- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Commo
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- DPMS
- FN
- Forums
- HK
- IWI
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Styer
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Tech
- Warriors
Posts Tagged security
Silent Circle Raises $50 Million
Posted by Brian in Comms, News, Threat Watch on 2/Mar/2015 13:35
From ArsTechnica:
Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone’s hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted “enterprise privacy ecosystem” at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
“Silent Circle has brought tremendous disruption to the mobile industry and created an integrated suite of secure enterprise communication products that are challenging the status quo,” Mike Janke, cofounder and chairman of the Silent Circle board, said in a statement. “This first stage of growth has enabled us to raise approximately $50M to accelerate our continued rapid expansion and fuel our second stage of growth.”
Password Security Compromised On Andriod
Posted by Brian in News, Threat Watch on 26/Nov/2014 07:01
From ArsTechnica:
Clark agreed that any Android-based password manager that uses the OS clipboard is susceptible. He strongly recommends that people stop using any app setup that works this way. Many apps use standalone browsers, browser extensions, or software keyboards to enter credentials into login fields. There is no evidence they are susceptible to sniffing. The reason ClipCaster takes special aim at LastPass, Clark said, is simple. It just happened to be the manager he installed on his phone. There are no reports that password managers running on iOS or Windows Phone are vulnerable. But there can be way to know for sure, since Ars is unaware of the any comprehensive study testing the security of managers on those platforms.
Mozilla Working To Make Privacy Easier
Posted by Brian in News, Threat Watch on 16/Nov/2014 07:00
The company that makes the Firefox web browser has a new privacy initiative.
Today, we are excited to announce a new strategic initiative at Mozilla called Polaris. Polaris is a privacy initiative built to pull together our own privacy efforts along with other privacy leaders in the industry. Polaris is designed to allow us to collaborate more effectively, more explicitly and more directly to bring more privacy features into our products. We want to accelerate pragmatic and user-focused advances in privacy technology for the Web, giving users more control, awareness and protection in their Web experiences. We want to advance the state of the art in privacy features, with a specific focus on bringing them to more mainstream audiences.
Law Enforcement Upset Over New Smartphone Security
From Bloomberg:
The dispute is the latest flare-up that pits the federal government against the nation’s leading technology companies since National Security Agency contractor Edward Snowden disclosed last year the extent of U.S. snooping on phone and Internet communications — and how companies cooperated.
U.S. Justice Department and FBI officials are trying to understand how the new Apple and Google Android systems work and how the companies could change the encryption to make it accessible when court ordered. Their requests to the companies may include letters, personal appeals or congressional legislation, said a federal law official who requested anonymity to discuss the sensitive issue.
New Sofware From Apple and Google Better At Protecting Your Information From Government
From Reason.com:
Observant tech journalists have noticed something big in their latest privacy notes. Apple has changed its encryption so that the company itself cannot access the data on its users’ phones and iPads without the passcode. Thus, if police or the feds come to Apple with warrants to grab potentially useful private data off a device, they couldn’t comply even if they wanted to.
From ArsTechnica:
The Washington Post is reporting that Google will finally step up security efforts on Android and enable device encryption by default. The Post has quoted company spokeswoman Niki Christoff as saying “As part of our next Android release, encryption will be enabled by default out of the box, so you won’t even have to think about turning it on.â€
The move should bring Android up to parity with iOS. Apple recently announced enhanced encryption for iOS 8, which Apple says makes it impossible for the company to decrypt a device, even for law enforcement. While Android’s encryption was optional, it seems to work in a similar way, with Christoff saying “For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement.”
Tech Firm Developed Spyware For Foreign Governments
Posted by Brian in News, Threat Watch on 25/Aug/2014 12:40
From The Washington Post:
Merely by playing a YouTube video or visiting a Microsoft Live service page, for instance, an unknown number of computers around the world have been implanted with Trojan horses by government security services that siphon their communications and files. Google, which owns YouTube, and Microsoft are racing to close the vulnerability.
1.2 Billion Passwords Stolen by Gang in Russia
Posted by Brian in News, Threat Watch on 14/Aug/2014 12:58
From USA Today:
Security researchers say a Russian crime ring has pulled off the largest known theft of confidential Internet information, including 1.2 billion username and password combinations and more than 500 million email addresses.
Wireless Car Door Hack
As technology progresses so do the capabilities of thiefs.
From Wired:
As part of a talk on the insecurity of wireless devices at the Black Hat security conference later this week, Cesare plans to reveal a technique that could allow anyone to spoof the signal from a wireless key fob and unlock a car with no physical trace, using a codebreaking attack that takes as little as a few minutes to perform. “I can use this to lock, unlock, open the trunk,†says Cesare, an Australian researcher for the security firm Qualys. “It effectively defeats the security of the keyless entry.â€
Phone Wiping Fails on Android Phones
From CNET.com:
Avast — known for its security software on Windows, Mac, and Android — purchased 20 Android smartphones from eBay, which has around 80,000 used smartphones for sale at any given time. Among the data that Avast employees recovered from the phones were more than 40,000 photos — including 250 nude male selfies — along with 750 emails and text messages, 250 contacts, the identities of four phones’ previous owners, and one completed loan application.
Is TrueCrypt Secure?
From Krebs On Security:
Sometime in the last 24 hours, truecrypt.org began forwarding visitors to the program’s home page on sourceforge.net, a Web-based source code repository. That page includes instructions for helping Windows users transition drives protected by TrueCrypt over to BitLocker, the proprietary disk encryption program that ships with every Windows version (Ultimate/EnterpriseÂ
or Pro) since Vista. The page also includes this ominous warning:“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issuesâ€
“This page exists only to help migrate existing data encrypted by TrueCrypt.â€
“The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.â€
Silent Circle Moves To Switerland
From the Silent Circle Blog:
Switzerland – the land of Privacy, Neutrality and now Silent Circle (not to mention great cheese, chocolate and watches). We are very much an international firm. We have employees scattered among 9 countries, data centers in Canada and Switzerland, and we count customers from over 130 countries with a heavy concentration of Global 1000 enterprise customers outside of North America. We decided to move our Headquarters from the Caribbean island of Nevis to Switzerland and move a lot of our customer service, finance, sales and operations into this new large office.
It was very important for us to remain a “Global Neutral Privacy Providerâ€, as well as a political and religious agnostic company. Switzerland has the world’s most robust privacy laws, fantastic business and financial resources and an incredible business-friendly atmosphere. In addition to being the world’s center for Human Rights, Global freedom of speech and an innovative technology hub, Switzerland is our perfect home. This move was a logical an easy decision for us. With over 75% of our customer base outside of North America and our Joint Venture company Blackphone also headquartered in our joint new office space in Switzerland – it was a natural move.
We will continue to grow our North America office in Washington, DC as well as our London office, but most of our new growth will take place in our new headquarters. So, if you find yourself in Europe or close to Switzerland, we are only a short hop or train ride away – so please do stop into our new Headquarters office to say hi.
EFF Calls On Companies To Enhance Security
From the Electronic Frontier Foundation:
How to Protect Your Users from NSA Backdoors: An Open Letter to Technology Companies
As security researchers, technologists, and digital rights advocates, we are deeply concerned about collaboration between government agencies and technology companies in undermining users’ security. Among other examples, we are alarmed by recent allegations that RSA, Inc. accepted $10 million from NSA to keep a compromised algorithm in the default setting of a security product long after its faults were revealed. We believe that covert collusion with spy agencies poses a grave threat to users and must be mitigated with commitment to the following best practices to protect users from illegal surveillance: Read the rest of this entry »
The Back Channel: A Radio Show on Security and Technology
Posted by Brian in News, Threat Watch on 20/Feb/2014 08:52
The Back Channel is brought to you by the creators of Silent Circle.
The Back Channel is a cutting edge radio show focused on Technology, Privacy, Security and policy on an international scale. Bringing together luminaries from the technology sector, Hackers, privacy advocates and world-renowned experts in a conversational forum to discuss the intersections of technology, privacy and government. The show itself touches upon controversial topics and digs into tension-filled public policy areas with a list of personalities and luminaries from around the world. Hosted by two world famous cryptographers, a former Navy SEAL and privacy advocate and a Silicon Valley security dilettante -The Back Channel is the one place where both Hackers and Government officials can come and “clear the air”
Blackphone Challenging Conventional Wisdom
Posted by Brian in News, Threat Watch on 14/Feb/2014 16:26
From the Silent Circle blog:
Blackphone is an innovative new ecosystem. The idea of creating an entirely new ecosystem is not new. Microsoft had its run with Windows, Skype, and Bing. They created an entire ecosystem behind the hardware and software, but failed to innovate ahead of the curve. Blackberry had its run with the phones, BEZ servers and BBM messaging. They are now dying a thousand little deaths because they did not innovate quickly enough. Google, Apple, Samsung and others have created dominant ecosystems that tie in software, hardware, wearables, media, music and services.  They rapidly innovated new platforms and models that left Microsoft, Blackberry, Nokia, HTC and others behind quickly. It’s been an amazing run for them, but this model too is dwindling. Fast movers like Xiaomi are killing them. Innovation, security and privacy demands are already putting cracks in this windshield. The fuel that feeds their ecosystem machine is customer data… Your data. It is pure gold to them.
Privacy at the Olympics
Posted by Brian in News, Threat Watch on 7/Feb/2014 15:46
From Silent Circle:
Russian authorities have openly acknowledged that widespread monitoring of phone, Internet and other communications systems is in place during the games and have framed these measures as part of overall security preparedness. Safety and security aside, this degree of persistent surveillance creates severe risks for visitors worried about sensitive personal and business communications being compromised when they keep in touch with colleagues and others from Sochi. There have been a number of stories over the past week warning that visitors and athletes can expect to be hacked, noting “it isn’t a mater of ‘if,†but a matter of ‘when.’â€