Items tagged with Encryption

Security researchers are warning anyone who uses PGP (Pretty Good Privacy) or S/MIME for email encryption to disable the scheme in their email clients right away, and to uninstall tools that automatically decrypt PGP-encrypted email, due to a security flaw. They've discovered a critical vulnerability dubbed EFAIL that could allow an attacker to view the contents of encrypted messages in plaintext, including emails that have been sent in the past. "There are currently no reliable fixes for the vulnerability. If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in... Read more...
The Federal Bureau of Investigation butted heads with Apple in 2016 and 2017 when the Cupertino company refused to build a backdoor into its iPhone handsets, which would allow law enforcement agencies to access locked devices at the expense of security for millions of iOS users. Fast forward to today and there's a report that law enforcement now has access to an inexpensive software tool that accomplishes the same thing. According to Motherboard, federal agencies and police forces across the country have been using a cheap tool called GrayKey thwart the encryption schemes of fully updated iPhone... Read more...
Skype has announced something that some users have wanted for a long time: end-to-end encryption for conversations. Skype Insiders can preview the new encryption feature right now, and it's called Private Conversations. With these conversations, end-to-end encryption for audio calls, text messages, images, audio files, and videos are now supported.  Private Conversations uses industry standard Signal Protocol by Open Whisper Systems. When you participate in one of the private sessions, that chat is hidden in notifications to keep what you share private. Microsoft's Ellen Kilbourne wrote, "Give... Read more...
Here we go again. In 2016, authorities tried to legally compel Apple to unlock an iPhone model that belonged to one of the terrorists in the San Bernardino shooting that left more than a dozen people dead. Apple resisted, and the Federal Bureau of Investigation dropped its lawsuit before the legal matter had a chance to fully play out in court. That may still happen, as authorities in Texas have searched Apple with a search warrant for various data contained on an iPhone belonging to Devin Patrick Kelley, the person behind the mass shooting in Sutherland Springs. Kelley slaughtered 26 people in... Read more...
Most people have probably never been to Cloudflare's San Francisco office, but those who have been there would have noticed a large wall of lava lamps in the lobby. It is hard to miss—after all, it is not everyday that you come across dozens of lava lamps arranged on a set of shelves, not even in Spencer's where these groovy items are commonly found. What is not immediately obvious, however, is that the wall of lava lamps is not for decoration. Cloudfare is using them for encryption. It sounds wild, but for all that computers are capable of doing, the are not that great at picking random numbers.... Read more...
There's no secret that the FBI is not a big fan of device encryption on devices like smartphones. As we saw in the San Bernardino incident, then FBI director James Comey attempted to bully Apple into providing a backdoor to iOS and the Touch ID safe enclave in order to break into an iPhone 5s that was used by one of the terrorists. Apple refused to cave in, and the FBI eventually went with an outside firm to crack the device. Comey's successor, Christopher Wray, is once again fanning the flames when it comes to the debate between giving law enforcement agencies the tools necessary to unlock... Read more...
In an effort to boost security on Android devices, Google is testing a feature called DNS (Domain Name Server) over TLS (Transport Layer Security) to protect users from hackers who might be spying on a site's traffic, according to the Android Open Source Project (AOSP). This experimental feature is currently fielding comments at the Internet Engineering Task Force (IETF). an Internet standards group.The DNS over TLS protocol encrypts DNS inquiries to same level as HTTPS, effectively blocking cyber snoops from logging or otherwise seeing the websites that users visit. HTTPS alone does not offer... Read more...
The new iStorage diskAshur2 is a specialized, external hard drive geared toward security conscious consumers. The diskAshur2 is a little pricey, and although it's no slouch in the speed department (we'll get into that in a bit), it's certainly not going to compete with that shiny new internal SSD you've got your eye on in terms of transfer speeds either. But here's the thing: It's plenty fast enough for just about anything you'd want to do, and just as importantly, it's both rugged and secure. So, despite a somewhat lofty asking price, the diskAshur2 is actually a pretty good deal. If you need... Read more...
In an era where high profile data breaches are becoming far too common, IBM has a solution that could help. The company on Monday unveiled IBM Z, a next generation mainframe that is is billing as the world's most powerful transaction system. Just as importantly, it offers pervasive encryption so that all data is encrypted all of the time, whether it is part of an application, cloud service, or chunks of bits in a database. "The vast majority of stolen or leaked data today is in the open and easy to use because encryption has been very difficult and expensive to do at scale," said Ross Mauri, General... Read more...
Here's something you don't see too often: a ransomware creator unearthing the master decryption key for public consumption. That's exactly what we're seeing from Petya's original developer, allowing those affected by certain versions of Petya to recover their data, and developers the ability to create decrypters to make the entire process that much easier. Unfortunately, there are a number of major caveats here. The biggest one is the fact that most of those affected by these specific versions of Petya dealt with it last year, not recently. It stands to reason that many of those folks did not clone... Read more...
We took part in an interesting demo this week that was both eye-opening and somewhat alarming. We met with representatives from Synaptics to discuss what we thought would be its latest sensor technology or HCI device, but were treated to a real-world hacking display that would leave most people slack-jawed. Why, you ask? Because in only a few minutes, an image of my fingerprint had been stolen and duplicated, and it was used to gain access to my smartphone (and a demo notebook), but it could have just as easily been a personal / corporate laptop or any other device with a fingerprint sensor.It... Read more...
A terrorist attack in the UK has sparked a debate over whether encrypted services should provide backdoor access to law enforcement. The terrorist, Khalid Masood, killed four people in Westminster. It is believed that Masood used the encrypted communication service WhatsApp just minutes before the attack. That prompted UK's house secretary Amber Rudd to pressure WhatsApp and other services to rethink their approach to encryption."It is completely unacceptable, there should be no place for terrorists to hide. We need to make sure that organizations like WhatsApp, and there are plenty of others like... Read more...
An appeals court in Florida has overturned a previous ruling that stated a man suspected of voyeurism should not be compelled to give up the passcode to his iPhone as it violate the Fifth Amendment and force him to testify against himself. The appeals court disagreed with that ruling and has ordered the iPhone owner to provide his four-digit passcode to law enforcement.Police arrested Aaron Stahl after a woman who was out shopping allegedly saw him bend down and extend and an illuminated mobile phone under her skirt. Court records say that when she confronted Stahl about the incident, he claimed... Read more...
When the topic of encryption comes up, it is often related to smartphones and tablets, and the differing opinions on the matter between hardware makers such as Google and Apple versus government agencies. Those are not the only areas where encryption matters. In an open letter to the camera makers around the world, Freedom of the Press Foundation makes a plea to build encryption into still photo and video cameras to protect the "safety and security" of photojournalists and filmmakers, along with their sources.The open letter is signed by more 150 documentary filmmakers and photojournalists. It... Read more...
1 2 3 4 5 Next ... Last