Encryption

(get it in RSS or Atom)

Here we go again: Viber mobile messenger app leaves user data unencrypted

viber-250

Viber, a mobile messenger app that allows users to make phone calls and send text messages for free, also gives up plenty of free user data to anyone who wants to listen.

Will Viber, WhatsApp and Snapchat ever learn?

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

No, the US White House didn't know about Heartbleed and didn't exploit the OpenSSL bug to snoop, it said, but it's reserving the prerogative to use zero-day exploits as a wedge to pry out intelligence if it serves national security interests.

NIST to review standard for cryptographic development - do we really care?

NIST to review standard for cryptographic development - do we really care?

Whether you use it to protect personal data, protect customer data or secure your communications, cryptography is an integral part of our digital world, but the announcement late in 2013 that NIST is reviewing its standards for cryptography seems to have gone largely unnoticed.

Google switches Gmail to HTTPS only

Google switches Gmail to HTTPS only

Google is now using an always-on HTTPS connection and encrypting all Gmail messages moving internally on its servers.

Marketers, IT contractor arrested in theft of 20 million South Korean credit cards

Marketers, IT contractor arrested in theft of 20 million South Korean credit cards

The inside job, affecting 40% of the country's population, has been traced back to one IT guy inside a credit bureau plus some dodgy data buyers, who've also been arrested.

Microsoft's anti-NSA encryption pledge raises questions

Microsoft's anti-NSA encryption pledge gets the hairy eyeball

Microsoft says it's fast-tracking the encryption of consumer data and moving toward greater source-code transparency. It sounds good on paper, though there are those who question why Skype, for one, was left off the list and how in the world we can trust a for-profit software maker.

JP Morgan Chase owns up to data breach: 465,000 customers at risk

JP Morgan Chase is the latest financial institution to own up to a data breach.

The details are still scanty, but it looks as though it happened back in July, wasn't noticed until September and was only owned up to in December...

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Guess how many times "123456" was used as a password by users. If you answered "close to 2 million times," you win! Now guess which online dating site service has decided to encrypt customer records using salting and hashing in future.

Forum software vendor vBulletin breached - apparently by vBulletin hack

vbull-250

Forum software vendor vBulletin has owned up to a username-and-password breach on its forum.

Guess which forum software the company uses?

Loyaltybuild, Amazon, Facebook and Mavis Batey MBE - 60 Sec Security [VIDEO]

Why shouldn't you store unencrypted credit card numbers? How can you squeeze a positive result from a password breach? What sort of pressure was on the cryptanalysts at Bletchley Park?

Find out the answers in just one minute!

Making phishing more complex - on purpose

postepay-170

A threat that doesn't just attack, but asks you to put in a password first?

Sounds weird, but the trick worked for malware in the past, and is now being used in phishing

Fraser Howard of SophosLabs explains...

10 tips for securing your smartphone

10 tips for securing your smartphone

Remote wiping? Encryption? Secure passcode? Here are 10 tips to ensure you keep your smartphone just as secure as your PC.

Google to encrypt data "end-to-end" in effort to block NSA and other agencies

Google: US data requests have more than tripled since 2009

Google is stepping up efforts to toughen data encryption in an effort to limit unofficial snooping on user information in the wake of the revelations about the NSA and PRISM.

LastPass, hackable lights, Bradley Manning and Wackyleaks - 60 Sec Security [VIDEO]

2013-08-24-wackyleaks-250

What happened to LastPass that it needed a patch? How do Philips wireless lights handle security? What will become of Bradley Manning? And what has Wikileaks been up to lately?

Take a look at 60 Second Security and find out!

Next version of the web will have resistance to surveillance at its core

Surveillance

The Internet Engineering Task Force is planning changes to the fundamental protocol that powers the web to make it more resistant to surveillance.

Encrypted email service Silent Circle silences email in wake of Lavabit closure

scircle-250

The company pre-emptively shut down Silent Mail in anticipation of the US government getting its hands on the metadata inevitably associated with email. The move came directly after Lavabit—former email service of whisteleblower Edward Snowden—shut down amidst legal wranglings.

Secure webmail service Lavabit suspends operation, citing legal issues

Lavabit logo

If you're interested in webmail security, you've probably heard of Lavabit. It uses public key cryptography to keep your messages private even though they're stored "in the cloud."

At least, it used to. The operator of the service recently suspended it, citing legal issues he can't disclose...

SSCC 113 - Another Android hole, Tumblr forgets encryption, Nintendo under attack [PODCAST]

image-113-250

News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular quarter-hour podcast.

Why not give it a quick listen?

Some US states strengthen data breach notification laws, others ignore them

shutterstock_DataPrivacy250

Vermont and North Dakota have recently bolstered their data breach notification laws to cover more organizations and additional types of personal information. Meanwhile Michigan lost 49,000 people's names, birth dates and cancer screening records and claims they aren't protected information.

Cryptocat 'encrypted' group chats may have been crackable for 7 months

The Cryptocat project is apologizing and urging users to update immediately.

Founder and developer Nadim Kobeissi took to a live stream to address questions from a show in Germany.

Lias Vaas investigates...