels is not possible by the human eye. And yet such data is available in several circumstances, like the dump of pixel arrays from RAM or disk, the availability of image files in RAW format (without the width) or when solving a Capture-The-Flag cybersecurity challenge with images.
ReadImage format testing is a necessary action for digital preservation to ensure that the data will be readable in the long term. It may also be part of the solution to detect image manipulation for cybersecurity defense or in Capture-The-Flag exercises.
ReadWe present a discussion on the use of the C and the Python languages and the use of Python calling a C library. Some arguments are general while others arise from the specific application of modifying a .csv (text) file.
ReadWhatever the reason you would like to call C functions from Python, one approach is presented here and consists in creating a C dynamic library, compiled as a .so module and accessing the library thanks to the ctypes package of Python. Explanations are given step by step and stand for a Linux environment (tested with Ubuntu20.04).
ReadC libraries are handy for distribution of programming work or for structuring a large development into units. In the specific case of Python programming, a C dynamic library can be a solution for a missing Python equivalent or if performance in execution time is a concern. We explain hereunder with an example the steps necessary to write a dynamic (shared) C library in Linux (tested on Ubuntu20.04). Another blog describes how to call a C dynamic library from Python ([https://cylab.be/blog/235/calling-c-from-python]).
ReadThe smartphone has become so important in daily life that users should be concerned about its security. We try to explain here some reasons to be or not to be afraid about disclosing the IMSI, the subscriber identity number used in the global telecommunication network.
ReadDisplaying image bit planes, in particular less significant ones, is an important task to reveal some image artefacts due to image degradation or manipulation. In particular, the Least Significant Bit (LSB) of pixel values is heavily used in steganography to hide messages in a cover image. We will see in this blog how to use the Python Imaging Library (PIL) to save and display an image containing some specified bit planes of a given image.
ReadThe US National Institute of Standards and Technology (NIST) has declared in its Digital Authentication Guideline that SMS-based two-factor authentication should be banned due to security concerns [End of SMS-based 2-Factor Authentication; Yes, It's Insecure!]. We explain why in this blog.
Read