Advocates Hopeful 2018 Survey Reveals Decline in Homeless Veterans Population

first_img Dan Cohen AUTHOR Early returns from the 2018 survey of the nation’s homeless population in Los Angeles County provide a reason to believe that last year’s rise in the number of homeless veterans nationwide, the first increase since 2010, may have been reversed. Los Angeles officials last week revealed that their preliminary estimates indicate an 18 percent decline in veteran homelessness in the county, reports Military Times. “While there is still more work to do, the decrease signals that our strategies are working, bringing us a little bit closer to ending veteran homelessness in Los Angeles,” said Ann Brown, director at VA Greater Los Angeles Healthcare System. The estimate of homeless veterans dropped from nearly 74,000 in 2010 to just above 40,000 in 2016, before increasing about 1.5 percent in 2017, largely due to the rising cost of housing in California.Air Force photo by Senior Airman Timothy Taylorlast_img read more

Continue reading

CRIME attack is shown to decrypt HTTPS web sessions

first_img Security researchers Juliano Rizzo and Thai Duong devised a technique that can attack web sessions that are protected by the Secure Sockets Layer and Transport Layer Security protocols, only when they use certain data-compression schemes. These are compression schemes that reduce network congestion or the time it takes for webpages to load. Security experts have noted that a downside of compression is that it leaks clues about encrypted contents. For the attack to work, a computer user’s client and server hosting the targeted website need to support the vulnerable SSL/TLS features. According to reports, Internet Explorer was never vulnerable because it never supported SPDY or the TLS compression scheme known as Deflate. Apple’s Safari browser doesn’t support SPDY, but its use of compression is unknown.Google and Mozilla released patches after the weaknesses were reported by the researchers. A video taken by Rizzo and Duong shows Github.com, Dropbox.com, and Stripe.com, when visited with Chrome, succumbing to the CRIME attack, but those sites had disabled compression and are no longer vulnerable. Mozilla and Google have prepared patches that block the attack. More information: www.ekoparty.org/2012/juliano-rizzo.php This is a short demo of the CRIME attack against TLS protocol. Rizzo and Duong will take their demo of CRIME to the Buenos Aires, Argentina, security conference, Ekoparty, on September 21. Their attack technique no longer works on the most popular browsers to connect to HTTPS-protected websites, but security watchers believe this is a most useful reminder that the science of encrypton protection knows no rest. Their CRIME exploit is the type of attack that would be a large-scale attack by geopolitical antagonists. In turn, security watchers reasons are paying attention to the researchers’ CRIME technique. Citation: CRIME attack is shown to decrypt HTTPS web sessions (2012, September 14) retrieved 18 August 2019 from https://phys.org/news/2012-09-crime-shown-decrypt-https-web.html This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only. © 2012 Phys.org Hackers target British anti-crime agency website Explore further (Phys.org)—The fun of acronyms is reflected in coming up with CRIME, which stands for Compression Ratio Info-leak Made Easy. What it translates into, though, is not much fun. Two security researchers have developed the CRIME attack that can successfully decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. This, in theory, would be a serious weakness that would enable the hijacking of a user’s session cookie while the user is still authenticated to a website. Encryption protocols are the Internet’s fundamental safety cushion, the basic level of trust, in encrypting traffic that flows over open networks. They cryptographically confirm websites are really operated by those sites rather than cyber-criminals and spies. last_img read more

Continue reading