RSS Reader for Computer Security Articles
Credit to Author: Brian Barrett| Date: Tue, 07 Mar 2017 20:00:57 +0000
Despite some initial confusion, the CIA hasn’t undermined Signal and other important end-to-end encrypted apps. The post Don’t Let WikiLeaks Scare You Off of Signal and Other Encrypted Chat Apps appeared first on WIRED.
Read More
Credit to Author: Lucian Constantin| Date: Thu, 02 Mar 2017 12:24:00 -0800
Computer users who have been affected by the Dharma ransomware and have held onto their encrypted files can now restore them for free. Researchers have created decryption tools for this ransomware strain after someone recently leaked the decryption keys.
Dharma first appeared in November and is based on an older ransomware program known as Crysis. It’s easy to recognize files affected by it because they will have the extension: .[email_address].dharma, where the email address is the one used by the attacker as a point of contact.
On Wednesday, a user named gektar published a link to a Pastebin post on the BleepingComputer.com technical support forum. The post, he claimed, contained the decryption keys for all Dharma variants.
To read this article in full or to leave a comment, please click here
Credit to Author: Martyn Williams| Date: Tue, 28 Feb 2017 04:43:00 -0800
Engineers at South Korea’s SK Telecom have developed a tiny chip that could help secure communications on a myriad of portable electronics and IOT devices.
The chip is just 5 millimeters square — smaller than a fingernail — and can generate mathematically provable random numbers. Such numbers are the basis for highly-secure encryption systems and producing them in such a small package hasn’t been possible until now.
The chip, on show at this week’s Mobile World Congress in Barcelona, could be in sample production as early as March this year and will cost a few dollars once in commercial production, said Sean Kwak, director at SK Telecom’s quantum technology lab.
To read this article in full or to leave a comment, please click here
Credit to Author: Andy Greenberg| Date: Tue, 28 Feb 2017 16:27:05 +0000
Is the effort to end-to-end encrypt Gmail dead, or just a lot harder than it looks? The post After 3 Years, Why Gmail’s End-to-End Encryption Is Still Vapor appeared first on WIRED.
Read More
Credit to Author: Michael Kan| Date: Mon, 27 Feb 2017 13:34:00 -0800
Google is asking developers to take over its effort to make end-to-end email encryption more user-friendly, raising questions over whether it’ll ever become an official feature in the company’s browser.
On Friday, the search giant said its email encryption tool, originally announced in 2014, was no longer a Google product. Instead, it’s become a “full community-driven open source project,” the company said in a blog post.
The tool is designed to work as an extension to Google’s Chrome browser that uses the OpenPGP standard to encrypt emails, ensuring that only the recipient can read them, and not the email provider or a government.
To read this article in full or to leave a comment, please click here
Credit to Author: Martyn Williams| Date: Mon, 27 Feb 2017 10:34:00 -0800
SK Telecom and Nokia have developed a prototype quantum cryptography system that combines the South Korean company’s quantum key server with an encryption device from Nokia.
The system, shown Monday at Mobile World Congress in Barcelona, was put together to demonstrate interoperability between the two vendors and comes as SK Telecom kicks off a push to get telecom carriers and equipment vendors working together on next-generation quantum-secured networks.
Quantum cryptography involves the transmission of encryption keys across fiber optic networks. It relies on the principles of quantum mechanics to detect if an eavesdropper has viewed a key en route.
To read this article in full or to leave a comment, please click here
Credit to Author: Peter Sayer| Date: Mon, 27 Feb 2017 10:31:00 -0800
It sounds like a smartphone user’s worst fear: Software that starts up before the phone’s operating system, intercepting and encrypting every byte sent to or from the flash memory or the network interface.
This is not some new kind of ransomware, though. This is the D4 Secure Platform from Cog Systems.
The product grew out of custom security software the company developed for governments, and which it saw could also be put to use in the enterprise as a way to make smartphones more productive while still maintaining a high level of security.
It includes a Type 1 hypervisor, a virtualized VPN and additional storage encryption that wrap the standard Android OS in additional layers of protection largely invisible to the end user.
To read this article in full or to leave a comment, please click here
Credit to Author: Mark Nunnikhoven (Vice President, Cloud Research)| Date: Fri, 24 Feb 2017 20:52:12 +0000
The SHA-1 hash function is broken. This isn’t news. What is news is that a practical attack has been demonstrated Keep in mind that “practical” is used in cryptographers terms and those terms don’t necessarily have an impact on your daily IT use. The news has been making the rounds as IT teams, journalists, and…