Posts Tagged encryption

RSA Product Weakened by NSA

From The Guardian:

RSA, the security arm of the storage company EMC, sent an email to customers telling them that the default random number generator in a toolkit for developers used a weak formula, and they should switch to one of the other formulas in the product.

, , , ,

No Comments

Silent Circle Comments on the NSA

Here is an excerpt of Silent Circle’s  editorial from their company blog:

We at Silent Circle believe these revelations and disclosures are some of the best things that could happen to the technology sector. In fact, the battle for your digital soul has turned strongly towards Privacy’s corner because we now know what we are up against. We are beginning to define the capabilities and tactics of the world’s surveillance machine. Before all of this -we speculated, guessed and hypothesized that it was bad –we were all way off. It’s horrendous. It’s Orwell’s 1984 on steroids. It doesn’t matter –we will win the war.

, , , , , , , ,

No Comments

NSA Employing 35,000 to Break Encrypted Communications

From Wired.com:

The Post’s article doesn’t detail the “groundbreaking cryptanalytic capabilities” Clapper mentions, and there’s no elaboration in the portion of the document published by the paper. But the document shows that 21 percent of the intelligence budget — around $11 billion — is dedicated to the Consolidated Cryptologic Program that staffs 35,000 employees in the NSA and the armed forces.

, , , , , ,

No Comments

US Government Resorting to Mob Tactics

According to Reason.com the owner of the Lavabit email service has been threatened with arrest for shutting down the service rather than cooperate with the government.

, , , , , ,

No Comments

Keeping The NSA Out of Your Life

The Washington Post has a list of some things you can do to increase your security and make it harder for the government to keep tabs on you.

If recentreports are to be believed, the National Security Agency has broad powers to capture private information about Americans. They know who we’re calling, they have access to our Gmail messages and AOL Instant Messenger chats, and it’s a safe bet that they have other interception capabilities that haven’t been publicly disclosed. Indeed, most mainstream communications technologies are vulnerable to government eavesdropping.

Here is an explanation of TOR, software that allows anonymous browsing on the internet:

, , , , , , , ,

No Comments

Whole Disk Encryption At Risk

Elcomsoft has a new product that claims to be able to decrypt some of the most popular encryption software.

Security expert Bruce Schneier comments on it here.

, , , , ,

No Comments

Joe Biden Accidentally Helped Us All E-Mail in Private

From: Danger Room

In the late ’80s and early ’90s, Phil Zimmermann was a Colorado peacenik with a half-written program that he swore would one day let people exchange messages without Big Brother peering inside. The problem was, with a freelance job and two kids, Zimmermann could never quite find the time to finish the damn code — until Joe Biden came along.

more

, , , ,

No Comments

The iPhone Has Passed a Key Security Threshold

From: Technology Review

At the heart of Apple’s security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.

, , , ,

No Comments

Smartphones Leak Encryption

Technology Review reports that an attacker my be able to pick up encryption keys from cellphones with a TV antenna:

The antenna was detecting radio signals “leaking” from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. When Kenworthy tuned his equipment to look in the right place, a clear, regular pattern of peaks and troughs appeared on his computer screen. They could be seen to come in two varieties, large and small, directly corresponding to the string of digital 1s and 0s that make up the encryption key.

, , , , ,

No Comments

Prosecutors Demand Laptop Password in Violation of Fifth Amendment

From: EFF

Prosecutors Demand Laptop Password in Violation of Fifth Amendment

EFF has urged a federal court to block the government’s attempt to force a woman to enter a password into an encrypted laptop. During the investigation, the government seized the device from the home she shares with her family, and then asked the court to compel the woman to type the password into the computer or turn over a decrypted version of her data. But EFF told the court that the demand is unconstitutional, violating her Fifth Amendment privilege against self-incrimination.

, , , , ,

No Comments

USB Drives left at Dry Cleaners on the Rise

Encrypt your USB Drives

From: SC Magazine UK

A survey of dry cleaners in the UK has found that more than 17,000 USB sticks were left behind in 2010.

More than 500 dry cleaners and launderettes in the UK were asked during December 2010 and January 2011 about removable media that was left behind. Estimated figures suggested that there was an increase on the number of USB sticks left in dry cleaners of more than 400 per cent when compared with figures from 2009, and almost double from what was found in 2008.

…With the best intentions in the world, the reality is devices are often left behind and the information they contain could be devastating if disclosed. Organizations need to plan for this when developing their security strategies.”

more

, , , , ,

No Comments

Cyber-Threat Whitepapers

From: SC Magazine

, , , ,

No Comments