Aktuality

Germany´s proposed anti-cryptography bill: backdoors and hack-backs

Security News - 22 sek zpět
This week, German authorities will introduce a law that will allow law enforcement agencies to order companies to insert back doors into their products to assist in law enforcement queries; the law is backed by Thomas de Maizière, Germany´s Interior Minister.

Viz také : Germany Preparing Backdoor Law.
Kategorie: Aktuality

F5 DROWNing, not waving, in crypto fail

Security News - 22 sek zpět
If you're an F5 BIG-IP sysadmin, get patching: there's a bug in the company's RSA implementation that can give an attacker access to encrypted messages.
Kategorie: Aktuality

Will quantum computing break the Internet?

Security News - 22 sek zpět
While the principles of quantum computing are certainly complex, at a high level, the risk from quantum computing can be understood fairly quickly. Unlike a digital computer bit, which can only be a zero or one, a quantum bit, or qubit, can be a zero, one, and everything in between – all at the same time. For those who are not quantum physicists, this can be mind-blowing, but the result is that a quantum computer can offer such a huge speed-up to solving certain problems, that some problems previously thought to be nearly impossible to solve may soon be solved.
Kategorie: Aktuality

Your Browser Could Be Mining Cryptocurrency For a Stranger

Security News - 22 sek zpět
There´s something new to add to your fun mental list of invisible internet dangers. Joining classic favorites like adware and spyware comes a new, tricky threat called “cryptojacking,” which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site.
Kategorie: Aktuality

EU: No encryption backdoors but, eh, let´s help each other crack that crypto, oui? Ja?

Security News - 22 sek zpět
The European Commission has proposed that member states help each other break into encrypted devices by sharing expertise around the bloc.

In an attempt to tackle the rise of citizens using encryption and its effects on solving crimes, the commission decided to sidestep the well-worn, and well-ridiculed, path of demanding decryption backdoors in the stuff we all use.

Instead, the plans set out in its antiterrorism measures on Wednesday take a more collegiate approach – by offering member states more support when they actually get their hands on an encrypted device.
Kategorie: Aktuality

Hacknite digitálny podpis Kaliňáka. Firma vypísala odmenu

Security News - 22 sek zpět
Odmenu 1337 eur v piatok vypísala IT firma Hacktrophy za odhalenie podrobností o elektronickom podpise ministra vnútra Roberta Kaliňáka.
Urobila tak po tom, keď sám minister verejne vyzval k „hacknutiu“ svojho občianskeho preukazu s čipom, ktorý podľa oznámenia vedcov z Brna obsahuje vážne bezpečnostné riziko.

Viz také:
Kategorie: Aktuality

KRACK WPA2 protocol Wi-Fi attack: How it works and who\'s at risk

Security News - 22 sek zpět
A vulnerability in the WPA2 protocol used in secured Wi-Fi networks allows hackers to force devices to install arbitrary encryption keys. Here are the details of how the attack works.
Kategorie: Aktuality

Facebook COO Sheryl Sandberg: Crypto ban won´t help trap terrorists

Security News - 22 sek zpět
Facebook´s chief operating officer Sheryl Sandberg has reiterated the social network´s position that weakening the encryption of messaging apps isn´t going to give governments what they want. Governments and law enforcement agencies are increasingly going public with their frustration that encryption prevents them accessing electronic messages.
Kategorie: Aktuality

True random numbers are here — what that means for data centers

Security News - 22 sek zpět
The Entropy Engine can deliver 350 Mbps of true random numbers—enough to give a data center enough random data to dramatically improve all cryptographic processes

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.

Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.
v And the bad guys worked at breaking the encryption.
We used longer keys and better algorithms.

And the bad guys kept at it. And life went on.

But something recently changed all that.
Kategorie: Aktuality

Quantum of encryption

Security News - 22 sek zpět
With computing power increasing faster than ever before, it´s possible to crack previously secure encryption, and with the advent of quantum computing, that possibility gets ever closer. So now you must ask: Is your encryption good enough?
Kategorie: Aktuality

Alice and Bob: A History Of The World’s Most Famous Couple

Security News - 22 sek zpět
Alice and Bob are the world’s most famous cryptographic couple. Since their invention in 1978, they have at once been called “inseparable,” and have been the subject of numerous divorces, travels, and torments. In the ensuing years, other characters have joined their cryptographic family. There´s Eve, the passive and submissive eavesdropper, Mallory the malicious attacker, and Trent, trusted by all, just to name a few.
Kategorie: Aktuality

Let´s harden Internet crypto so quantum computers can´t crack it

Security News - 22 sek zpět
Draft blends asymmetric public/private key encryption and one-time pad analogs.
In case someone manages to make a general purpose quantum computer one day, a group of IETF authors have put forward a proposal to harden Internet key exchange.

While only an “informational” document at this stage, what the authors describe is how to extend Internet Key Exchange v2 (RFC 7296*, IKEv2) to support a quantum-safe key exchange.
Kategorie: Aktuality

Autorem Voynichova rukopisu psaného neznámým jazykem je Jiří III. z Lichtenštejna

Security News - 22 sek zpět
Irena Hanzíková přeložila třetinu tzv. Voynichova rukopisu. Obsah ji vede k závěru, že autorem rukopisu je podle textu a s vědomím let, kdy vznikl, i z dalších indicií moravský šlechtic Jiří III. z Lichtenštejna, původem z Mikulova, tridentský biskup a římský kardinál.

Všimněte si ale pochybností (těch seriózněji formulovaných) v diskuzi k článku.
Kategorie: Aktuality

17 Security Tips for Smarter Smartphone Banking (Android)

Security News - 22 sek zpět
Dobré a přehledné rady jak zabezpečit svůj Smartphone(Android)pro využívání pro internetové bankovnictví.
Kategorie: Aktuality

Post-Quantum RSA

Security News - 7 Prosinec, 2017 - 16:30
Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta: Post-Quantum RSA

Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today´s computers while (2) all known attacks are infeasible, even assuming highly scalable quantum computers. As part of the performance analysis, this paper introduces a new algorithm to generate a batch of primes. As part of the attack analysis, this paper introduces a new quantum factorization algorithm that is often much faster than Shor´s algorithm and much faster than pre-quantum factorization algorithms. Initial pqRSA implementation results are provided.
Kategorie: Aktuality

End-to-end email encryption with no central point of attack

Security News - 20 Listopad, 2017 - 07:30
A seamless, easy-to-use, and secure end-to-end encrypted business collaboration tool with no central point of attack is a holy grail for every business, and Boston-based security company PreVeil believes they have the right solution on hand.
Kategorie: Aktuality

The Ultimate Guide to SSL Inspection- Uncover Threats in SSL Traffic

Security News - 20 Listopad, 2017 - 07:30
Encrypted traffic accounts for a large and growing percentage of all network traffic. While the adoption of SSL, and its successor, Transport Layer Security (TLS), should be cause for celebration – as encryption improves confidentiality and message integrity – it also puts organizations at risk. This is because hackers can leverage encryption to conceal their exploits from security devices that do not inspect SSL traffic.

How serious is the threat? According to a recent Gartner survey, “less than 20% of organizations with a firewall, an intrusion prevention system (IPS) or a unified threat management (UTM) appliance decrypt inbound or outbound SSL traffic.”1 This means that hackers can evade over 80% of companies’ network defenses simply by tunneling attacks in encrypted traffic.

To stop cyber attacks, organizations must gain insight into encrypted data, and to do this, they need a dedicated security platform that can decrypt inbound and outbound SSL traffic.
Kategorie: Aktuality
Syndikovat obsah