Encryption

(get it in RSS or Atom)

POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

60ss-video-250

The week's security news, turned into an entertaining lesson, turned into a 1-minute video.

Enjoy...

POODLE attack takes bytes out of your encrypted data - here's what to do

Heartbleed, Shellshock, Sandworm...and now POODLE.

It's a security hole that could let crooks read your encrypted web traffic.

Paul Ducklin takes you through how it works, and what you can do to avoid it, in plain (well, plain-ish) English...

Mummy, my schoolbooks are spying on me! 60 Sec Security [VIDEO]

60ss-video-250

Here's our latest 60 Second Security video for your viewing pleasure.

The wry side of the week's news, in just a minute...

US Attorney General urges tech companies to leave back doors open on gadgets for police

US Attorney General urges tech companies to leave back doors open on gadgets for police

Don't lock police out of popular consumer gadgets, lest law enforcement's efforts to nab kidnappers or child predators be stymied, the US AG said, becoming the latest of a string of government officials to speak out since Google and Apple announced they were changing encryption on their mobile operating systems.

We need to talk about email

Email

Today the people of the world will exchange about 250 *billion* messages using a system that has been shockingly insecure for decades: email.

That's why we need to talk about email...

5 excuses for doing nothing about computer security!

Here are five security excuses that we hear a lot, both from individuals and from small businesses.

We've given you some advice to help you argue back that security really does matter...

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

chet-chat-logo-featured-250

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

chet-chat-logo-featured-250

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Google looks to make OpenPGP easier for Gmail users

Google switches Gmail to HTTPS only

In early June Google announced a new project designed to create a Chrome plugin to allow end-to-end encryption of web-based emails using OpenPGP. We take a look at its current state and explain how it works.

US House votes "overwhelmingly" to cut funding of NSA surveillance

NSA surveillance funding cuts OKed by US House

A strong majority of the US House have voted to cut funding for surveillance on citizens or for planting backdoors that let the government slip past encryption that's supposed to shield communications.

SSCC 152 - PF Chang's, TrueCrypt (still!), the Twitter worm and the cost of scammers [PODCAST]

chet-chat-logo-featured-250

Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news.

As usual, they extract plenty of useful lessons during their insightful dissection of the latest issues...

Here's what bugging your own office NSA-style can reveal

Eavesdropping. Image courtesy of Shutterstock.

A US reporter for National Public Radio found that NSA-style broad surveillance enabled by a pen-testing device and software crunching picked up on his research (in spite of Google's default search encryption), intercepted uncut interview tape, ferreted out his interview subjects' phone numbers and email addresses, and more.

Is TrueCrypt pining for the fjords?

TrueCryptBrokenLogo250

An attempt at keeping the TrueCrypt dream alive has been kicked off, hosted in Switzerland. Will it make a difference? Sophos conducted a poll to see what IT managers think about TrueCrypt after all the news and speculation.

Google says half of email is sent unencrypted

Open padlock. Image courtesy of Shutterstock.

It's been an encryption-intensive start to the week - good news for all of us who are wary of snooping.

Fight internet surveillance, Reset The Net

Reset The Net

5 June 2014 is Reset The Net. It's a day to take back our privacy by using strong encryption whenever and wherever we can and insisting that the organisations we rely upon do too.

Naked Security now available in HTTPS

Padlock

You can now browse your favourite computer security news website and make it more difficult for the NSA to spy on you at the same time!

True mystery of the disappearing TrueCrypt disk encryption software

tc-icon-250

Webdriver Torso has nothing on this week's mysteries!

First it was Apple iPhones in Australia announcing they'd been hacked; now it's venerable disk encryption software TrueCrypt abruptly claiming to have killed itself off...

SSCC 149 - Apple devices ransomed, eBay breached, carders busted and more [PODCAST]

sscc-149-250

Chester Wisnieski and Paul Ducklin dig into the important security stories of the past week, and pull out some lessons we can all learn.

If you haven't listened to a "Chet Chat" before, now's the time to give it a try!

Is Apple finally getting real about security? 60 Sec Security [VIDEO]

2014-05-10-thumb-0250

Where does the data breach buck stop? Why do they call them "secret" links? And is Apple finally getting real about security?

Find out in "60 Second Security" for 10 May 2014

Snapchat agrees to settlement with FTC over privacy complaints

snapchat-settlement-250

Snapchat and the FTC have come to terms in a settlement over the privacy practices of the controversial mobile message service company.

Will Snapchat be better at protecting user privacy now that it's required to be monitored by a privacy auditor for the next 20 years?