Open-source web browser Brave has unveiled a new private information retrieval scheme dubbed 'FrodoPIR' that would enable hidden queries to database servers, reports The Hacker News.
Such technology could bolster safe browsing, password scanning against compromised databases, and certificate revocation checking, according to Brave. While homomorphic encryption leveraged to enable PIR could either be costly in bandwidth or processing duration, FrodoPIR's offline and online steps enable increased efficiency. "In terms of performance for a database of 1 million KB elements, FrodoPIR requires <1 second for responding to a client query, has a server response size blow-up factor of > 3.6x, and financial costs are ~$1 for answering client queries," said Brave.
Brave's new FrodoPIR technology follows Google's move to open-source privacy-enhacing technologies Magritte and Fully Homomorphic Encryption Transpiler. Both technologies "will provide the broader developer community (researchers, governments, nonprofits, businesses and more) new ways to deploy and enhance privacy features in their own work," said Google.
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Using such information to contact organizations with internet-accessible programmable logic controllers resulted in a 34% reduction in PLC exposure in just a month, according to researchers, who noted testing the algorithm on Allen Bradley, Omron, and Wago PLCs.
Also known as RISK:STATION, the zero-click vulnerability could be leveraged to compromise millions of devices, according to Midnight Blue researchers, who discovered and reported the issue at Pwn2Own Ireland.
Impacted by the flaw, which stems from improper input validation to the web-based management interface, are Catalyst IW9165E Rugged Access Points and Wireless Clients, Catalyst IW9165D Heavy Duty Access Points, and Catalyst IW9167E Heavy Duty Access Points with activated URWB, noted Cisco.