<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>spoofing &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/spoofing/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Tue, 23 Sep 2025 18:23:15 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Malicious-Looking URL Creation Service</title>
		<link>https://noise.getoto.net/2025/09/25/malicious-looking-url-creation-service/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 25 Sep 2025 11:02:27 +0000</pubDate>
				<category><![CDATA[Phishing]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70859</guid>

					<description><![CDATA[This site turns your URL into something sketchy-looking.
For example, www.schneier.com becomes
https://cheap-bitcoin.online/firewall-snatcher/cipher-injector/phishing_sniffer_tool.html?form=inject&#38;host=spoof&#38;id=bb1bc121&#38;parameter=inject&#38;payload=%28func...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>AI Data Poisoning</title>
		<link>https://noise.getoto.net/2025/03/26/ai-data-poisoning/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 26 Mar 2025 11:07:13 +0000</pubDate>
				<category><![CDATA[AI]]></category>
		<category><![CDATA[botnets]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70048</guid>

					<description><![CDATA[<p>Cloudflare has a <a href="https://arstechnica.com/ai/2025/03/cloudflare-turns-ai-against-itself-with-endless-maze-of-irrelevant-facts/">new feature</a>—available to free users as well—that uses AI to generate random pages to feed to AI web crawlers:</p>
<blockquote><p>Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the crawler’s computing resources. The approach is a notable shift from the standard block-and-defend strategy used by most website protection services. Cloudflare says blocking bots sometimes backfires because it alerts the crawler’s operators that they’ve been detected.</p>
<p>“When we detect unauthorized crawling, rather than blocking the request, we will link to a series of AI-generated pages that are convincing enough to entice a crawler to traverse them,” writes Cloudflare. “But while real looking, this content is not actually the content of the site we are protecting, so the crawler wastes time and resources.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Security Vulnerability of HTML Emails</title>
		<link>https://noise.getoto.net/2024/04/08/security-vulnerability-of-html-emails/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 08 Apr 2024 11:03:44 +0000</pubDate>
				<category><![CDATA[email]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68733</guid>

					<description><![CDATA[<p>This is a <a href="https://lutrasecurity.com/en/articles/kobold-letters/">newly discovered</a> email vulnerability:</p>
<blockquote><p>The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible. A phishing email you <i>had</i> to trust because you knew the sender and they even confirmed that they had forwarded it to you.</p>
<p>This attack is possible because most email clients allow CSS to be used to style HTML emails. When an email is forwarded, the position of the original email in the DOM usually changes, allowing for CSS rules to be selectively applied only when an email has been forwarded...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Fooling a Voice Authentication System with an AI-Generated Voice</title>
		<link>https://noise.getoto.net/2023/03/01/fooling-a-voice-authentication-system-with-an-ai-generated-voice/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 01 Mar 2023 12:06:14 +0000</pubDate>
				<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[authentication]]></category>
		<category><![CDATA[banking]]></category>
		<category><![CDATA[biometrics]]></category>
		<category><![CDATA[deep fake]]></category>
		<category><![CDATA[fraud]]></category>
		<category><![CDATA[identification]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[voice recognition]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66991</guid>

					<description><![CDATA[A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd&#8217;s Bank.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Successful Hack of Time-Triggered Ethernet</title>
		<link>https://noise.getoto.net/2022/11/18/successful-hack-of-time-triggered-ethernet/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 18 Nov 2022 15:04:41 +0000</pubDate>
				<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[Embedded Systems]]></category>
		<category><![CDATA[hardware]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66174</guid>

					<description><![CDATA[<p>Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have <a href="https://arstechnica.com/information-technology/2022/11/researchers-break-security-guarantees-of-tte-networking-used-in-spacecraft/">defeated it</a>:</p>
<blockquote><p>On Tuesday, researchers <a href="https://web.eecs.umich.edu/~barisk/public/pcspoof.pdf">published findings</a> that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. The attack works by exploiting a vulnerability in the TTE protocol. The work was completed by researchers at the University of Michigan, the University of Pennsylvania, and NASA’s Johnson Space Center...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Finding the Location of Telegram Users</title>
		<link>https://noise.getoto.net/2021/01/14/finding-the-location-of-telegram-users/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 14 Jan 2021 12:08:27 +0000</pubDate>
				<category><![CDATA[Android]]></category>
		<category><![CDATA[geolocation]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Telegram]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60732</guid>

					<description><![CDATA[<p>Security researcher Ahmed Hassan has shown that spoofing the Android’s “People Nearby” feature allows him to <a href="https://arstechnica.com/information-technology/2021/01/telegram-feature-exposes-your-precise-address-to-hackers/">pinpoint</a> the physical location of Telegram users:</p>
<blockquote><p>Using readily available software and a rooted Android device, he’s able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user’s precise location.</p>
<p>[…]</p>
<p>A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations. He then drew a circle around each of the three locations with a radius of the distance reported by Telegram. The user’s precise location was where all three intersected...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Split-Second Phantom Images Fool Autopilots</title>
		<link>https://noise.getoto.net/2020/10/19/split-second-phantom-images-fool-autopilots/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 19 Oct 2020 11:28:57 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[cars]]></category>
		<category><![CDATA[machine learning]]></category>
		<category><![CDATA[spoofing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60332</guid>

					<description><![CDATA[<p>Researchers are <a href="https://www.wired.com/story/tesla-model-x-autopilot-phantom-images/">tricking autopilots</a> by inserting split-second images into roadside billboards.</p>
<blockquote><p>Researchers at Israel&#8217;s Ben Gurion University of the Negev &#8230; previously revealed that they could use split-second light projections on roads to successfully trick Tesla&#8217;s driver-assistance systems into automatically stopping without warning when its camera sees spoofed images of road signs or pedestrians. In new research, they&#8217;ve found they can pull off the same trick with just a few frames of a road sign injected on a billboard&#8217;s video. And they warn that if hackers hijacked an internet-connected billboard to carry out the trick, it could be used to cause traffic jams or even road accidents while leaving little evidence behind...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 32/147 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-10 20:48:31 by W3 Total Cache
-->