Cryptography

(get it in RSS or Atom)

SSCC 163 - So THAT'S why you can't erase Flash RAM properly [PODCAST]

chet-chat-logo-featured-250

Here's this week's Sophos Security Chet Chat.

Our regular security podcast that turns news into useful advice...

SSCC 152 - PF Chang's, TrueCrypt (still!), the Twitter worm and the cost of scammers [PODCAST]

chet-chat-logo-featured-250

Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news.

As usual, they extract plenty of useful lessons during their insightful dissection of the latest issues...

Ransomware with a happy ending

rw-not-250

Fortunately, not every cybercrook in the world is a good coder.

Let's hope it stays that way...

Breach at eBay, bugs in Chip-and-PIN, busts for Blackshades - 60 Sec Security [VIDEO]

2014-05-24-thumb-250

Will the breach at eBay beat Adobe for size? Is Chip and PIN really as safe as they say? How many countries took action busting malware crooks?

All the answers in 60 Sec Security for 24 May 2014...

Chip-and-PIN should be "Chip-and-Skim," say Cambridge card-cloners

cc-250

Back in 2011, cryptographers at the University of Cambridge were approached by a man whose bank refused to refund a series of disputed transactions.

So they set out to answer the question, "Is it reasonable to assume the infallibility of Chip-and-PIN transactions?"

NIST to review standard for cryptographic development - do we really care?

NIST to review standard for cryptographic development - do we really care?

Whether you use it to protect personal data, protect customer data or secure your communications, cryptography is an integral part of our digital world, but the announcement late in 2013 that NIST is reviewing its standards for cryptography seems to have gone largely unnoticed.

WhatsApp and privacy - will Facebook make things better, worse, or both?

wa-padlock-250

WhatsApp, the super-popular SMS replacement acquired by Facebook for $19 billion, continues to wrestle with a thorny problem.

How can it tame the public's attitude to its own attitude to privacy?

SSCC 127 - Target, Microsoft, Apple, Gmail...and some amazing acoustics [PODCAST]

sscc-127-thumb-250

Chet and Duck help you to learn from recent security news, both good and bad.

In this episode: the massive Target breach; Microsoft's and Apple's attitude to updates; and how to respond to Google's recent changes to image rendering for Gmail users.

CarderPlanet bust, Target credit card breach, online safety for kids - 60 Sec Security [VIDEO]

2013-12-21-eavesdroppers-250

What prison sentence for the man who pioneered online carding? How many credit cards did Target lose? Does your encryption software "speak" to passers-by? How to keep your kids safe online over the holidays?

Find out in 60 seconds!

SSCC 126 - Zero-day, Bitcoins, passwords and randomness [PODCAST]

Turn bad news into good with "what you can do better" advice from Chet and Duck.

Learn from: an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.

Facebook locks users in a closet for using same passwords/emails on Adobe

Facebook locks users in a closet for using same passwords/emails on Adobe

Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.

Anatomy of a password disaster - Adobe's giant-sized cryptographic blunder

abr-250

Learn how cryptanalysts think, and why cryptographers feel such terrible dismay when companies that really ought to know better make mammoth mistakes.

Paul Ducklin deconstructs the data leaked in Adobe's latest megabreach...

Facebook privacy, Google ads, D-Link security, CryptoLocker ransom - 60 Sec Security [VIDEO]

2013-10-19-cryptolock-250

What leaves your computer standing but your data in ruins? Should Facebook teenagers be able to message the world? How can you stop Google using your photo in ads?

Find out in this week's Sophos 60 Second Security!

Anatomy of a dropped call - how to jam a city with 11 customised mobile phones

nofonez-500

German researchers have shown how commodity mobile phones can be turned into call jammers.

Worse still, their attacks could be adapted for eavesdropping and even interception, where a crook receives your calls or SMSes instead of you.

Data Breach Week, SIMs cracked, carders busted - 60 Sec Security [VIDEO]

2013-07-27-simcrack-250

How safe is the SIM in your mobile phone? Could it be remotely infected with malware?

Possibly - watch this week's 60 Second Security video and find out more!

Android security fail, Cryptocat tartan, Nintendo crack - 60 Sec Security [VIDEO]

2013-07-13-googlehole-250

Are cryptographic holes the new buffer overflows?

Take a look at this week's 60 Second Security video and let us know what you think!

Cryptocat 'encrypted' group chats may have been crackable for 7 months

The Cryptocat project is apologizing and urging users to update immediately.

Founder and developer Nadim Kobeissi took to a live stream to address questions from a show in Germany.

Lias Vaas investigates...

Monday review - the hot 24 stories of the week

Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Get ready for the next #sophospuzzle - coming soon to a T-shirt near you

It's almost time for the annual AusCERT conference in Queensland, Australia.

And for everyone who's asked, the answer is, "Yes! There's a #sophospuzzle!"

No, you don't have to be there to join in...

Snapchat images that have "disappeared forever" stay right on your phone...

sc-250

Snapchat claims to let you share even "ugly selfies" because once they're viewed they "disappear forever."

US-based computer forensics geek Richard Hickman thought he'd find out how true that claim was...