Agregátor RSS

KYBERCENTRUM vydalo knihu ceského kryptologa a popularizátora Pavla Vondrušky, která dokazuje, jak muže veda o kódech a šifrách být fascinující a dobrodružná.
Kniha byla v drívejším vydání v edici OKO zcela vyprodána a nebylo ji možné získat.
Nyní je tedy možnost ji zakoupit v e-shopu KYBERCENTRA. Ale pozor k prodeji touto cestou bylo uvolnen pouze omezený pocet 200 kusu .

Kniha p?edního ?eského popularizátora kryptologie dokazuje, jak fascinující a dobrodružná m?že v?da o kódech a šifrách být.
Kniha vyšla v 2006 v nákladu 8000 ks a byla brzy zcela vyprodána.
Kniha nyní vyjde pomocí Crowdfundingu v rámci projektu Centra kybernetické bezpe?nosti, z. ú. (KyberCentrum).
Podpo?te tento projekt a stanete se vlastníci této knihy.

Kniha P.Vondrušky - Kryptologie, šifrování a tajná písma op?t vyjde.
Knihu lze získat v rámci projektu Kybercentra (Crowdfunding).

NIST has posted an update on their post-quantum cryptography program:

• Update


• NISTIR 8309 Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process

Po kolikáté ?

Policisté v Praze zadrželi dva cizince t?sn? po tom, co do bankomatu nainstalovali skimmovací za?ízení s cílem dostat se k pen?z?m klient?. U zadržených muž? pak policisté zajistili i celou ?adu nástroj? k páchání této trestné ?innosti a vysíla?ky, informoval ve st?edu policejní mluv?í Jan Dan?k.

Užite?ný p?ísp?vek "14 Ways to Create a Secure Password in 2019" na stále pot?ebné téma jak vytvá?et a pamatovat si hesla od Jacka Forstera.

25+ Free Security Tools That You Need to Start

P?ehled bezplatných silných antivirových a dalších bezpe?nostních program?, které vám mohou pomoci udržet vaše citlivé informace v bezpe?í.

Email was one of the earliest forms of communication on the internet, and if you’re reading this you almost undoubtedly have at least one email address. Critics today decry the eventual fall of email, but for now it’s still one of the most universal means of communicating with other people that we have. One of the biggest problems with this cornerstone of electronic communication is that it isn’t very private. By default, most email providers do not provide the means to encrypt messages or attachments. This leaves email users susceptible to hackers, snoops, and thieves.

So you want to start encrypting your email? Well, let’s start by saying that setting up email encryption yourself is not the most convenient process. You don’t need a degree in cryptography or anything, but it will take a dash of tech savvy. We’ll walk you through the process later on in this article.

Alternatively, you can use an off-the-shelf encrypted email client. Tutanota is one such secure email service, with apps for mobile and a web mail client. It even encrypts your attachments and contact lists. Tutanota is open-source, so it can be audited by third parties to ensure it’s safe. All encryption takes place in the background. While we can vouch for Tutanota, it’s worth mentioning that there are a lot of email apps out there that claim to offer end-to-end encryption, but many contain security vulnerabilities and other shortcomings. Do your research before choosing an off-the-shelf secure email app.

If you’d prefer to configure your own email encryption, keep reading.

See Affiliated Events too.

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in to a Web site using something they know (the password) and something they have (e.g., a mobile device).

The US Department of Justice (DOJ) this week released the first report from its Cyber Digital Task Force – which was set up in February to advise the government on strengthening its online defenses.
The report [PDF], compiled by 34 people from six different government agencies, examines the challenges facing Uncle Sam´s agencies in enforcing the law and protecting the public from hackers. It also lays out what the government needs to do to thwart looming threats to its computer networks.

Let´s (not) Encrypt

If you´ve been following the news for the last few years it will come as no surprise that the Justice Department is not a fan of the common man having access to encryption.
The report bemoans the current state of encryption and its ability to keep the government from gathering and analyzing traffic for criminal investigations. The word ´encryption´ comes up 17 times in the report, not once in a favorable light.
In the past several years, the Department has seen the proliferation of default encryption where the only person who can access the unencrypted information is the end user, the report reads.
The advent of such widespread and increasingly sophisticated encryption technologies that prevent lawful access poses a significant impediment to the investigation of most types of criminal activity.

The demand for quantum computing services will be driven by some process hungry research and development projects as well as by the emergence of several applications including advanced artificial intelligence algorithms, next-generation encryption, traffic routing and scheduling, protein synthesis, and/or the design of advanced chemicals and materials. These applications require a new processing paradigm that classical computers, bound by Moore’s law, cannot cope with. However, one should not expect quantum computers to displace their classical counterparts anytime soon.

Ray Ozzie thinks he has an approach for accessing encrypted devices that attains the impossible: It satisfies both law enforcement and privacy purists. (?)

EFAIL furore not over yet, even though it´s easy to fix.

However, PGP´s creator Phil Zimmerman, Protonmail´s Any Yenn, Enigmail´s Patrick Brunschwig, and Mailvelope´s Thomas Oberndörfer are still concerned that misinformation about the bug remains in the wild.

Yenn tried to refute the EFAIL “don´t use PGP” on May 25, and the four have followed up with this joint post.

Zima konečně dorazila i k nám a chvíle, na kterou řada lidí netrpělivě vyčkávala, je tu. Většina lyžařských středisek dává milovníkům zimních sportů zelenou. Zimní radovánky tedy mohou propuknout. Málokdo se však zamýšlí nad tím, co všechno by se mohlo na svahu přihodit. Přitom jak se říká, štěstí přeje připraveným.

Amazon’s announcement on Wednesday that it is abandoning its Chime collaboration app, while stressing that it will double down on the far more successful Chime software development kit (SDK), was an example of Amazon being Amazon. It knows what it does well, and where to focus.

Analysts said that the Chime app made some sense when it was introduced in February 2017, but that sharply changed in 2000 when the pandemic hit. Microsoft and Zoom added lots of new functionality to their collaboration platforms, but Amazon didn’t add much to Chime. And over the years, rivals have continued to beef up their products. 

Chime’s feature set quickly was outshone and its market share plunged; currently its share is negligible, with one firm placing it at literally 0.0%. 

Amazon itself described its Chime app market share as “limited,” and conceded that its competitors, which it referred to as partners, had outpaced it.

“When we decide to retire a service or feature, it is typically because we’ve introduced something better or our partners offer a solution that is a good fit for our customers as well as our own employees,” said Erik Denny of Amazon media relations. “In Chime’s case, its use outside of Amazon was limited and our partners offer great collaboration solutions, so we will lean into those.”

In an internal memo to Amazon employees, the company threw its support behind key rivals. “Zoom is replacing Amazon Chime as the standard meeting application for Amazon internal meetings,” it said.  “Microsoft Teams will also be available for scenarios where full integration with M365 is needed. Cisco Webex will also be available for communication with customers who use Cisco Webex.”

The app has failed, but popular SDK prevails

The Chime app’s situation is almost the opposite of that of the popular Chime SDK. The lack of functionality that was so important to app users was irrelevant to users of the SDK, as enterprises and vendors used it as the foundation for capabilities they built into their own apps, including Slack Huddles and Intuit’s Virtual Expert Platform. 

Amazon also introduced its SDK much earlier than did Microsoft or Zoom, allowing the Chime SDK to build up a significant market share advantage, said Melody Brue, VP and principal analyst for Moor Insights & Strategy.

“I’m not surprised at all [about the app’s demise],” Brue said. “They really haven’t invested a whole lot into the Chime app.”

Jeremy Roberts, the senior director of research at Info-Tech Research Group, agreed. He said the decision to kill the Chime app while increasing support for the Chime SDK made perfect sense.

“My takeaway is that this is very logical. They never climbed to the top of the stack [with the app]. [Enterprises] didn’t like the product, but they loved the infrastructure,” Roberts said. “Amazon is a good telescope manufacturer but not a good astronomer.”

Wayne Kurtzman, an IDC research VP, also noted that Amazon never promoted the Chime app, although they certainly could have.

“Amazon is really good at creating narratives, but Chime never had a good go-to-market strategy,” Kurtzman said. “It fell short in creating mindshare in a market that was growing incredibly rapidly.” 

One year warning for users, migration help promised

In Amazon’s public statement, the company said, “After careful consideration, we have decided to end support for the Amazon Chime service, including Business Calling features, effective February 20, 2026. Amazon Chime will no longer accept new customers beginning February 19, 2025. Existing customers can continue to use Amazon Chime features, including Business Calling, scheduling and hosting meetings, adding and managing users, and other capabilities supported through the Amazon Chime administration console.”

It then pledged to help transition the few remaining Chime app users to other platforms, including “solutions provided by AWS, such as AWS Wickr, or from AWS partners, such as Zoom from Zoom Video Communications Inc., Webex from Cisco Systems, Inc., and Slack from Salesforce.”

Alternative AWS Wickr ‘should have its chance to shine,’ says analyst

However, Roberts questioned how long Amazon will support Wickr, given that it suffers from many of the same shortcomings as the Chime app. “I don’t see a lot of Wickr use with our enterprise clients,” he said. But, he added, the robust security capabilities within Wickr may make it viable in select segments, such as governments. 

Will McKeon-White, a senior analyst with Forrester, was more optimistic about Wickr, arguing that an encrypted messaging app is going to have more staying power than a video conferencing one.

“Usually, replacing a messaging solution is much more difficult than replacing a video calling solution,” McKeon-White said. “Messaging needs to have integration into a whole host of different things. What it comes down to is that it’s much harder to replace.”

Part of the issue is that users often need to refer to messages from months earlier, but they rarely have to review old conference calls. That is why employees will often hang onto those old messaging apps even if the corporate standard has changed, because “there is some critical thing that they need that messaging app for.”

IDC’s Kurtzman also said that Wickr should get its chance to shine.

“They have a good security narrative and a good security story, which is advanced cryptography,” he said, noting that should be a critical feature given that enterprises are putting “all of the intellectual property of the business” into their messages. He said that Wickr might be positioned as the glue to integrate different genAI offerings from different companies.

In the end, said Roberts, the key enterprise IT takeaway from this is to stick with the dominant players in the collaboration space. “It validates the decision to consolidate on the blue-chip collaboration solutions.”

Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. [...]

An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. [...]