Agregátor RSS

An idiot speaks…

Facebook´s chief operating officer Sheryl Sandberg has reiterated the social network´s position that weakening the encryption of messaging apps isn´t going to give governments what they want. Governments and law enforcement agencies are increasingly going public with their frustration that encryption prevents them accessing electronic messages.

The Entropy Engine can deliver 350 Mbps of true random numbers—enough to give a data center enough random data to dramatically improve all cryptographic processes

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.

Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.
v And the bad guys worked at breaking the encryption.
We used longer keys and better algorithms.

And the bad guys kept at it. And life went on.

But something recently changed all that.

With computing power increasing faster than ever before, it´s possible to crack previously secure encryption, and with the advent of quantum computing, that possibility gets ever closer. So now you must ask: Is your encryption good enough?

Alice and Bob are the world’s most famous cryptographic couple. Since their invention in 1978, they have at once been called “inseparable,” and have been the subject of numerous divorces, travels, and torments. In the ensuing years, other characters have joined their cryptographic family. There´s Eve, the passive and submissive eavesdropper, Mallory the malicious attacker, and Trent, trusted by all, just to name a few.

Draft blends asymmetric public/private key encryption and one-time pad analogs.
In case someone manages to make a general purpose quantum computer one day, a group of IETF authors have put forward a proposal to harden Internet key exchange.

While only an “informational” document at this stage, what the authors describe is how to extend Internet Key Exchange v2 (RFC 7296*, IKEv2) to support a quantum-safe key exchange.

Irena Hanzíková přeložila třetinu tzv. Voynichova rukopisu. Obsah ji vede k závěru, že autorem rukopisu je podle textu a s vědomím let, kdy vznikl, i z dalších indicií moravský šlechtic Jiří III. z Lichtenštejna, původem z Mikulova, tridentský biskup a římský kardinál.

Všimněte si ale pochybností (těch seriózněji formulovaných) v diskuzi k článku.

Dobré a přehledné rady jak zabezpečit svůj Smartphone(Android)pro využívání pro internetové bankovnictví.

Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta: Post-Quantum RSA

Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today´s computers while (2) all known attacks are infeasible, even assuming highly scalable quantum computers. As part of the performance analysis, this paper introduces a new algorithm to generate a batch of primes. As part of the attack analysis, this paper introduces a new quantum factorization algorithm that is often much faster than Shor´s algorithm and much faster than pre-quantum factorization algorithms. Initial pqRSA implementation results are provided.

A seamless, easy-to-use, and secure end-to-end encrypted business collaboration tool with no central point of attack is a holy grail for every business, and Boston-based security company PreVeil believes they have the right solution on hand.

Encrypted traffic accounts for a large and growing percentage of all network traffic. While the adoption of SSL, and its successor, Transport Layer Security (TLS), should be cause for celebration – as encryption improves confidentiality and message integrity – it also puts organizations at risk. This is because hackers can leverage encryption to conceal their exploits from security devices that do not inspect SSL traffic.

How serious is the threat? According to a recent Gartner survey, “less than 20% of organizations with a firewall, an intrusion prevention system (IPS) or a unified threat management (UTM) appliance decrypt inbound or outbound SSL traffic.”1 This means that hackers can evade over 80% of companies’ network defenses simply by tunneling attacks in encrypted traffic.

To stop cyber attacks, organizations must gain insight into encrypted data, and to do this, they need a dedicated security platform that can decrypt inbound and outbound SSL traffic.

About new book:

The History and Mystery of the World´s Greatest Ciphers from Ancient Egypt to Online Secret Societies

Craig Bauer Princeton University Press: 2017.

A mystery inside an Enigma

The Enigma has a surprisingly understated design for being such a deadly tool. It could easily be mistaken for a typewriter with a few extra parts, housed in a plain wooden box.

The report covers the present scenario and the growth prospects of the global e-mail encryption market for the period 2016-2020. To calculate the market size, the report considers the revenues generated from e-mail encryption solutions provided to organizations including large organizations, small and medium-sized businesses (SMBs), and government organizations for encrypting business e-mails.

US, UK, Australia, New Zealand and Canada mull leaning hard for access to your info.

Officials from the United States, the United Kingdom, Canada, Australia and New Zealand will discuss next month plans to force tech companies to break encryption on their products.

The so-called Five Eyes nations have a long-standing agreement to gather and share intelligence from across the globe. They will meet in Canada with a focus on how to prevent \"terrorists and organized criminals\" from \"operating with impunity ungoverned digital spaces online,\" according to Australian prime minister Malcolm Turnbull.\"

Viz také - When is ´not a backdoor´ just a backdoor? Australia´s struggle with encryption.

Dále: Backdoors, encryption and internet surveillance: Which way now?

Martin Flöser představil na svém blogu projekt XFree KWin. Cílem projektu je rozběhnout správce oken KWin na Waylandu bez XWaylandu [reddit].

Na webu dnes najdete nepřeberné množství katalogů s aplikacemi, z těch českých třeba Stahuj, a tak si v norské Opeře řekli, že udělají další. Tedy tak trochu. Říkají mu Opera PC Apps Hub a má to být výběr toho nejlepšího a bezplatného s přihlédnutím k tomu, co vývojáři Opery sami ...

Oops, did someone forget to turn on 2FA?

Deloitte, one of the world's "big four" accountancy firms, has fallen victim to a cyberattack that compromised sensitive emails.…

Mike Mimoso talks to Chris Vickery of Upguard of the recent rash of Amazon S3 data leaks.

Mike Mimoso talks to Chris Vickery of Upguard of the recent rash of Amazon S3 data leaks.