Browsed by
Month: March 2015

Europol chief warns on computer encryption

Europol chief warns on computer encryption

A European police chief says the sophisticated online communications are the biggest problem for security agencies tackling terrorism. Hidden areas of the internet and encrypted communications make it harder to monitor terror suspects, warns Europol’s Rob Wainwright. “Tech firms should consider the impact sophisticated encryption software has on law enforcement”, he said. A spokesman for TechUK, the UK’s technology trade association, said: “With the right resources and cooperation between the security agencies and technology companies, alongside a clear legal framework for…

Read More Read More

FBI Quietly Removes Recommendation To Encrypt Your Phone… As FBI Director Warns How Encryption Will Lead To Tears

FBI Quietly Removes Recommendation To Encrypt Your Phone… As FBI Director Warns How Encryption Will Lead To Tears

Back in October, we highlighted the contradiction of FBI Director James Comey raging against encryption and demanding backdoors, while at the very same time the FBI’s own website was suggesting mobile encryption as a way to stay safe. Sometime after that post went online, all of the information on that page about staying safe magically disappeared, though thankfully I screenshotted it at the time: If you really want, you can still see that information over at the Internet Archive or in…

Read More Read More

Multiple Digital Certificate Attacks Affect 100% of UK Businesses

Multiple Digital Certificate Attacks Affect 100% of UK Businesses

All—as in 100%—of UK organizations have responded to multiple attacks on keys and certificates in the past two years. The Ponemon Institute found that attacks are becoming more widespread as the number of keys and certificates deployed on infrastructure such as web servers, network appliances and cloud services has grown by 40% to almost 24,000 per enterprise over the past two years. Russian cyber-criminals, for instance, recently stole digital certificates from one of the top five global banks, enabling them…

Read More Read More

Bee behaviour mapped by tiny trackers

Bee behaviour mapped by tiny trackers

A tiny new tracker designed to monitor bee behaviour is being tested by ecologists at Kew Gardens in London. It is made from off-the-shelf technology and is based on equipment used to track pallets in warehouses, said its creator Dr Mark O’Neill. Readers, used to pick up a signal from the kit, are connected to Raspberry Pi computers, which log the readings. The device has a reach of up to 2.5m (8.2ft). Previously used models were restricted to 1cm (0.4in)….

Read More Read More

Encryption not the way to tackle DStv: DOC

Encryption not the way to tackle DStv: DOC

Government should make better use of regulatory tools and legislation to foster a more competitive environment in South Africa’s pay-television industry rather than requiring that conditional access technology be included in state-subsidised set-top boxes. That’s the view of Solly Mokoetle, the head of the digital migration project at the department of communications (DOC). “The issue of control access is that of pay-TV operators,” says Mokoetle. Government’s role in the digital migration process, he says, is to ensure that it happens…

Read More Read More

Encryption today: how safe is it really?

Encryption today: how safe is it really?

When checking your email over a secure connection, or making a purchase from an online retailer, have you ever wondered how your private information or credit card data is kept secure? Our information is kept away from prying eyes thanks to cryptographic algorithms, which scramble the message so no-one else can read it but its intended recipient. But what are these algorithms, how did they come to be widely used, and how secure really are they? Coded messages The first…

Read More Read More

New bugs uncovered in encryption software

New bugs uncovered in encryption software

New bugs in the widely used encryption software known as OpenSSL were disclosed on Thursday, though experts say do not pose a serious threat like the “Heartbleed” vulnerability in the same technology that surfaced a year ago. “Heartbleed” triggered panic throughout the computer industry when it was reported in April 2014. That bug forced dozens of computers, software and networking equipment makers to issue patches for hundreds of products, and their customers had to scour data centers to identify vulnerable…

Read More Read More

Yahoo Rolls Out End-To-End Encryption For Email

Yahoo Rolls Out End-To-End Encryption For Email

Back in 2012 (pre-Snowden!), we wrote about why Google should encrypt everyone’s emails using end-to-end encryption (inspired by a post by Julian Sanchez saying the same thing. Since then, securing private communications has become increasingly important. That’s why we were happy to see Google announce that it was, in fact, working on a project to enable end-to-end encryption on Gmail, though it was still in the early stages. In December of last year, Google moved that project to Github, showing…

Read More Read More

Can software-based POS encryption improve PCI compliance?

Can software-based POS encryption improve PCI compliance?

In the wake of the recent Verizon report that shows that 80 percent are out of PCI DSS compliance between audits, some vendors are urging the PCI Council to consider approving software-based point-to-point encryption, in addition to the current hardware-based standard. PCI-approved, hardware-based P2PE allows merchants to drastically shrink the systems subject to compliance, reducing both risks and costs, and will make it easier to stay compliant. Self-destructing hardware is a “security bonus,” but in general, hardware-based P2PE technology is…

Read More Read More

Tired of forgetting your password? Yahoo says you don’t need one any more

Tired of forgetting your password? Yahoo says you don’t need one any more

Passwords: easily forgotten, but also easily guessed. It’s a bitter irony that minutes can be spent racking brains trying to remember whether a required security question answer is a pet’s name, first school or place of birth – meanwhile a cyber-criminal is merrily typing in a person’s favourite colour and relieving bank accounts of hard-earned wages. Well, now Yahoo might have made the process easier – at least when it comes to accessing email. The Californian tech giant is rolling…

Read More Read More