Cryptography

(get it in RSS or Atom)

Bank tests heartbeat-encoded wristbands for online authentication

UK bank tests heartbeat-encoded wristbands for online authentication

Halifax is trialing the use of a wristband to store our ECGs, given that our hearts are random number generators unique to every individual.

SSCC 189 - Hey, is that your CPU on fire? [PODCAST]

chet-chat-logo-featured-250

Join Sophos experts Chester Wisniewski and Paul Ducklin for our weekly security podcast.

Sharp, witty and educational, as usual (if we do say so ourselves)...enjoy!

But surely "export grade" means HIGHER quality? 60 Sec Security [VIDEO]

\

The latest episode of our weekly security news video...

...all in just 60 seconds, as usual.

What's SUPER and helps you to PHISH, sorry, FISH? 60 Sec Security [VIDEO]

\

Here's our weekly news roundup - from Superfish to Super Spectacles.

It's amusing, informative, and only takes a minute - enjoy!

"Cheaper car insurance" dongle could lead to a privacy wreck

snapshot-250

You'd hope that the developers of a dongle that tracks your driving paid a lot of attention to computer security.

Or, in fact, any attention at all...

Do terrorists use spam to shroud their secrets?

An article by an NSA mathematician about randomness also raises the question, "Are terrorists hiding behind spam?"

"Oops! I'm sorry about that" - 60 Sec Security [VIDEO]

Here it is - this week's 60 Second Security video.

News that will amuse, and it only takes a minute...

SSCC 163 - So THAT'S why you can't erase Flash RAM properly [PODCAST]

Here's this week's Sophos Security Chet Chat.

Our regular security podcast that turns news into useful advice...

SSCC 152 - PF Chang's, TrueCrypt (still!), the Twitter worm and the cost of scammers [PODCAST]

Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news.

As usual, they extract plenty of useful lessons during their insightful dissection of the latest issues...

Ransomware with a happy ending

rw-not-250

Fortunately, not every cybercrook in the world is a good coder.

Let's hope it stays that way...

Breach at eBay, bugs in Chip-and-PIN, busts for Blackshades - 60 Sec Security [VIDEO]

2014-05-24-thumb-250

Will the breach at eBay beat Adobe for size? Is Chip and PIN really as safe as they say? How many countries took action busting malware crooks?

All the answers in 60 Sec Security for 24 May 2014...

Chip-and-PIN should be "Chip-and-Skim," say Cambridge card-cloners

cc-250

Back in 2011, cryptographers at the University of Cambridge were approached by a man whose bank refused to refund a series of disputed transactions.

So they set out to answer the question, "Is it reasonable to assume the infallibility of Chip-and-PIN transactions?"

NIST to review standard for cryptographic development - do we really care?

NIST to review standard for cryptographic development - do we really care?

Whether you use it to protect personal data, protect customer data or secure your communications, cryptography is an integral part of our digital world, but the announcement late in 2013 that NIST is reviewing its standards for cryptography seems to have gone largely unnoticed.

WhatsApp and privacy - will Facebook make things better, worse, or both?

wa-padlock-250

WhatsApp, the super-popular SMS replacement acquired by Facebook for $19 billion, continues to wrestle with a thorny problem.

How can it tame the public's attitude to its own attitude to privacy?

SSCC 127 - Target, Microsoft, Apple, Gmail...and some amazing acoustics [PODCAST]

sscc-127-thumb-250

Chet and Duck help you to learn from recent security news, both good and bad.

In this episode: the massive Target breach; Microsoft's and Apple's attitude to updates; and how to respond to Google's recent changes to image rendering for Gmail users.

CarderPlanet bust, Target credit card breach, online safety for kids - 60 Sec Security [VIDEO]

2013-12-21-eavesdroppers-250

What prison sentence for the man who pioneered online carding? How many credit cards did Target lose? Does your encryption software "speak" to passers-by? How to keep your kids safe online over the holidays?

Find out in 60 seconds!

SSCC 126 - Zero-day, Bitcoins, passwords and randomness [PODCAST]

Turn bad news into good with "what you can do better" advice from Chet and Duck.

Learn from: an XP zero-day, a spate of Bitcoin "bank robberies," the outcome of a European user security survey, and yet another cryptographic blunder, this time from Drupal.

Facebook locks users in a closet for using same passwords/emails on Adobe

Facebook locks users in a closet for using same passwords/emails on Adobe

Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.

Anatomy of a password disaster - Adobe's giant-sized cryptographic blunder

abr-250

Learn how cryptanalysts think, and why cryptographers feel such terrible dismay when companies that really ought to know better make mammoth mistakes.

Paul Ducklin deconstructs the data leaked in Adobe's latest megabreach...

Facebook privacy, Google ads, D-Link security, CryptoLocker ransom - 60 Sec Security [VIDEO]

2013-10-19-cryptolock-250

What leaves your computer standing but your data in ruins? Should Facebook teenagers be able to message the world? How can you stop Google using your photo in ads?

Find out in this week's Sophos 60 Second Security!