Aktuality

Crypto-gurus: Which idiots told the FBI that Feds-only backdoors in encryption are possible?

Security News - 1 hodina 45 min zpět
Four cryptography experts have backed a US Senator´s campaign to force the FBI to explain how exactly a Feds-only backdoor can be added to strong and secure encryption.

The four are: Stanford professor Martin Hellman, of Diffie-Hellman fame and who helped invent the foundations of today´s crypto systems; Columbia professor and USENET co-creator Steve Bellovin; top cryptographer Paul Kocher; and information security guru Bruce Schneier.

All four this week signed a letter (link in article) to Senator Ron Wyden (D-OR) applauding his "effort to find out with whom the bureau has been consulting and which cryptographic experts believe an exceptional access system can be built securely."
Kategorie: Aktuality

Report finds little being done about security threat posed by quantum computing

Security News - 1 hodina 45 min zpět
A report, conducted by the Quantum Safe Security Working Group (QSS WG) within the Cloud Security Alliance (CSA), looks to assess the overall awareness and understanding of quantum security risk and is part of the group's larger effort to develop a future framework for addressing quantum computing threats.
Kategorie: Aktuality

18 Cryptography Attacks to Watch Out For

Security News - 1 hodina 45 min zpět
Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them. For example, cryptanalysts seek to decrypt ciphertexts without knowledge of the plaintext source, encryption key or the algorithm used to encrypt it; cryptanalysts also target secure hashing, digital signatures and other cryptographic algorithms.
Kategorie: Aktuality

Cryptographic Hashes: What They Are, and Why You Should be Friends

Security News - 1 hodina 45 min zpět
Description of cryptographic hashes and practical examples of how to calculate them.
Kategorie: Aktuality

Did Codebreakers Crack This Mysterious Medieval Manuscript?

Security News - 1 hodina 45 min zpět
The 600-year-old Voynich Manuscript is one of the biggest mysteries in cryptology. Scientists are using AI to try to read it.

A pair of Canadian codebreakers may have deciphered a 600-year-old book that has been baffling cryptologists for centuries. But, more likely, they probably haven't.

In a study published in the journal Transactions of the Association of Computational Linguistics, computing scientists from the University of Alberta used an algorithm to try to decode parts of the Voynich Manuscript, a medieval book written in an undecipherable code with an unknown language.

But other scholars are skeptical, and the manuscript remains a document very much shrouded in mystery.
Kategorie: Aktuality

The Ransomware Survival Handbook

Security News - 1 hodina 45 min zpět
When a ransomware infection spreads through your network, its goal is to encrypt any files it can access (even backups) as quickly as possible. That can happen in a matter of minutes or even seconds. And from there, the clock starts ticking. Because everyone is expecting you to get things back up and running.

Read The Ransomware Survival Handbook and learn how to recover quickly and effectively (and not get hit again).
Kategorie: Aktuality

Authentication today: Moving beyond passwords

Security News - 1 hodina 45 min zpět
A new global study from IBM Security examining consumer perspectives around digital identity and authentication, found that people now prioritize security over convenience when logging into applications and devices.
Kategorie: Aktuality

What cryptographic key generation needs is a good source of entropy

Security News - 1 hodina 45 min zpět
… algorithms, we know, are not always correctly implemented …
Kategorie: Aktuality

What is SSL/TLS? (And why it’s time to upgrade to TLS 1.3)

Security News - 1 hodina 45 min zpět
The TLS protocol encrypts internet traffic of all types, making secure internet communication (and therefore internet commerce) possible. Here are the basics of how it works and what comes next.
Kategorie: Aktuality

Skype users are finally getting end-to-end encryption

Security News - 1 hodina 45 min zpět
The move was announced on Thursday by Open Whisper Systems, the software organization behind the open source Signal Protocol, which has been implemented by Microsoft to offer the feature.

The option, named Private Conversations, is currently being tested by Skype Insiders and has some temporary limitations.
Kategorie: Aktuality

Germany´s proposed anti-cryptography bill: backdoors and hack-backs

Security News - 1 hodina 45 min zpět
This week, German authorities will introduce a law that will allow law enforcement agencies to order companies to insert back doors into their products to assist in law enforcement queries; the law is backed by Thomas de Maizière, Germany´s Interior Minister.

Viz také : Germany Preparing Backdoor Law.
Kategorie: Aktuality

F5 DROWNing, not waving, in crypto fail

Security News - 1 hodina 45 min zpět
If you're an F5 BIG-IP sysadmin, get patching: there's a bug in the company's RSA implementation that can give an attacker access to encrypted messages.
Kategorie: Aktuality

Will quantum computing break the Internet?

Security News - 1 hodina 45 min zpět
While the principles of quantum computing are certainly complex, at a high level, the risk from quantum computing can be understood fairly quickly. Unlike a digital computer bit, which can only be a zero or one, a quantum bit, or qubit, can be a zero, one, and everything in between – all at the same time. For those who are not quantum physicists, this can be mind-blowing, but the result is that a quantum computer can offer such a huge speed-up to solving certain problems, that some problems previously thought to be nearly impossible to solve may soon be solved.
Kategorie: Aktuality

Your Browser Could Be Mining Cryptocurrency For a Stranger

Security News - 1 hodina 45 min zpět
There´s something new to add to your fun mental list of invisible internet dangers. Joining classic favorites like adware and spyware comes a new, tricky threat called “cryptojacking,” which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site.
Kategorie: Aktuality

EU: No encryption backdoors but, eh, let´s help each other crack that crypto, oui? Ja?

Security News - 1 hodina 45 min zpět
The European Commission has proposed that member states help each other break into encrypted devices by sharing expertise around the bloc.

In an attempt to tackle the rise of citizens using encryption and its effects on solving crimes, the commission decided to sidestep the well-worn, and well-ridiculed, path of demanding decryption backdoors in the stuff we all use.

Instead, the plans set out in its antiterrorism measures on Wednesday take a more collegiate approach – by offering member states more support when they actually get their hands on an encrypted device.
Kategorie: Aktuality

Hacknite digitálny podpis Kaliňáka. Firma vypísala odmenu

Security News - 17 Únor, 2018 - 12:30
Odmenu 1337 eur v piatok vypísala IT firma Hacktrophy za odhalenie podrobností o elektronickom podpise ministra vnútra Roberta Kaliňáka.
Urobila tak po tom, keď sám minister verejne vyzval k „hacknutiu“ svojho občianskeho preukazu s čipom, ktorý podľa oznámenia vedcov z Brna obsahuje vážne bezpečnostné riziko.

Viz také:
Kategorie: Aktuality

KRACK WPA2 protocol Wi-Fi attack: How it works and who\'s at risk

Security News - 5 Únor, 2018 - 14:00
A vulnerability in the WPA2 protocol used in secured Wi-Fi networks allows hackers to force devices to install arbitrary encryption keys. Here are the details of how the attack works.
Kategorie: Aktuality

Amber Rudd: The little people don´t need encryption

Security News - 5 Únor, 2018 - 14:00
An idiot speaks…
Kategorie: Aktuality

Facebook COO Sheryl Sandberg: Crypto ban won´t help trap terrorists

Security News - 5 Únor, 2018 - 14:00
Facebook´s chief operating officer Sheryl Sandberg has reiterated the social network´s position that weakening the encryption of messaging apps isn´t going to give governments what they want. Governments and law enforcement agencies are increasingly going public with their frustration that encryption prevents them accessing electronic messages.
Kategorie: Aktuality

True random numbers are here — what that means for data centers

Security News - 5 Únor, 2018 - 14:00
The Entropy Engine can deliver 350 Mbps of true random numbers—enough to give a data center enough random data to dramatically improve all cryptographic processes

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.

Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.
v And the bad guys worked at breaking the encryption.
We used longer keys and better algorithms.

And the bad guys kept at it. And life went on.

But something recently changed all that.
Kategorie: Aktuality
Syndikovat obsah