Bitcoin is in the news again.
Seems that a random number problem on the Android platform is letting crooks get away with cryptographic fraud to make off with other people's BTCs...
Mobile security researcher Karsten Nohl says he'll explain at the BlackHat conference how he can remotely "own" mobile phones with a single text message.
Paul Ducklin looks at what Nohl has said so far, and ponders how hard this might be to sort out...
The AusCERT 2013 conference has started, so the AusSHIRT 2013 #sophospuzzle is officially live.
See if you can transform the code on the T-shirt and win a prize!
(You don't have to be at the conference to enter.)
IBM just released an open source software package called HELib.
HE stands for *homomorphic encryption*, and HELib is an important cryptographic milestone.
Paul Ducklin explains why...
An iPhone messaging app that claims to be "totally secure" is offering a £10,000 prize to anyone who can intercept a message from it.
Paul Ducklin wonders how you are supposed to win the prize if the app really is "totally secure"...
Will chilling an Android phone to -15°C freeze the encryption keys into memory? And if so, can you use a modified version of Android to dig them out?
German researchers had a crack at it - Paul Ducklin takes a look at how things turned out.
Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet?
Here's the latest Naked Security podcast, Sophos Security Chet Chat 102, discussing a range of recent and newsworthy topics from the world of computer security.
The security of web transactions is again in the spotlight as a pair of UK cryptographers take aim at TLS.
Like 2011's much-talked-about BEAST attack, it has a groovy name: Lucky Thirteen.
Public-key encryption relies on a pair of cryptographic keys, one public and the other private.
You'd think that programmers would be able to tell which one to keep private and which one to make public, wouldn't you?
Kim Dotcom's new venture, Mega, wants to shield itself from accusations of failing to take action against piracy.
It does so by using cryptography to make sure it doesn't see, and indeed cannot tell, what you've uploaded. But you have to get the crypto right...
The party-time news of the past weekend was the launch of Kim Dotcom's comeback file sharing service, Mega.
Crypto critics have already taken issue with some aspects of Mega's implementation, and Dotcom has taken issue right back at them...
The total number of Windows passwords you can construct using eight keyboard characters is vast: one followed by 16 zeros, or near enough.
Gone in six hours.
Plus you get to heat your house at the same time.
By popular demand, here is a video showing you how to solve the Skyfall #sophospuzzle.
In James Bond style: recover a stolen file, decrypt it, use it to identify a famous person, find out where he was incarcerated, and geolocate the prison...
There's a new #sophospuzzle on the go!
This time, the theme is Skyfall and Bond, James Bond. You'll handle a field message from another agent, decode a data file stolen from M's computer, and unravel a secret location - all in a day's work for the world's best-dressed secret agent.
Sony's PS3 has been hacked. This time, it looks as though it's been hacked for good.
We explain why this is different from previous hacks, and treat you to the war of words between the original hackers and the pirates who stole their work...
By popular demand, here is a video explaining how to solve the puzzle we published on our AusCERT 2012 conference T-shirt.
44 solvers from 14 countries cracked it in the time allowed - find out how they did it!